nanog mailing list archives

Re: IPv6 allocation plan, security, and 6-to-4 conversion

From: Karsten Elfenbein <karsten.elfenbein () gmail com>
Date: Fri, 30 Jan 2015 22:16:52 +0100

Hi,

I would not recommend to run any nat over protocol versions for
clients as you would need to break DNSsec.
The clients creating connections should run dual-stack or dual-stack lite.

The only useful thing for service providers would be to proxy/nat lets
say an incoming IPv6 connection to still only IPv4 servers/services.


2015-01-30 21:32 GMT+01:00 Eric Louie <elouie () techintegrity com>:

On Fri, Jan 30, 2015 at 8:29 AM, Justin M. Streiner <streiner () cluebyfour org

wrote:

On Fri, 30 Jan 2015, Eric Louie wrote:

 It also sounds like the Internet (aka the upstream/Tier 1 carriers) don't

want me to advertise anything longer than my /32 into BGPv6.  Is that
true?
(I'm getting that from the spamming comments made by others)  Am I
supposed to be asking ARIN for a /32 for each region that I want to
address?  (They turned down my request for an increase to a /28 last year)


Not true.  A peek at the global IPv6 routing table shows lots of prefixes
that are smaller than /32.  One of the hopes with larger allocations and
assignments was that there would be less bloat in the global IPv6 routing
table because networks would need to announce fewer prefixes.  How well
that will hold up in practice remains to be seen :)

 As far as the v6 to v4 translation is concerned, I'm looking at that for

the future - for the time being, we will be dual-stacked.  However, if we
move into a new area, based on our current IPv4 inventory, I don't really
have enough to assign to each new customer, so I was looking for ways to
allow those customers access to properties that are still IPv4 only.  Is
there yet another way to do that?


If you assign a customer IPv6 space only, a translation mechanism is
needed to allow that customer to reach Internet destinations that only
speak IPv4 today.  There's no way around that.

jms


What IPv6 to IPv4 translation mechanisms are available for networks with
multiple ingress/egress points?

Current thread:

Re: IPv6 allocation plan, security, and 6-to-4 conversion, (continued)
- - - Re: IPv6 allocation plan, security, and 6-to-4 conversion Eric Louie (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion William Herrin (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion Owen DeLong (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion William Herrin (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion Valdis . Kletnieks (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion William Herrin (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion Owen DeLong (Jan 30)
  - Re: IPv6 allocation plan, security, and 6-to-4 conversion Eric Louie (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion Justin M. Streiner (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion Eric Louie (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion Karsten Elfenbein (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion Justin M. Streiner (Jan 30)
    - Re: IPv6 allocation plan, security, and 6-to-4 conversion joel jaeggli (Jan 31)
  - Re: IPv6 allocation plan, security, and 6-to-4 conversion Owen DeLong (Jan 30)
- Re: IPv6 allocation plan, security, and 6-to-4 conversion Rob Seastrom (Jan 30)
- Re: IPv6 allocation plan, security, and 6-to-4 conversion Fred Baker (fred) (Jan 30)