> On Mar 2, 2018, at 1:50 AM, Saku Ytti <s...@ytti.fi> wrote: > > Enno et al ULA fans > > I could not agree more. > > Either you provide your enterprise customers transportable address or > ULA. If you assign and promote them to use your 'PA' address, they > will take your PA address with them when they change operator 10 years > from now, and if you reuse it, these two customers cannot reach each > other. Why? Because anyone who has worked at non-trivial size > enterprise knows that even just finding out what needs to be done, to > renumber internal networks is massively long, expensive and error > prone proposal, there will be tons of documents and scripts in > non-standard locations containing IP addresses punched in.
This, right here, is inherently the a very good reason NOT to use ULA IMHO. See, no matter how widely you deploy ULA, those same scripts are still going to use the provider assigned public addresses that work for all the things they care about and not just local connectivity. Instead, you adopted a false sense of security and made it more confusing when things do get renumbered. I completely agree that PI is the way to go and that PA was a silly idea whose time is long past. For home users, perhaps PA is OK for a little while longer (wouldn’t make me happy in my home, but I’ve got PI, so whatever other folks want to do isn’t my problem here). > No matter how well you do your job, you cannot impact how others do, > and you must expect them to continue working as they have in the past, > and you must realise when that poses risk to yourself and protect > yourself from that. Which won’t happen with ULA. > ULA at inside and 1:1 to operator address in the edge is what I've > been recommending to my enterprise customers since we started to offer > IPv6 commercially. Fits their existing processes and protects me from > creating tainted unusable addresses. Oh, please. NAT all over again? That’s another inherently very good reason NOT to use ULA. Owen > > > On 2 March 2018 at 11:39, Enno Rey <e...@ernw.de> wrote: >> Hi, >> >> On Thu, Mar 01, 2018 at 09:30:32PM -0500, Harald Koch wrote: >>> On 1 March 2018 at 18:48, Mark Andrews <ma...@isc.org> wrote: >>> >>>> ULA provide stable internal addresses which survive changing ISP >>>> for the average home user. >>> >>> >>> Yeah this is pretty much what I'm doing. ULA for stable, internal addresses >>> that I can put into the (internal) DNS: ISP prefixes for global routing. >>> Renumbering is hard. >> >> as is proper (source|destination) address selection in a sufficiently >> complex environment. >> for interest: for a system which must be both globally and internally >> reachable, which address do you put into which DNS? >> >> >>> >>> All of the objections I've seen to ULA are actually objections to (IPv6) >>> NAT, which is why I was confused. >> >> the main objection against ULAs is avoidance of complexity in environments >> where at least some systems need global reach(ability), which applies to >> pretty much all environments nowadays. >> >> best >> >> Enno >> >> >> >> >> >> >>> >>> (As it turns out my ISP prefix has been static for years, but I'm too lazy >>> to undo all of the work...) >>> >>> -- >>> Harald >> >> -- >> Enno Rey >> >> ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de >> Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 >> >> Handelsregister Mannheim: HRB 337135 >> Geschaeftsfuehrer: Matthias Luft, Enno Rey >> >> ======================================================= >> Blog: www.insinuator.net || Conference: www.troopers.de >> Twitter: @Enno_Insinuator >> ======================================================= > > > > -- > ++ytti
