AWS Elastic IP architecture
Matthew Kaufman
matthew at matthew.at
Tue Jun 2 04:49:35 UTC 2015
On 6/1/2015 6:32 PM, Mark Andrews wrote:
> In message <CAL9jLaaQUP1UzoKag3Kuq8a5bMcB2q6Yg=B_=1fFWxRN6K-bNA at mail.gmail.com
>> , Christopher Morrow writes:
>> On Mon, Jun 1, 2015 at 9:02 PM, Ca By <cb.list6 at gmail.com> wrote:
>>>
>>> On Monday, June 1, 2015, Mark Andrews <marka at isc.org> wrote:
>>>>
>>>> In message
>>>> <CAL9jLaYXCdfViHbUPx-=rs4vSx5mFECpfuE8b7VQ+Au2hCXpMQ at mail.gmail.com>
>>>> , Christopher Morrow writes:
>>>>> So... I don't really see any of the above arguments for v6 in a vm
>>>>> setup to really hold water in the short term at least. I think for
>>>>> sure you'll want v6 for public services 'soon' (arguably like 10 yrs
>>>>> ago so you'd get practice and operational experience and ...) but for
>>>>> the rest sure it's 'nice', and 'cute', but really not required for
>>>>> operations (unless you have v6 only customers)
>>>> Everyone has effectively IPv6-only customers today. IPv6 native +
>>>> CGN only works for services. Similarly DS-Lite and 464XLAT.
>> ok, and for the example of 'put my service in the cloud' ... the
>> service is still accessible over ipv4 right?
> It depends on what you are trying to do. Having something in the
> cloud manage something at home. You can't reach the home over IPv4
> more and more these days as. IPv6 is the escape path for that but
> you need both ends to be able to speak IPv6.
...and for firewalls to not exist. Since they do, absolutely all the
techniques required to "reach something at home" over IPv4 are required
for IPv6. This is on the "great myths of the advantages of IPv6" list.
IPv6 has exactly one benefit... there's more addresses. It comes with a
whole lot of new pain points, and probably a bunch of security nightmare
still waiting to be discovered. And it for sure isn't free.
Matthew Kaufman
More information about the NANOG
mailing list