Anton Aylward wrote:
So, if "Network 10" and NAT is to be 'cosnidered harmfu'l then fc00::/7 and the gateway that maps those non-routable address across the 'Net is to be 'considered harmful' as well.
In RFC4193 we have <quote> - Provides Local IPv6 prefixes that can be used independently of any provider-based IPv6 unicast address allocations. This is useful for sites not always connected to the Internet or sites that wish to have a distinct prefix that can be used to localize traffic inside of the site. </quote>
Yes, the wording is different, but that is what "network 10" (and the other unroutable IPv4 addresses) was achieving. Locally restricted addressing that necessitated an_explicit_ (i.e. NAT'ing firewall) gateway (aka choke point where access rules can be applied)
Whoopee. IPv6 is "broken" in exactly the same way that IPv4 was.
The issue is not RFC1918 addresses or equivalent, as there are many reasons why they might be used. However, while RFC1918 addresses are often used with NAT, they don't have to be. They are simply addresses that are available for use, without co-ordinating with others. The IPv6 unique local address serve a similar purpose. I have never said RFC1918 or unique local addresses are bad. I have said NAT is. Big difference. RFC1918 does not require NAT, but NAT requires RFC1918, unless you're willing to to risk address conflicts. Even then, you still risk them if using a VPN between NAT sites. With globally assigned addresses, on either IPv4 or IPv6, you don't have that problem, as globally assigned addresses are unique. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org