= Сообщение: 3228 из 7440 ============================================= IPV6 = От : Michiel van der Vlist 2:280/5555 22 Jul 16 00:45:11 Кому : Markus Reschke 22 Jul 16 00:45:11 Тема : ULA FGHI : area://IPV6?msgid=2:280/5555+579155a5 На : area://IPV6?msgid=2:240/1661+578fc42d = Кодировка сообщения определена как: CP850 ================================== ============================================================================== Hello Markus,
On Thursday July 21 2016 16:22, you wrote to me:
MR>>> It's simply RFC1918 for IPv6 ;)
MvdV>> With the difference that they can be globally unique and so MvdV>> cause no conflict when merging networks.
MR> The RFC I mentioned states some numbers for the propabilities. From MR> the point of view of running networks I doubt that it gives any real MR> benefit. For IPv4-VPNs we use NAT when the addresses overlap.
Originally RFC1918 addresses were ment for /private/ networks. Networks that were NOT linked to the internet or any other network. Networks in which the systems did not have or need a coordinated globally unique address. For networks that were connected to the global internet, every "interface" was assigned a globally unique address. So that every systen enjoyed full peer to peer connectivity. That was the original idea.
That idea broke down when the IPv4 address space ran out and addresses had to be shared. Systems sharing an internet connection were assigned private addresses en gated by NAT to connect vai a single shared globally uniuqe IPv4 address
With IPv6 we can go back to the original idea of full peer to peer connectivity. Every interface has its own globally unique IPv6 address.
MR> For IPv6 it's only an issue if you got a dynamic prefix, since you MR> need a fixed prefix for B2B VPNs. Some people still got problems with MR> public and private IPv6 prefixes, because they're used to NAT, but it MR> doesn't matter.
NAT is IPv4 think. We got to wean off from that way of thinking.
MR> NAT is a feature, not security be default. If you got a public MR> fixed prefix, use that. No ULA required.
I am on the same track. I do not see much use for ULA either. The only reason I registered is that it costs nothing and if something usefull ever emerges I am on the boat. And if not, no harm done...
MR> The only benefit of ULA is, that it should be filtered at the MR> edge/border routers. Don't place your bet on that ;)
