Use of unique local IPv6 addressing rfc4193
Pshem Kowalczyk
pshem.k at gmail.com
Thu Sep 8 23:43:50 UTC 2016
Hi,
That's why I asked the question - if anyone actually puts its as an
additional IP on their interfaces to keep it simple (and in-line with IPv4
policies, address allocation schemes, etc) or not. I can see the argument
both ways - if we decide to use it we'll have to either overlay it with
public IPv6 space (and provide the NAT/proxy for where we don't have any
public IPv6 assigned) or simply not use the fc00::/7 and skip the
NAT/proxy aspects of it.
So one way it's aligned with what we do already (at the cost of the
overhead) the other it's not aligned (but with potentially less overhead).
kind regards
Pshem
On Fri, 9 Sep 2016 at 11:27 Mark Andrews <marka at isc.org> wrote:
>
> In message <
> CAEaZiRXU7DH9O9EwdjFiEMgDU7dt4v62W5+9+CTJ2-rqznP7Bg at mail.gmail.com>,
> Pshem Kowalczyk writes:
> > With NAT I have a single entry/exit point to those infrastructure subnets
> > which can be easily policed.
> > If I give them public IPs then they're routable and potentially can reach
> > the internet via devices that don't police the traffic.
>
> If you wish to believe that, believe that, but it is only wishful
> thinking.
>
> > My real question is does anyone bother with the fc00::/7 addressing
> or do > you use your public space (and police that)?
>
> ULA is normally used in parallel with public addressing if it is
> used. IPv6 was designed to be deployed with multiple address and
> prefixes per interface. When ULA is deployed you have ULA <-> ULA,
> non-ULA <-> non-ULA. Non-privacy addresses for server functionality,
> privacy addresses for client functionality.
>
> Mark
>
> > kind regards
> > Pshem
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
>
More information about the NANOG
mailing list