nanog mailing list archives
Re: NAT66 was Re: using "reserved" IPv6 space
From: Owen DeLong <owen () delong com>
Date: Mon, 16 Jul 2012 23:40:11 -0700
On Jul 16, 2012, at 10:20 PM, valdis.kletnieks () vt edu wrote:
On Mon, 16 Jul 2012 21:31:42 -0700, Owen DeLong said:Think HA pairs in Pittsburgh, Dallas, and San Jose. Now imagine each has different upstream connectivity and the backbone network connecting all the corporate sites lives inside those firewalls. The real solution to this is to move the backbone outside of the firewalls and connect the internal networks via VPNS that ride the external backbone and can be routed over the internet safely when a backbone link fails.Wouldn't this be even easier if you gave each machine involved multiple addresses, one ULA and one external? This isn't IPv4 anymore, you can stick multiple addresses on an interface. :)
Not really... Doesn't help with the situation where you go from
host->Firewall A-> web server on the external internet
and the response goes
web server->Firewall B-> X (Firewall B has no state table entry for the session).
Owen
Current thread:
- NAT66 was Re: using "reserved" IPv6 space Lee (Jul 16)
- Re: NAT66 was Re: using "reserved" IPv6 space Mark Andrews (Jul 16)
- Re: NAT66 was Re: using "reserved" IPv6 space Grant Ridder (Jul 16)
- Re: NAT66 was Re: using "reserved" IPv6 space Mark Andrews (Jul 16)
- Re: NAT66 was Re: using "reserved" IPv6 space Owen DeLong (Jul 16)
- Re: NAT66 was Re: using "reserved" IPv6 space valdis . kletnieks (Jul 16)
- Re: NAT66 was Re: using "reserved" IPv6 space Owen DeLong (Jul 16)
- Re: NAT66 was Re: using "reserved" IPv6 space Grant Ridder (Jul 16)
- Re: NAT66 was Re: using "reserved" IPv6 space Seth Mos (Jul 16)
- Re: NAT66 was Re: using "reserved" IPv6 space Lee (Jul 17)
- Re: NAT66 was Re: using "reserved" IPv6 space Mark Andrews (Jul 16)
- Re: NAT66 was Re: using "reserved" IPv6 space Lee (Jul 17)