[arin-ppml] Encouraging IPv6 Transition

Michael Richardson mcr at sandelman.ca
Wed May 16 22:11:30 EDT 2012


>>>>> "Owen" == Owen DeLong <owen at delong.com> writes:
    Owen> No, RFC-1918 and NAT are among the key reasons to argue for
    Owen> IPv6.  Collision is just icing on the cake.

For *INTERNET* access, you are right.

I'm talking about systems which do not (intentionally) exchange packets
with the Internet, but which use IP addressing "internally"(%) to
communicate, and at the edge of these devices, they speak to an
Enterprise network of some kind.

(%)-"internally" is in quotes, because, in one case, the network plans
    to span many miles of tundra. 

1) The leak potential is large due to misconfiguration.   Sometimes
   bits of the Enterprise are used as "backbone" for these systems.
   (That's why layer-3 IP networking is so useful...)
   When the packets escape into some part of the Enterprise which does
   not know about said device, people start asking whois.
   ULA-Random may be just fine for a homenet network, but I'd never want
   to have it an Enterprise.

2) what if there are two of these devices, or two enterprises with these
   devices merge?  I can't see why the *manufacturer* of said device
   can't trivially get a /48 or /40 in Non-Connected space, and then
   stamp in a /56 or /60 (as appropriate) into each instance sold.

   Look at ethernet... you pay the IEEE $2500 once, you get your OUI
   prefix.  Done, no renewal necessary.  It's hard enough to justify 
   that $2500 once... but $1250 every year?  

   "Thanks, this IPv6 stuff is too difficult, we'll just squat on
   something.   IPv6 ULA-R gives us no advantage over RFC1918 or
   squatting."

   (Actually, IPv4 squatting is better, because if the manufacturer puts
   something useful on a web site about where they squat, google can
   find it when whois returns nonsense)


    >> But, I didn't say it was risk of collision with ULA-R that was
    >> the main problem, it is lack of reverse DNS and lack of whois
    >> that is the problem.

    Owen> Why do you need non-local RDNS and/or WHOIS for local-only
    Owen> addresses?

Why do I see large ISPs with multiple ASs?
Why isn't all their traffic local?  Why aren't their networks convex?

See above.  
One hand does not know what the other hand is doing, and does not need to.

    Owen> If the addresses should not be seen outside of your
    Owen> organization, why would you need a directory service to tell
    Owen> you who the addresses belong to?

emphasis on "SHOULD"

Take two windows laptops at two enterprises a floor apart, turn on wifi
bridging on both.  Now try to figure out where the packets are coming
from.   With RFC1918 it's already a disaster.  IPv6 doesn't need to suck
that way.

-- 
]       He who is tired of Weird Al is tired of life!           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
   Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
	               then sign the petition. 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20120516/57996758/attachment.sig>


More information about the ARIN-PPML mailing list