> > The potential advantage of ULAs is that you have a stable internal > addressing scheme within the homenet, while your ISP-assigned prefix > may change over time. You run ULAs alongside your PA prefix. ULAs are > not used for host-based NAT. The implication is that all homenet > devices carry a ULA, though whether some do not also have a global PA > address is open for debate.
Yeah, there's some advantage to that. Have a "corp.foo.com" domain that is the native domain for the internal machines while the foo.com domain that is visible to the outside world has outside accessible addressing. > There's a suggestion that ULAs could be used to assist security to some > extent, allowing ULA to ULA communications as they are known to be > within the homenet. Not sure how that assists security unless you simply want to limit site-site communications to your ULA ranges only, then sure. In practice, sites often back each other up and you can have external traffic for site A using site B for its internet access, but that's not a big deal, just need to keep your internal and external traffic separated which any good admin will do as a matter of course, anyway.