[ppml] PIv6 for legacy holders (/w RSA + efficient use)
Keith W. Hare
Keith at jcc.com
Mon Jul 30 08:25:34 EDT 2007
> -----Original Message-----
> From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net] On
> Behalf Of michael.dillon at bt.com
> Sent: Monday, July 30, 2007 7:22 AM
> To: ppml at arin.net
> Subject: Re: [ppml] PIv6 for legacy holders (/w RSA + efficient use)
>
> > With IPv4, NAT allows one to isolate most of the internal
> > network by using non-routable addresses. So, switching ISPs
> > means renumbering the external nodes and revising some
> firewall rules.
> >
> > With IPv6, without NAT, switching vendors with PA space means
> > renumbering both the external and the internal network.
>
> With IPv6, ULA addressing defined in RFC 4193
> http://www.ietf.org/rfc/rfc4193.txt allows one to isolate most of the
> internal network using non-routable addresses. Combine that with the
> typical enterprise configuration of firewall, web proxy, and internal
> email service. You don't even need NAT in this scenario.
>
rfc4193 describes a mechanism for allocating local addresses that are
not routed outside of a site.
However, any node that needs to be reachable from outside of the site or
any node that needs to communicate with nodes outside of the site also
needs to have a global address.
How does this help?
Keith
More information about the ARIN-PPML
mailing list