[191335] in North American Network Operators' Group
Re: Use of unique local IPv6 addressing rfc4193
daemon@ATHENA.MIT.EDU (Mark Andrews)
Thu Sep 8 19:27:55 2016
X-Original-To: nanog@nanog.org
To: Pshem Kowalczyk <pshem.k@gmail.com>
From: Mark Andrews <marka@isc.org>
In-reply-to: Your message of "Thu, 08 Sep 2016 23:09:28 +0000."
<CAEaZiRXU7DH9O9EwdjFiEMgDU7dt4v62W5+9+CTJ2-rqznP7Bg@mail.gmail.com>
Date: Fri, 09 Sep 2016 09:27:46 +1000
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
In message <CAEaZiRXU7DH9O9EwdjFiEMgDU7dt4v62W5+9+CTJ2-rqznP7Bg@mail.gmail.com>, Pshem Kowalczyk writes:
> With NAT I have a single entry/exit point to those infrastructure subnets
> which can be easily policed.
> If I give them public IPs then they're routable and potentially can reach
> the internet via devices that don't police the traffic.
If you wish to believe that, believe that, but it is only wishful
thinking.
> My real question is does anyone bother with the fc00::/7 addressing
or do > you use your public space (and police that)?
ULA is normally used in parallel with public addressing if it is
used. IPv6 was designed to be deployed with multiple address and
prefixes per interface. When ULA is deployed you have ULA <-> ULA,
non-ULA <-> non-ULA. Non-privacy addresses for server functionality,
privacy addresses for client functionality.
Mark
> kind regards
> Pshem
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
