Re: A new transition plan, was: Re: the evilness of NAT-PT, was: chicago IETF IPv6 connectivity

["Stephen Sprunk" <stephen at sprunk.org>]

Thus spake "Mark Andrews" <Mark_Andrews at isc.org>
> You will still see consective addresses with IPv6.  Until
> you put a *dedicated* router at the end of the DSL line or
> on the cable modem etc.  there will still be lots of addresses
> handed out where the next address is managed by someone
> else.

That's not necessary, though it's the ideal scenario once v4 is dead in a 
decade or two and it's feasible for consumer-grade ISPs to reorganize their 
L2 networks.

In the meantime, what I've been expecting to see is that ISPs would use a 
/64 for the "shared" access subnet and then the CPE devices (a stateful 
firewall) would use DHCP PD to get a /64 for each customer's site.  This is 
entirely compatible with using PA v4 space on the access subnet and having 
the CPE NAT to RFC1918 space (typically 192.168.1/24).

Thanks to RFC 3041, you may never see two connections using the same IPv6 
address and have to block a /64 at minimum for blacklists to have any 
effect.  Fortunately, that's entirely compatible with most deployment 
scenarios, as each customer will be on their own /64 (or shorter).

S

Stephen Sprunk      "Those people who think they know everything
CCIE #3723         are a great annoyance to those of us who do."
K5SSS                                             --Isaac Asimov 



_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf