I agree with Karl. We use the ULA space for our internal test labs. The /48's we have in use get routed around internally but have no chance of leaking to the internet. Spencer Ryan | Senior Systems Administrator | sryan@arbor.net<mailto:sryan@arbor.net> Arbor Networks +1.734.794.5033 (d) | +1.734.846.2053 (m) www.arbornetworks.com<http://www.arbornetworks.com/> ________________________________ From: NANOG <nanog-bounces@nanog.org> on behalf of Karl Auer <kauer@biplane.com.au> Sent: Thursday, September 8, 2016 8:49:34 PM To: nanog@nanog.org Subject: Re: Use of unique local IPv6 addressing rfc4193 On Thu, 2016-09-08 at 23:43 +0000, Pshem Kowalczyk wrote:
both ways - if we decide to use it we'll have to either overlay it with public IPv6 space (and provide the NAT/proxy for where we don't have any public IPv6 assigned) or simply not use the fc00::/7 and skip the NAT/proxy aspects of it.
There is no necessary link between ULA addresses and NAT. You don't have to NAT ULA, *ever*. If you need public addresses, go get them. There are enough. IMHO one should use ULA in only three situations: - a completely isolated network - for internal communications e.g. fabric management) - for testing Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389 GPG fingerprint: E00D 64ED 9C6A 8605 21E0 0ED0 EE64 2BEE CBCB C38B Old fingerprint: 3C41 82BE A9E7 99A1 B931 5AE7 7638 0147 2C3C 2AC4