IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks)
Enno Rey
erey at ernw.de
Fri Mar 2 09:39:12 UTC 2018
Hi,
On Thu, Mar 01, 2018 at 09:30:32PM -0500, Harald Koch wrote:
> On 1 March 2018 at 18:48, Mark Andrews <marka at isc.org> wrote:
>
> > ULA provide stable internal addresses which survive changing ISP
> > for the average home user.
>
>
> Yeah this is pretty much what I'm doing. ULA for stable, internal addresses
> that I can put into the (internal) DNS: ISP prefixes for global routing.
> Renumbering is hard.
as is proper (source|destination) address selection in a sufficiently complex environment.
for interest: for a system which must be both globally and internally reachable, which address do you put into which DNS?
>
> All of the objections I've seen to ULA are actually objections to (IPv6)
> NAT, which is why I was confused.
the main objection against ULAs is avoidance of complexity in environments where at least some systems need global reach(ability), which applies to pretty much all environments nowadays.
best
Enno
>
> (As it turns out my ISP prefix has been static for years, but I'm too lazy
> to undo all of the work...)
>
> --
> Harald
--
Enno Rey
ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de
Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902
Handelsregister Mannheim: HRB 337135
Geschaeftsfuehrer: Matthias Luft, Enno Rey
=======================================================
Blog: www.insinuator.net || Conference: www.troopers.de
Twitter: @Enno_Insinuator
=======================================================
More information about the NANOG
mailing list