[arin-discuss] Trying to Understand IPV6
Scott Leibrand
scottleibrand at gmail.com
Mon Sep 13 16:47:01 EDT 2010
On Mon 9/13/2010 1:17 PM, Mike Lieberman wrote:
> I have been reading all these discussions (mostly silently) for a long, long
> time. I understand what a /48 is and a /56, /64 and /128. I understand the
> notation.
>
> Quite frankly what I don't get is why anyone thinks that consumers want
> public numbers inside their home/LANs. Once my customers understood the
> benefit of hiding behind a NAT, they embraced it quite emphatically.
Yes, the stateful firewall aspect of their NAT box is quite useful. I
suspect all IPv6-capable home routers will still run a stateful firewall
with a default-closed policy on incoming traffic.
> Put a private residence on public IPv6? Sorry but that makes no sense.
I'd like to be able to have my phone communicate with my home boxes, at
line rate, regardless of whether I'm on my home wi-fi, or out on someone
else's network. If both devices have public IPv6 addresses, I could
initiate a connection, in either direction, using IPsec to provide
end-to-end security, and ensure that everything is always instantly in
sync between the devices, without having to go through a server.
Both Apple (with Bonjour) and Microsoft are doing a good job of getting us
back to seamless network device discovery and integration using IPv6
link-local addresses on the local LAN. There's no reason as we deploy v6
globally that we shouldn't be able to extend this across the Internet.
But if you implement v6 NAT, that's exactly the kind of innovation you'd
prevent.
> Yes I agree that I don't know what people will need in 20 years. And YES it
> is nice that we will have address space in 20 years. But allocating a /48 to
> a home that today uses an IPv4 /30 with a private NAT seems beyond humorous.
> It just sounds insane. Using private addressing that home already
> potentially has access thousands of subnets and millions of addresses.
>
> RFC 4193 provides even more addresses for use with firewall/NAT appliances.
> Why does a home or business using RFC 4193 need a /48 or even a /56 or /64.
>
> Just because we have the numbers does not mean we should distribute them.
Quite a few home networks run two SSIDs, one WPA2-encrypted for private
use, and one open for guests. Each of those should have its own /64.
That means I need at least a /56.
-Scott
>
> _________________________
> Mike Lieberman, President
> Net Wright LLC
> Tel: +1-307-857-4898
> Fax: +1-307-857-4872
>
>
> -----Original Message-----
> From: arin-discuss-bounces at arin.net [mailto:arin-discuss-bounces at arin.net]
> On Behalf Of Dan White
> Sent: Monday, September 13, 2010 1:28 PM
> To: Tim Howe
> Cc: arin-discuss at arin.net
> Subject: SPAM: Re: [arin-discuss] Trying to Understand IPV6
>
> On 13/09/10 12:01 -0700, Tim Howe wrote:
>> On Mon, 13 Sep 2010 19:32:33 +0100
>> <michael.dillon at bt.com> wrote:
>>
>>>> If I assigned a customer say an IPV4 /21 in IPV6 this would translate
>>>> into a /56? If I'm not mistaken a /56 would translate into something
>>>> like 65,000 host addresses? That just seems like a lot of hosts to me,
>>> Anyone in this position should simply assign a /48 to every customer site
>>> no matter how big or small. A one bedroom apartment gets a /48. A
> manufacturing
>>> plant with 5 buildings including a 4-story office block, gets a /48.
>>> No exceptions.
>> This is slightly different than I have been led to think... It
>> seems wise, when you know the customer has no intention of having
>> multiple networks, to provide a /64. Not because you fear wasting
> Consider a long range scenario for that customer. A scenario in which they
> may purchase networking equipment for multiple purposes in 5 or 10, or 20
> years that performs layer two separation between different functions in
> their network. E.g. Wifi, Bluetooth/USB, appliances, voice, video, visitor
> access, alarm system, automobiles, utilities, etc.
>
> I find it benefitial to consider that I probably don't know what a
> customer's network will look like in 20 years, and a /48 per customer is
> probably wisest until we've gained more operational experience with IPv6 in
> our own network.
>
>
>
> _______________________________________________
> ARIN-Discuss
> You are receiving this message because you are subscribed to
> the ARIN Discussion Mailing List (ARIN-discuss at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-discuss
> Please contact info at arin.net if you experience any issues.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-discuss/attachments/20100913/8b8b3440/attachment.html>
More information about the ARIN-discuss
mailing list