Matthew Dempsky wrote: > On Wed, Dec 17, 2008 at 12:43 AM, Jeroen Massar <jer...@unfix.org> wrote: >> I guess there is a practical use here, that is, if your tools all >> understand IPv6, because then you only have an IPv6 "NAT" to IPv4 and >> you skip the IPv4 NAT to IPv4 in case you don't have any IPv4 addresses >> for your local network. > > It's possible he has a network so large that he has run out of IPv4 > addresses, but I suspect if that was the case, he wouldn't be asking > for help here. :-)
SWITCH, which is the NREN for the universities in Switzerland, has enough address space to go by as far as I know, and most universities have been assigned enough address space to have fun with it too, thus I don't think that is a problem. > In practical terms, running a dual-homed client is much simpler than > running a pure IPv6 client and configuring a proxying router. That's > all I was trying to point out. I fully agree. >> As he has native IPv6 connectivity he doesn't need a tunnel broker. > > No, he explicitly stated that he does not have native IPv6 > connectivity in the sentence I quoted. He also reaffirmed this later > by saying "The gateway's external interface is ipv4 only." Hmm, indeed, thus he is using a chunk of the real allocated IPv6 address space from uzh.ch (2001:620:10::/48), but doesn't actually route it, that is the part that confused me. I am wondering how totd handles hosts that have a real IPv6 address, especially as he seems to have a disconnected network, thus in the case that totd keeps the real IPv6 address, he would have blackholed himself that way. I am now also wondering what the point of this is, as it is much easier to then just NAT an IPv4 block, because then stuff just works without any trickery. Especially as a lot of clients simply don't support IPv6 properly yet. HTTP is not the only protocol and such. And if you are going to configure all the clients anyway and expect only to use HTTP, then it is much easier to just setup an HTTP proxy on the gateway than do all this trickery. Greets, Jeroen [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
