From: Scott Morris (swm@emanon.com)
Date: Mon Jun 21 2004 - 23:29:43 GMT-3
So, then it's true... It was designed to give "Lack of Subnetting for
Dummies" a run for its money! I just don't get why people can't handle NAT
and subnetting in the v4 space, which is nice enough to work in decimal
renditions, and yet they think it is a great idea to give buttloads of
addresses to people, but do it in a hexadecimal format... Which is, of
course, MUCH simpler to deal with.
Oh yeah, and don't forget that :: thing too! This will bring IP to the
masses? Come on.
Mathematically, it's all workable, and I don't have a problem with the
technical end... I just believe it was designed for a set of bad reasons,
and bad philosophy doesn't make good policy.
Ah well, enough rant for me. :)
Scott (who believes IPv6 is Evil and was most likely designed by Saddam
Hussein and/or Adolf Hitler)
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Howard C. Berkowitz
Sent: Monday, June 21, 2004 9:10 PM
To: ccielab@groupstudy.com; security@groupstudy.com
Subject: IPv6 for Scott Morris
At 8:29 PM -0400 6/21/04, Scott Morris wrote:
>
>
>Let's move on to other important things like why IPv6 should be dropped
>from the face of the Earth and never be used on a CCIE exam, let alone
>a real network
Let me say that I support the use of IPv6, and indeed take some of the
blame; I was in the plenary meeting at the Toronto IETF that made the final
decision on IPng (among the several candidates). That being said, I see a
great many proposals for using IPv6 to be made for very bad reasons. There
are also some unsolved problems with IPv6 implementation, especially in
multihoming, but also in architectural indecisiveness in separating -- or
not separating -- the functions of locator and identifier.
There are still a lot of people that believe the reason for going to the
128-bit address space was to have enough room to give a static address to
every insect. Expanding the static address space, in fact, was one of the
non-goals of IPv6 design.
IPv6 consciously, deliberately wastes space in the address field.
This was done, in large part, to avoid the gyrations one goes through in
figuring out how much of a prefix can be summarized. Much of the
IPv6 address space is as-yet unallocated, but such things as the unicast
public address space is designed to be principally fixed-field. The format
ID bits at the start of the address give the format of the rest, but in a
way far more flexible than the four bits used in IPv4 classful addressing.
Why have fixed-length TLAs and NLAs (and yes, there are nuances of splitting
the NLA)? The simple answer is to make it simple to change providers.
People are generally aware of there being two mechanisms to get the
low-order part of a station's addres: stateful DHCPv6 and stateless
autoconfiguration. In stateless autoconfiguration, end stations learn the
high-order part of their address from the local router.
What is more of a mystery is how the _routers_ learn the high-order address.
While they can, of course, be statically configured, the
IPv6 suite includes a Router Renumbering Protocol by which a router can
dynamically learn the TLA/NLA. Typically, SLAs will be partially manually
configured (much like OSPF or ISIS areas).
In an ideal scenario, let's say you change ISPs, and you are using
provider-assigned address space that is supposed to change. In IPv4, this
can be quite painful, depending on how well you have prepared your hosts --
but there are really no good and general mechanisms to renumber your routers
and figure out your new external prefix.
Believe me, I tried -- I wrote
http://www.isi.edu/in-notes/rfc2072.txt , the "IPv4 Router Renumbering
Guide".
But in the IPv6 world, your external router activates a connection to an ISP
router, and the enterprise router plaintively asks, in IPv6 Router
Renumbering Protocol, "who am I?" The provider router, assuming it speaks
this protocol, will respond, securely, with the new high-order bits of the
address (basically TLA and NLA for enterprises). Your external edge routers
now propagate this new prefix into hierarchically lower routers, which pick
up SLA bits as the information propagates downward. Eventually, everything
above the end station identifier is floating around edge LANs in Router
Advertisement packets (ICMPv6).
An end station can then concatenate this prefix to its MAC address or other
locally significant identifier, and, BANG -- it's addressed.
Good practice would have it register the address with Dynamic DNS.
Meanwhile, if you have hosts that don't need direct external connectivity,
they are happily going along in the site-local space (i.e., IPv6's
equivalent to RFC 1918). It may be that the only things that really need to
get new prefixes are the outside addresses of your firewalls and external
router.
Depending on the specific design, you may indeed be able to avoid overloaded
NAT and go one-to-one with provider addresses. This isn't such a strain on
your provider if they can just aggregate the SLA and below in their customer
edge routers, so they only need to advertise TLA and NLA, or, in large
providers, TLA alone, to the rest of the world.
Do note that we are still experimenting with how to grow the Internet. While
the CIDR assumption has been provider-based aggregation, IPv6 architecture
consciously allows for assigning TLA's and/or NLA's to geographical exchange
points, thus allowing for geographical as well as provider-based
aggregation.
There are other reasons for IPv6, but I wanted to touch on some of the ones
I find are least well understood.
This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:46 GMT-3