29 Apr
2003
29 Apr
'03
2:27 a.m.
[Let's try this again without fat-fingering the Send button :-)] Seems like an obvious case for using IPv6. RFC2373 site-local addresses assign a /48, with 16 bits of subnet ID and 64 bits of host ID. The average location probably doesn't have 2**16 extranets on one DMZ; picking a random value usually yields one that nobody you're talking to is also talking to, so almost nobody needs to use NAT for this kind of thing, assuming you plan to tunnel them.