nanog mailing list archives

Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks)

From: Owen DeLong <owen () delong com>
Date: Fri, 2 Mar 2018 04:01:30 -0800

For that matter, if we can kill IPv4, we have plenty of headroom for a LOT of IPv6 PI space.

Owen

On Mar 1, 2018, at 4:48 PM, Matt Erculiani <merculiani () gmail com> wrote:

Not sure if this is the common thought, but if anyone has a network
which requires static IP assignments, they can probably justify a
request for a /48 from an RIR.  After all, ARIN's requirement for an
end-user IPv6 block is, at minimum: "Justify why IPv6 addresses from
an ISP or other LIR are unsuitable". I would think that ISP
portability would satisfy this requirement, but If I'm wrong, I'm
absolutely open to being corrected on this. But most home users have
no need for static IPs, so the dynamic ISP assignment is perfectly
fine.

I think the tech will advance fast enough that keeping up with an IPv6
route table will be a non-issue. IPv6 adoption is, unfortunately, slow
enough that there will be no issues keeping up, even assuming a "slow"
hardware refresh cycle.

-M

On Thu, Mar 1, 2018 at 5:48 PM, Mark Andrews <marka () isc org> wrote:

On 2 Mar 2018, at 9:28 am, Owen DeLong <owen () delong com> wrote:

On Mar 1, 2018, at 1:20 PM, Harald Koch <chk () pobox com> wrote:

On 1 March 2018 at 15:18, Owen DeLong <owen () delong com <mailto:owen () delong com>> wrote:
Second, RFC-1918 doesn’t apply to IPv6 at all, and (fortunately) hardly anyone
uses ULA (the IPv6 analogue to RFC-1918).

Wait. What's the objection to ULA? Is it just that NAT is bad, or is there something new?


No particular objection, but I don’t see the point.

What can you do with ULA that GUA isn’t suitable for?

Owen


ULA provide stable internal addresses which survive changing ISP
for the average home user. Now, I know you can do the same thing
by going to a RIR and getting a prefix but the RIR’s aren’t setup
to supply prefixes like that to 10 billion of us.

They are also in a specific range which makes setting filtering
rules easier for everyone else.

Now I would love it if we could support 100 billion routes in the
DFZ but we aren’t anywhere near being able to do that which would
be a requirement for abandoning ULA.  Until them they have there
place.

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka () isc org

Current thread:

Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks), (continued)
- - - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Harald Koch (Mar 01)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Enno Rey (Mar 02)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Saku Ytti (Mar 02)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Owen DeLong (Mar 02)
    - Re: IPv6 Unique Local Addresses sthaug (Mar 02)
    - Re: IPv6 Unique Local Addresses Owen DeLong (Mar 02)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Owen DeLong (Mar 02)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Matt Erculiani (Mar 02)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Mark Andrews (Mar 01)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Owen DeLong (Mar 02)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Owen DeLong (Mar 02)
  - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Bjørn Mork (Mar 02)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Owen DeLong (Mar 02)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Bjørn Mork (Mar 02)
    - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Owen DeLong (Mar 02)
  - Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) John Levine (Mar 02)