Mailinglist Archive: opensuse (1599 mails)

< Previous Next >
Re: [opensuse] Practicalities of IPv6
On Sat, 2009-10-24 at 11:15 +0100, G T Smith wrote:
Hash: SHA1

Adam Tauno Williams wrote:

The 40-bit site-id is supposed to be random, so the unique local
address isn't guaranteed to be unique, but does have a very high
probability of being so. The thing is - todays RFC1918 IPv4 addresses
are obviously not unique, but also not routable, but what's with these
most-probably-unique IPv6 addresses that appear to be routable?
It's been a while since I read about it, but there are different tiers
of addresses. The bottom address range is based strictly on the MAC
address and is non-routeable. There are also other tiers that are
limited to an organization or even to a part of the organization. These
ranges are routeable, but not allowed on the internet, in the manner of
RFC1918. Address ranges in IPv6 is a topic in and of itself.

2001::/16 - Allocated to RIRs
2002::/16 - Allocated to 6t4
fe80::/10 - Link local, those-MAC-derived addresses, at least for
Ethernet. It uses a mechanism knows as SLAAC to come up with, at least
on Ethernet, theoretically unique address.
fec0::/10 - Site local, like 192.168.x.x, 10.x.x.x, etc...
fc00::/8 - Unique Local, allocation still up in the air last I knew.
But these are like a real network address but not routeable (?).
fd00:/8 - Another kind of Unique Local, even more mysterious than
fc00::/8. But you can get one from SixXS who seem to have appointed
themselves as a registrar. This is what we use internally (one of
these) for now.
This is really illustrates an issue which will probably put many of
those with more complex infrastructures off from being early adopters of
the technology. (BTW in this context it is easy to confuse size with
complexity, big can be quite simple).
This a bit of a catch-22 situation, until network specialists have idea
of how this technology will behave in complex environments they will be
wary about adopting it in such environments,

I just don't see it; and I have 18 sites, 22 T1s, fiber connections, and


however to get an idea of
how it will behave someone has to implement it in an appropriate real
scenario (and share the results).

There are many networks that have (Comcast, for example).

No one really wants to be the first
person to shoot themselves in the foot (at least not publicly :-) ). A
fair number of people who have reached the position to manage these
things will have learnt the hard way there is often more pain than gain
in being an early adopter of a new technology.

IPv6 is *NOT* a "new technology". Not even close. XP supported IPv6,
Vista did [by default!], and now there is Windows 7. So even on M$ it
is *THREE* OS revs old. It has been supported in LINUX since 2.4! It
has been supported in Cisco IOS since late 11.x. How long does
something have to be around before it isn't "new" anymore? Calling
someone who implements IPv6 *now* as cutting or leading edge is

And as several periodicals have pointed out - YOU ARE RUNNING IPv6!
Unless you have explicitly disabled it on every new workstation, server,
printer, etc... [or you have all very old crap] you very likely have
IPv6 running on your network - it auto-configures. If your routers,
firewalls, and policies do not deal with IPv6 you have a serious
security problem.

Just making IPv6 officially supported is in the end, I believe, just
more prudent and simpler than fighting to disable it in every device and
blocking it at every switch, router, and firewall.

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >