IPv6, ULAs and FreeBSD
Mark Tinka
mark.tinka at seacom.mu
Fri May 27 05:54:34 UTC 2016
On 27/May/16 06:11, Kevin Oberman wrote:
> There are a lot of excellent reasons to avoid ULAs. There are a very few
> good, or even so-so reasons to use them. The most commonly cited reason is
> security which is almost always wrong. In almost 20 years of working with
> IPv6 I have yet to see any valid security reason for using ULAs. There are
> any number of excellent papers on this.
>
> The most valid use is when you can only get a /64 from your provider. RFCs
> recommend a minimum assignment to residential customers of a /56 but many
> providers seem to have missed this, so there is no choice. prefixes longer
> than /64 are effectively not possible. IPv6 does not care, but the
> supporting protocols , make a /64 or shorter assumption. More intractable
> is that hardware also often make similar assumptions. As you learned, you
> really, really don't waste your time trying to make it work.
>
> I really guess all of this needs to be in the handbook so people don't
> waste time trying to do things that are documented to either not work or
> not work effectively. And, unless you are really, really sure you need
> ULAs, They mostly just break things.
Fully agree.
Mark.
More information about the freebsd-net
mailing list