IPv6, ULAs and FreeBSD

Niklaas Baudet von Gersdorff niklaas at box-fra-01.niklaas.eu
Fri May 27 07:09:04 UTC 2016

Kevin Oberman [2016-05-26 21:11 -0700] :

> There are a lot of excellent reasons to avoid ULAs. There are a very
> few good, or even so-so reasons to use them. The most commonly cited
> reason is security which is almost always wrong. In almost 20 years of
> working with IPv6 I have yet to see any valid security reason for
> using ULAs. There are any number of excellent papers on this.

Kevin, thanks for your comment. I have no professional background in IT,
so I really appreciate your remarks.

> The most valid use is when you can only get a /64 from your provider.

I got a /112 for each of my virtual servers... So, I decided to go for
ULAs for the VPN between them.

> I really guess all of this needs to be in the handbook so people don't
> waste time trying to do things that are documented to either not work
> or not work effectively. And, unless you are really, really sure you
> need ULAs, They mostly just break things.

I agree. In addition, I would like to emphasise that it should be in
both FreeBSD's and tinc's handbook. I guess I could have known, if I had
read the RFCs, but adding some notes in the handbook(s) would ease
things a lot.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20160527/5835e7fc/attachment.sig>

More information about the freebsd-questions mailing list