[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks)

For that matter, if we can kill IPv4, we have plenty of headroom for a LOT of IPv6 PI space.


> On Mar 1, 2018, at 4:48 PM, Matt Erculiani <merculiani at gmail.com> wrote:
> Not sure if this is the common thought, but if anyone has a network
> which requires static IP assignments, they can probably justify a
> request for a /48 from an RIR.  After all, ARIN's requirement for an
> end-user IPv6 block is, at minimum: "Justify why IPv6 addresses from
> an ISP or other LIR are unsuitable". I would think that ISP
> portability would satisfy this requirement, but If I'm wrong, I'm
> absolutely open to being corrected on this. But most home users have
> no need for static IPs, so the dynamic ISP assignment is perfectly
> fine.
> I think the tech will advance fast enough that keeping up with an IPv6
> route table will be a non-issue. IPv6 adoption is, unfortunately, slow
> enough that there will be no issues keeping up, even assuming a "slow"
> hardware refresh cycle.
> -M
> On Thu, Mar 1, 2018 at 5:48 PM, Mark Andrews <marka at isc.org> wrote:
>>> On 2 Mar 2018, at 9:28 am, Owen DeLong <owen at delong.com> wrote:
>>>> On Mar 1, 2018, at 1:20 PM, Harald Koch <chk at pobox.com> wrote:
>>>> On 1 March 2018 at 15:18, Owen DeLong <owen at delong.com <mailto:owen at delong.com>> wrote:
>>>> Second, RFC-1918 doesnâ??t apply to IPv6 at all, and (fortunately) hardly anyone
>>>> uses ULA (the IPv6 analogue to RFC-1918).
>>>> Wait. What's the objection to ULA? Is it just that NAT is bad, or is there something new?
>>> No particular objection, but I donâ??t see the point.
>>> What can you do with ULA that GUA isnâ??t suitable for?
>>> Owen
>> ULA provide stable internal addresses which survive changing ISP
>> for the average home user. Now, I know you can do the same thing
>> by going to a RIR and getting a prefix but the RIRâ??s arenâ??t setup
>> to supply prefixes like that to 10 billion of us.
>> They are also in a specific range which makes setting filtering
>> rules easier for everyone else.
>> Now I would love it if we could support 100 billion routes in the
>> DFZ but we arenâ??t anywhere near being able to do that which would
>> be a requirement for abandoning ULA.  Until them they have there
>> place.
>> Mark
>> --
>> Mark Andrews, ISC
>> 1 Seymour St., Dundas Valley, NSW 2117, Australia
>> PHONE: +61 2 9871 4742              INTERNET: marka at isc.org