[arin-ppml] FW: IPv6 Non-connected networks
Michael Richardson
mcr at sandelman.ca
Mon Mar 29 12:53:18 EDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> "Matthew" == Matthew Kaufman <matthew at matthew.at> writes:
Matthew> The problem is that you weren't already advertising a
Matthew> /32. You were hoping to advertise your /48, which is all
Matthew> the PI space you could get and afford, but your ISP
Matthew> wouldn't let you. Just like they won't let you announce the
Matthew> /119 either.
All of this is IPv4 think.
IPv6 networks have multiple prefixes(%)
You were using the NCN for internal use.
You had a /48 from each ISP, split up into /64s. Most of your
internal-only operations had no visibility to the Internet.
(You might want to use good ol' fashion SOCKS and algorithm-gateways and HTTP
proxies to get your system patches. If you like I have Raptor Eagle,
Milkyway Blackhole, and TIS FWTK binaries from the early 1990s)
You let a /64 from one ISP through to some machine that external support
needs to access (no, it's not a /119. It's a /64). You might even run
this through a transparent firewall/packet filter too.
(%) While Owen has documented why he feels multiple prefixes won't work,
but I've never had the problems he describes.
- --
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
then sign the petition.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Finger me for keys
iQEVAwUBS7Da/YCLcPvd0N1lAQIt7gf+JXLR0osv/sDJVQ4H9zJhx9LQbEJw2Acz
XUjUFzJj2LVzP1Z6cnqXzkbe+3A8JS4xbO7IKmohnDHn/KgZeXnAoMY2JbZYyi3T
jOF0CK3KLI7f8ln/Vp/7SFobSO84dnbcSFV74B6htKOEmtw9J4rpHnDA3vqA7jMH
sTfhGAavSY9a1Oa+pgCn0X8bHAv4zquIag/xXJxYSOUXrMdSfk/vhGVTuX6WvitT
74onh+SGYLZ/Zh9HpRGrVj/ixZrbPMMMRnmgzRZWvwKxqVhJsPQsbymKdfmzd3F/
GnXe7pb2y4DJOMwTWlu7LEnDNoyoOb3+wJbgNdoEwUjM6r9iWtC+7g==
=Iezl
-----END PGP SIGNATURE-----
More information about the ARIN-PPML
mailing list