Re: I-D ACTION:draft-ietf-ipv6-ula-central-02.txt

Thu, 05 Jul 2007 18:16:36 -0700 

Thus spake "Perry Lorier" <[EMAIL PROTECTED]>

Stephen Sprunk wrote:
The fact that one _can_ assign both ULAs and PA space to hosts is irrelevant; I'm well aware of that. NAT is perceived by IT folks as less hassle than renumbering hosts. PA space implies frequent renumbering. Therefore, many (most?) IT depts who cannot get PI space will use NAT rather than assign PA space to hosts. 


However in IPv4 you can have PA xor PI space, you can't have both at the 
same time.  With IPv6 you can have PA+"private PI" (aka ULA) space.


See above.


Changing your PI space every time your modem dials up is perhaps a bit 
extreme, but it shows that you can ""renumber"" your network rapidly in 
some situations.



A single host is easy to renumber.  A small network with one router is only 
slightly more complicated.  However, renumbering a medium-sized or large 
network can take months to years to accomplish and hundreds of thousands of 
dollars in manpower.



Problems occur for externally facing services,



As a general rule, clients are easy to renumber, whereas servers are 
difficult and firewalls are even worse.  And I'm including human costs and 
resistance in that; changing the address on an interface is almost a 
nonevent in comparison.



but that doesn't seem insurmountable for an organisation that's likely to
only change PI space at most every year or so.



Why would you ever change PI space?  The issue is changing PA space, and 
that's something that may need to be done every few weeks as upstream links 
go up and down.  Compare to the cost of a NAT box and the choice is easy.



If your choices are PI vs PA then yeah NAT does look very attractive, but 
if you can have PA and "private"-PI (aka ULA) then things look a lot less 
blurred (IMHO).


IMHO, you underestimate how much IT folks hate renumbering.

S

Stephen Sprunk      "Those people who think they know everything
CCIE #3723         are a great annoyance to those of us who do."

K5SSS                                             --Isaac Asimov 




--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------





























					Reply via email to