Daniel, On Tue, 2011-02-15 at 20:41 +0100, Daniel Roesen wrote:
Hi,
On Tue, Feb 15, 2011 at 01:01:15PM +0100, Shane Kerr wrote:
I'm not sure what you mean by "hybrid". Can you explain or give a reference to what you mean?
Networks connected to both Internet and in Extranet fashion privately with other networks.
Right. So peering with a vendor to gain access to certain services or databases while also connecting to the Internet, for example?
If you mean a site that needs both internal-only and externally-visible addresses, then with IPv6 I think the simple answer is to use ULA for the internal addresses, and PA space for the external addresses.
So also need to run split DNS for services accessible via Internet and via private Extranets. That's signficant operational burden and fails for anything which needs literal stable addresses to connect to (like e.g. sensors).
Why do you need a split DNS? Just publish your local information on the Internet. If your concern is with hiding information about internal networks for whatever reason (security, trade secrets, and so on), then you'll need some sort of split DNS anyway.
All IPv6 devices can handle multiple addresses.
Just like every IPv6 stack implements IPSEC, right?
It's hardly the same. I have never seen an IPv6 deployment that actually used IPSEC. OTOH, every IPv6-enabled device that I have seen supports multiple addresses. Indeed, I cannot imagine how a device would work without this, since you typically need at least one link-local and one global address.
We're allowing PIv6 for "multihomed" (whatever that means really) sites. Those could "just simply" use PA space from any ISP they connect to. Why do we make Internet multihoming special compared to Internet-plus-others? With the "multiple IPs per device" argument there cannot be PIv6. I thought we've left that behind by now.
I'll address this in a separate e-mail. (And I won't address the 6to4 suggestion, which you realize isn't entirely serious.) ;) -- Shane