[ppml] IPv6>>32
Owen DeLong
owen at delong.com
Mon May 16 14:08:55 EDT 2005
> = Person who has requested that I remove attributions when I quote him
>> = Owen DeLong (me)
>> Your enterprise does not have to be particularly large for renumbering
> to
>> be a complex task. Imagine even a small company with a couple of
> hundred
>> customers who connect over VPN tunnels. Now, imagine renumbering all of
>> the virtual addresses used on the client side and all of the tunnel end
>> point addresses for that series of customer connections in order to
>> switch providers.
>
> I'm afraid I can't imagine this since I do not have the IPv6
> operational experience to extrapolate. I do know enough to realize
> thatr my IPv4 experience does not apply. Does anyone here know of
> a resource that explains how IPv6 renumbering is accomplished in
> a real-world operational context? I know that there are many
> medium-sized networks who have gone through IPv6 renumbering recently
> as they transitioned off the 6-bone tunnels and onto native
> IPv6 networks.
Why is it that you dream that IPv6 renumbering will affect tunnel endpoints
for IPSEC and ACL entries differently from the way that IPv4 renumbering
effects them? Admittedly, I have very minimal IPv6 opex with this, but,
what little I have suggests that there is more similarity than difference.
In general, due to security considerations, these addresses are statically
assigned and manually propogated to the configuration files of multiple
devices (and often to multiple configuration files per device) across
organizational unit and even organizational boundaries.
Owen
--
If it wasn't crypto-signed, it probably didn't come from me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20050516/b6be9aef/attachment.sig>
More information about the ARIN-PPML
mailing list