[100101] in North American Network Operators' Group
Re: 240/4
daemon@ATHENA.MIT.EDU (Daniel Senie)
Tue Oct 16 18:08:47 2007
Date: Tue, 16 Oct 2007 18:01:51 -0400
To: David Ulevitch <davidu@everydns.net>
From: Daniel Senie <dts@senie.com>
Cc: nanog@nanog.org
In-Reply-To: <47152B36.6040907@everydns.net>
Errors-To: owner-nanog@merit.edu
At 05:20 PM 10/16/2007, David Ulevitch wrote:
>Daniel Senie wrote:
>>If all of 240/4 is given over without guidance to private address use, a
>>huge mess will follow, should we later decide it safe to use on the
>>public network.
>
>Nobody would allow that to happen. Once it goes RFC1918, it would
>never go back.
>
>Adding four /8's to the IPv4 RIR assignable space (as you suggest)
>isn't buying anyone any time before we run out.
No. It would provide a play space where this could be explored
further, and may be of use for private interconnects between some
companies. It would not hurt anything to allocate this space.
>The effort someone would spend figuring out if 204/4 is reachable
>and not-pain-inducing in their infrastructure is better spent
>figuring out how to make IPv6 work within their sphere of responsibilities.
The code changes to solid, proven IPv4 stacks to allow 240/4 to work
are likely to expose enterprises to very little risk. Certainly we
can expect it to be a lot less risk than IPv6 stacks which are at
this point largely unproven. Adding additional IPv4 space from 240/4
may well buy enterprises enough time in the IPv4 world for IPv6 to
receive sufficient code coverage and native deployment for
corporations to accept the risk of introducing IPv6 on a broad scale.
I know you're trying to beat the drum that everyone should get off
their posteriors and roll out IPv6, but every time I go research
another product that'd be needed, it's not ready. The latest was in
reading the release notes for firewalls from one vendor. Sure the
boxes will handle IPv6 in some fashion, but oh, sorry, you wanted to
deploy a redundant pair of firewalls? The stateful synchronization
isn't ready yet.
Given the relative simplicity of the code change to activate 240/4 in
an IPv4 stack, it's likely all major vendors could have patches out
for allowing its use in private networks with little risk and little
expendature of time. It's quite likely such changes could be out a
very long time before IPv6 stacks in firewalls, routers and hosts
receive sufficient testing to be deemed safe.