nanog mailing list archives

Re: Addressing plan exercise for our IPv6 course

From: Owen DeLong <owen () delong com>
Date: Sat, 24 Jul 2010 10:42:19 -0700


On Jul 24, 2010, at 8:50 AM, Matthew Kaufman wrote:

Owen DeLong wrote:


Why on earth would you do that? Why not just put the provider-assigned
addresses on the interfaces along side the ULA addresses? Using ULA
in that manner is horribly kludgy and utterly unnecessary.

Because, although one of the original goals of IPv6 was for hosts to be easily multihomed at multiple addresses like 
this, host software (and even some of the required specifications) isn't really isn't there yet, and often the wrong 
thing happens.

Host software is there, but, it requires some education on how to configure it.
You do have to properly set up the rules for which addresses to use for what
communication properly. It breaks less if you forego the ULA brokenness,
but, some people insist for whatever reason.

Never mind that the timescale for IPv6 deployment, no matter how long it is, will be shorter than the timescale for 
updating PCI, HIPPA, and SOX audit checklists to remove the requirements around "hide internal topology" and "do not 
use public addresses on any interface of critical hosts".


I expect the PCI changes to be out in less than a year. HIPPA and SOX may
take closer to two years, maybe even three.

I don't expect enterprise-wide adoption of IPv6 to be significant in less than
5 years. The big push for IPv6 right now needs to be on the public-facing
services side which doesn't have hidden topology by definition.


Why is that easier/cheaper than changing your RAs to the new provider and
letting the old provider addresses time out?

This would *also* require multihoming to actually work properly, only worse as the rules for selecting ULA vs PA 
routes are usually more right than the rules for selecting one PA vs another PA as an outbound interface, even if 
your host does multiple default routes properly. Even if all your hosts end up with external connectivity that works, 
the odds that they can reliably talk to each other is low.

Why use rules for selection... Simply have the RAs contain proper priorities
for the ones you want to use at any particular moment and change the RA
priorities as needed.

Owen

Current thread:

Re: Addressing plan exercise for our IPv6 course, (continued)
- - - Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 27)
    - Re: Addressing plan exercise for our IPv6 course Mark Smith (Jul 29)
    - Re: Addressing plan exercise for our IPv6 course Tim Franklin (Jul 29)
    - Re: Addressing plan exercise for our IPv6 course Valdis . Kletnieks (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Saku Ytti (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Saku Ytti (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Matthew Kaufman (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Karl Auer (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Karl Auer (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Mark Smith (Jul 29)
    - Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 29)
    - Re: Addressing plan exercise for our IPv6 course Jens Link (Jul 25)
    - Re: Addressing plan exercise for our IPv6 course Jens Link (Jul 25)
    - Re: Addressing plan exercise for our IPv6 course Joe Maimon (Jul 22)
    - Re: Addressing plan exercise for our IPv6 course Marco Hogewoning (Jul 23)
    - Re: Addressing plan exercise for our IPv6 course Matthew Kaufman (Jul 23)
    - Re: Addressing plan exercise for our IPv6 course JORDI PALET MARTINEZ (Jul 23)
    - Re: Addressing plan exercise for our IPv6 course Matthew Kaufman (Jul 23)

(Thread continues...)