In message <18a5e7cb0910201638j7a24a10dwb8440a42f8f9c49e@mail.gmail.com>, Bill Stewart writes:
On Mon, Oct 19, 2009 at 7:07 PM, Nathan Ward <nanog@daork.net> wrote:
On 20/10/2009, at 3:02 PM, Bill Stewart wrote:
plus want the ability to take their address space with them when they change ISPs (because there are too many devices and applications that insist on having hard-coded IP addresses instead of using DNS, and because DNS tends to get cached more often than you'd sometimes like.
That's why we have Unique Local Addresses.
This is the opposite problem - ULAs are for internal devices, and what businesses often want is globally routable non-provider-owned public addresses. If you've got a VPN tunnel device, too often the remote end will want to contact you at some numerical IPv4 address and isn't smart enough to query DNS to get it.
Which just means we should be fixing the VPN box.
And even though most enterprises these days only use registered addresses outside the firewall and not inside the firewall, it's still a pain to have to renumber everything and wait for everybody's DNS caches to expire, so if you're using Provider-independent IP addresses, it's much easier to tell your ISP "Sorry, ISP A, I've got a better price from ISP B and I'll move all my stuff if you don't beat their price." (Of course, customers like that are often telling ISP B "You'll have to be X% cheaper/faster/somethinger than ISP A or I'll just stay where I am" and telling ISP C "My main choices are ISP A and ISP B but I'd take a lowball quote very seriously...")
Renumbering in IPv6 is not the same as renumbering in IPv4. IPv6 is designed to support multiple prefixes on the one interface. There is actually enough address space to support doing this and allow renumber events to take weeks or months if needed. There is no need to say at XX:XX on DD/MM/YYYY we will be switching prefixes. One can be much smarter about how you do it. You can just introduce the new prefix. Add second address to the DNS. Do your manual fixes. Remove the old addresses from the DNS. Stop using the old prefix when you are satisfied that there is no traffic over them.
-- ---- Thanks; Bill
Note that this isn't my regular email account - It's still experimental so far. And Google probably logs and indexes everything you send it.
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org