[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Using IPv6 with prefixes shorter than a /64 on a LAN

On Jan 31, 2011, at 9:35 PM, eric clark wrote:

> Figure I'll throw my 2 cents into this.
> The way I read the RFCs, IPv6 is not IP space. Its network space. Unless I
> missed it last time I read through them, the RFCs do not REQUIRE
> hardware/software manufacturers to support VLSM beyond /64. Autoconfigure
> the is the name of the game for the IPv6 guys.
You misread them.

SLAAC is not supported beyond /64.

VLSM support for static configuration is required.

> Subsequently, while using longer prefixes is possible currently, I'd never
> deploy it because it could be removed from code without mention.
Correct... Just because you can does not mean it is a good idea.

> Because of the AutoConfigure  piece, I consider IPv6 to be NETWORK Space,
> rather than IP Space like IPv4. I'm issued a /48 which can be comprised of
> 65536 /64 networks, not some silly number of hosts, which can't exist
> because they are all duplicates of each other (MAC address = host
> identifier)
There is a valid point in that you should not be using autoconfigure or
ND on point-to-point links.

> Anyway, that's how I see the question that started this whole thing, I'd
> suggest using link local and RFC 4193 for internal routing and your public
> space for things that need public access or need to be accessed publicly.
Link Local is not routable, even internally. It's LINK local.

In my opinion, RFC 4193 is just a bad idea and there's no benefit to it vs.
GUA. Just put a good stateful firewall in front of your GUA.

I mean, really, how many things do you have that don't need access
to/from the internet. Maybe your printers and a couple of appliances.

The rest... All those TiVOs, Laptops, Desktops, iPads, etc. all need
public addresses anyway, so, why bother with the ULA?

> Just because they SAY there's infinite space (like they said about IPv4)
> doesn't mean we have to be stupid and wasteful with our space.
Supplying every end site with a /48 of global address space is neither
stupid or wasteful. It's a good design with some nice future-proofing and
some very nice features available if people take better advantage of the
capabilities offered as we move forward.

Just because it's more than you can imagine using today does not mean
that it is more than you will ever imagine using. I'm very happy that I have
a /48 at home and I look forward to making better use of it as the
Consumer Electronics vendors start to catch on that the internet is
being restored to full functionality for end users.