[148881] in North American Network Operators' Group
Re: using ULA for 'hidden' v6 devices?
daemon@ATHENA.MIT.EDU (Mark Andrews)
Wed Jan 25 17:52:27 2012
To: "Justin M. Streiner" <streiner@cluebyfour.org>
From: Mark Andrews <marka@isc.org>
In-reply-to: Your message of "Wed, 25 Jan 2012 10:51:46 CDT."
<Pine.LNX.4.64.1201251037480.16219@whammy.cluebyfour.org>
Date: Thu, 26 Jan 2012 09:51:13 +1100
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
In message <Pine.LNX.4.64.1201251037480.16219@whammy.cluebyfour.org>, "Justin M
. Streiner" writes:
> Is anyone using ULA (RFC 4193) address space for v6 infrastructure that
> does not need to be exposed to the outside world? I understand the
> concept of having fc00::/8 being doled out by the RIRs never went
> anywhere, and using space out of fd00::/8 can be a bit of a crap-shoot
> because of the likelihood of many organizations that do so not following
> the algorithm for picking a /48 that is outlined in the RFC.
>
> There would appear to be reasonable arguments for and against using ULA.
> I'm just curious about what people are doing in practice.
>
> jms
A lot has to do with whether you have PA addresses of not. As for picking
a random prefix I suspect most home CPE devices will do the right thing.
It's also easy to do the right thing. I just did
"dd if=/dev/random count=1 bs=5 | od -x"
and pulled the hex dig digits out to construct the ULA I use at home. A
little bit prettier version is below.
#!/bin/sh
dd bs=5 count=1 if=/dev/random 2> /dev/null |
od -t x1 |
awk 'NF == 6 { print "f8" $2 ":" $3 $4 ":" $5 $6 }'
If you don't want to use /dev/random
(ifconfig -a ; date ; netstat -na) | md5 |
sed 's/\(..\)\(....\)\(....\).*/f8\1:\2:\3/'
There are lots of ways to generate a suitable prefix.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
