In message <4bc01459-b53a-4b2c-b75b-47d89550d...@delong.com>, Owen DeLong write s: > > On Oct 21, 2010, at 3:15 PM, Mark Andrews wrote: > > >=20 > > In message <e22a56b3-68f1-4a75-a091-e416800c4...@delong.com>, Owen = > DeLong write > > s: > >>>>>=20 > >>>> Which is part one of the three things that have to happen to make = > ULA > >>>> really bad for the internet. > >>>>=20 > >>>> Part 2 will be when the first provider accepts a large sum of money = > to > >>>> route it within their public network between multiple sites owned = > by > >>>> the same customer. > >>>>=20 > >>>=20 > >>> That same customer is also going to have enough global address > >>> space to be able to reach other global destinations, at least enough > >>> space for all nodes that are permitted to access the Internet, if = > not > >>> more. Proper global address space ensures that if a global = > destination > >>> is reachable, then there is a high probability of successfully = > reaching > >>> it. The scope of external ULA reachability, regardless of how much > >>> money is thrown at the problem, isn't going to be as good as proper > >>> global addresses. > >>>=20 > >> _IF_ they implement as intended and as documented. As you've > >> noted there's a lot of confusion and a lot of people not reading the > >> documents, latching onto ULA and deciding ti's good. > >>=20 > >> It's not a big leap for some company to do a huge ULA deployment > >> saying "this will never connect to the intarweb thingy" and 5-10 = > years > >> later not want to redeploy all their addressing, so, they start = > throwing > >> money at getting providers to do what they shouldn't instead of > >> readdressing their networks. > >=20 > > IPv4 think. > >=20 > > You don't re-address you add a new address to every node. IPv6 is > > designed for multiple addresses. > >=20 > That's a form of re-addressing. It's not removing the old addresses, = > but, > it is a major undertaking just the same in a large deployment.
I don't see any major difference in the amount of work required to go from disconnected ULA to ULA + PA/PI or ULA + NAT compared to disconnected PI to connected PI. Whether the machines have one or two address is inconsequential in the grand scheme of things. > >>> For private site interconnect, I'd think it more likely that the > >>> provider would isolate the customers traffic and ULA address space = > via > >>> something like a VPN service e.g. MPLS, IPsec. > >>>=20 > >> One would hope, but, I bet laziness and misunderstanding trumps > >> reason and adherence to RFCs over the long term. Since ULA > >> won't get hard-coded into routers as unroutable (it can't), > >=20 > > Actually it can be. You just need a easy switch to turn it off. The > > router can even work itself out many times. Configure multiple = > interfaces > > from the same ULA /48 and you pass traffic for the /48 between those > > interfaces. You also pass routes for that /48 via those interfaces. > >=20 > If you have an easy switch to turn it off, it will get used, thus = > meaning that > it isn't hard coded, it's just default. On by default will create a effective deterrent. > >=20 > Owen -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
