[ppml] IPv6 flawed?
Leroy Ladyzhensky
leroy at emailsorting.com
Thu Sep 13 16:35:36 EDT 2007
I totally agree with this...
I know of some companies that may have 1000 plus workstations and servers on
their internal network but would never qualify for IPv4 or IPv6 address's
because that don't need much... 10 or so real IP's
so, way down the road, when the move to IPv6 why would they number all their
inside machines just because that's the block their ISP handed to them? just
to renumber when they change to another ISP?
it bad enough now with IPv4 when only their firewall and DNS entries need to
be changed when they get a new IP block from an ISP...
As much as I hate NAT ... you can beat it in this situation...
leroy l.
----- Original Message -----
From: "Ted Mittelstaedt" <tedm at ipinc.net>
To: "Kevin Kargel" <kkargel at polartel.com>; <ppml at arin.net>
Sent: Thursday, September 13, 2007 2:35 PM
Subject: Re: [ppml] IPv6 flawed?
>
> You don't understand it because you are large enough to have your
> own allocation.
>
> For the orgs too small to meet justification requirements to get
> a direct allocation of IPv6 from an RIR, it is a big problem.
>
> They do not want to get IPv6 from an ISP AKA "local internet registry"
> and put time and money into numbering all their servers and suchlike -
> because if they find a better deal down the street from the ISP's
> (I mean local internet registry's) competitor, they want to be free
> to dump the existing ISP and go to the competitor without having to
> renumber internally.
>
> This IMHO is the single largest reason so many orgs adopted NAT.
>
> Ted
>
>>-----Original Message-----
>>From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net]On Behalf Of
>>Kevin Kargel
>>Sent: Thursday, September 13, 2007 11:15 AM
>>To: ppml at arin.net
>>Subject: Re: [ppml] IPv6 flawed?
>>
>>
>>There is nothing preventing any sysadmin now from grabbing a chunk of
>>IPv4 space that they have no need of communicating with and
>>commandeering it for "private" space. The only penalty will be that
>>they will be unable to communicate with the legitimate IP. I have
>>actually dealt with some of my customers who have VPN's to major
>>corporations and their VPN space uses IP's that belong to someone in
>>another RIR.
>>
>>I still don't understand the controversy about private IPv6 space. My
>>IPv6 allocation is plenty big. If I want a private section of it all I
>>have to do is set an access list for it in my edge routers denying
>>traffic for that subnet in or out of my network. Voila, I have a
>>private network.
>>
>>Then I have the added advantage that if I ever need temporary access to
>>the world for an internal box (let's say I want to update patches) all I
>>have to do is punch a temporary hole in the access list. No setting up
>>NAT, no renumbering, nothing fancy at all, it just instantly works.
>>
>>If I decide to peer with another network and allow them access to my
>>"private" space it is the same algorythm, I just set an access list
>>allowing traffic to and from their "private" IP space to my "private" IP
>>space. No big deal. I do have to rely on them not to transit traffic
>>to/from my space, but that same concern exists with NAT. I assume if I
>>am going to initiate peering with a neighboring network their sysadmin
>>and I will actually have a conversation before we implement the merger.
>>Part of that conversation would be the exchange of "private" netblock
>>info.
>>
>>If I buy another company or they buy me, and our networks completely
>>merge, I would see it as an advantage to maintain separate netblocks for
>>the disparate sites anyway. If it is mandatory for some reason to have
>>a homogenous and contiguaous address space, then most likely someone is
>>going to be renumbering no matter what ULA type scheme we are using.
>>
>>I am sure there is some aspect I am not paying attention to in my
>>limited need case, but for me it is not a big deal.
>>
>>
>>
>>
>>
>>> -----Original Message-----
>>> From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net] On
>>> Behalf Of Paul Vixie
>>> Sent: Thursday, September 13, 2007 12:28 PM
>>> To: ARIN PPML
>>> Subject: Re: [ppml] IPv6 flawed?
>>>
>>> > ... nothing prevents any network admin from simply picking
>>> an unused
>>> > portion of the IPv6 space and calling that private and slapping an
>>> > IPv6 NAT in front of it.
>>>
>>> easier and less risky to use ULA (see RFC 4193). it's when
>>> you want to be able to do ad-hoc networking with partners and
>>> customers that the lack of centralized WHOIS and IN-ADDR will
>>> bite you (with either the RFC 4193 approach or the
>>> above-quoted suggestion, equally.)
>>> _______________________________________________
>>> PPML
>>> You are receiving this message because you are subscribed to
>>> the ARIN Public Policy Mailing List (PPML at arin.net).
>>> Unsubscribe or manage your mailing list subscription at:
>>> http://lists.arin.net/mailman/listinfo/ppml Please contact
>>> the ARIN Member Services Help Desk at info at arin.net if you
>>> experience any issues.
>>>
>>_______________________________________________
>>PPML
>>You are receiving this message because you are subscribed to the
>>ARIN Public Policy
>>Mailing List (PPML at arin.net).
>>Unsubscribe or manage your mailing list subscription at:
>>http://lists.arin.net/mailman/listinfo/ppml Please contact the
>>ARIN Member Services
>>Help Desk at info at arin.net if you experience any issues.
>>
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to the ARIN
> Public Policy
> Mailing List (PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/ppml Please contact the ARIN Member
> Services
> Help Desk at info at arin.net if you experience any issues.
>
More information about the ARIN-PPML
mailing list