Re: IPv6 Default Allocation - What size allocation are you giving out

[Owen DeLong <owen () delong com>]

On Oct 9, 2014, at 3:04 PM, Baldur Norddahl <baldur.norddahl () gmail com> wrote:

> On 9 October 2014 23:18, Roland Dobbins <rdobbins () arbor net> wrote:
>
> > On Oct 10, 2014, at 4:13 AM, Baldur Norddahl <baldur.norddahl () gmail com>
> > wrote:
> >
> > > My colleges wanted to completely drop using public IP addressing in the
> > infrastructure.
> >
> > Your colleagues are wrong.  Again, see RFC6752.
>
> Yes, for using private IP addressing RFC 6752 applies and it is why we are
> not doing it. But you seem to completely fail to understand that RFC 6752
> does not apply to the proposed solution. NONE of the problems listed in RFC
> 6752 are a problem with using unnumbered interfaces. Traceroute works. ICMP
> works. There are no private IP addresses that gets filtered.
>
> > I am wondering if all the nay sayers would not agree that is it better to
> > have a single public loopback address shared between all my interfaces,
> > than to go with private addressing completely?
> >
> > This is a false dichotomy.
> >
> > > Because frankly, that is the alternative.
> >
> > It isn't the only alternative.  The *optimal* alternative is to use
> > publicly-routable link addresses, and then protect your infrastructure
> > using iACLs, GTSM, CoPP, et. al.
> I will as soon as you send me the check to buy addresses for all my links.
> I got a few.
>
> But it appears you do not realize that we ARE using public IPs for our
> infrastructure. And we ARE using ACLs for protecting it. We are not using
> addresses for LINKS, neither public nor private. And it is not for security
> but to conserve expensive address space.

Addresses are not expensive.

You can get up to a /40 from ARIN for $500 one-tim and $100/year.

Are you really trying to convince me that you have ore than 16.7 million links?
(and that’s assuming you assign a /64 per link).

I’m sorry, but this argument utterly fails under any form of analysis.

Owen