tag:blogger.com,1999:blog-11428745.post1721104600885211942..comments2024-03-05T18:37:53.734-08:00Comments on Howfunky.com: IPv6 Unique Local Address or ULA - what are they and why you shouldn't use themHowfunkyhttp://www.blogger.com/profile/06910843690691777096noreply@blogger.comBlogger17125tag:blogger.com,1999:blog-11428745.post-4645342470390858712022-05-02T20:43:39.958-07:002022-05-02T20:43:39.958-07:00I am using a ULA on 2 devices on my lan. 1 for the...I am using a ULA on 2 devices on my lan. 1 for the router to forward packets over the lan, and 2 for a local lan service (dns among others). The reason is that my prefix is changed by my isp which involves updating config files to match the new prefix You might argue that is should not be dynamic, but it is and power outages or hardware changes trigger it.The local dns server also has a public ipv6 as well, thus it is only used for reference by the lan to compensate for the ever changing ipv6 prefix.Darrennoreply@blogger.comtag:blogger.com,1999:blog-11428745.post-32032346975051266062019-07-13T11:08:36.989-07:002019-07-13T11:08:36.989-07:00If you don't have the ability to NAT a private...If you don't have the ability to NAT a private address, then you exclude the possibility of mesh routing for a network inside of a large building or complex when multiple gateways to the Internet are considered.<br /><br />Assuming you have multiple gateways, you would have to have BGP enabled with your uplink provider or next tier provider in order for nodes to roam on the mesh network. This becomes even more troublesome with multiple backbone/uplink providers because of the need to effectively publish where each node is on the network.<br /><br />If you don't have the possibility of nat6, you end up with a horrible roaming situation and it should not be that way.<br /><br />If setup correctly with nat6, you can easily use a mesh network with IPv6 and roaming.<br /><br />Also, nat6 is in the linux kernel with ip6tables.Andrew Hodelhttps://www.blogger.com/profile/04228421867608770948noreply@blogger.comtag:blogger.com,1999:blog-11428745.post-49756032088917043332018-04-09T02:27:30.196-07:002018-04-09T02:27:30.196-07:00hi,
I know this post is quite old but it would be...hi,<br /><br />I know this post is quite old but it would be really great if you could help me with this one...<br /><br />I like your post and I want to deploy Global IPv6 Unicast addresses. Having said this, the problem is that on Domain Controllers / Win DNS Server static IPs are required pointing to themselves. My ISP seems to change the IPv6 Prefix every couple of days. So I cannot use SLAAC with DHCPv6 (to provide the internal DNS Server address) when the Prefix changes...<br /><br />Do you have any suggestion how this is usually solved?<br /><br />ThanksChrisnoreply@blogger.comtag:blogger.com,1999:blog-11428745.post-7385173061535199132016-12-29T14:22:41.597-08:002016-12-29T14:22:41.597-08:00@comdog - What about Prefix Delegation, where you ...@comdog - What about Prefix Delegation, where you assign only the static bits of your prefix?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11428745.post-70554099550047404772016-10-09T17:28:19.237-07:002016-10-09T17:28:19.237-07:00In addition to ULA there is another type of IPv6 a...In addition to ULA there is another type of IPv6 address called the Link-local. How would I use ULA and link-local?<br /><br />From my understanding link-local traffic is confined to the link it is attached to, traffic does not exit this interface.<br /><br />Does this mean I would use ULA if I had two interfaces on router (different subnets) and I needed traffic to be routed between these two subnetworks?Anonymoushttps://www.blogger.com/profile/13265936041060584477noreply@blogger.comtag:blogger.com,1999:blog-11428745.post-52213239743831284382016-04-15T11:48:08.623-07:002016-04-15T11:48:08.623-07:00@corndog - I understand your frustration. IPv6 doe...@corndog - I understand your frustration. IPv6 does have some tools to make renumbering easier however there isn't a lot of operational information out there to help with doing that well. I typically recommend that companies obtain IPv6 provider independent space to reduce the issues with renumbering. A bit of advise with ULA. Remember, for RFC 6724 compliant OS and devices IPv4 is preferred over ULA. This means that all your hosts will prefer IPv4 for any transport internally which might cause some odd combination of behaviors you might not want. I would like to hear more on if you have seen any impact from an operations basis due to the potential mix of RFC 3484 devices compared to RFC 6724. - EdEd Horleyhttps://www.blogger.com/profile/11493982547680410823noreply@blogger.comtag:blogger.com,1999:blog-11428745.post-33478377421468144702016-04-02T20:49:34.146-07:002016-04-02T20:49:34.146-07:00All sounds great, but I have had to re-address my ...All sounds great, but I have had to re-address my entire network three times due to ISP changes. I've had enough. I registered a ULA block with Sixxs and I'm using it side-by-side with public addresses. Any known services that I need to provide over ipv6 on the internal network, I configure static addresses in the ULA space. All systems have a ULA address and also a dynamic public address. No NAT is done, for linking to the outside, but I FINALLY have some sort of reliable addressing inside. ULA is great.corndoghttps://www.blogger.com/profile/07993737472104817880noreply@blogger.comtag:blogger.com,1999:blog-11428745.post-66781391807305908032015-01-05T13:34:51.824-08:002015-01-05T13:34:51.824-08:00Good post Ed and I think you are not wrong. Howeve...Good post Ed and I think you are not wrong. However, even though ULA is similar to RFC1918 addresses they are intended for different purpose and their uses will become more obvious when you consider multihomed networks or you need to switch ISP or some segment's of your network completely isolated and you don't want to even bother with potential renumbering scenarios. Comparing ULA to RFC1918 is not exactly apples-to-apples. I would say ULA addresses have their uses and they should be used pretty much always but in context of IPv6.Anonymoushttps://www.blogger.com/profile/12853557089896784169noreply@blogger.comtag:blogger.com,1999:blog-11428745.post-52446010759457435972014-11-02T22:46:58.562-08:002014-11-02T22:46:58.562-08:00This comment has been removed by a blog administrator.MaryJohnhttps://www.blogger.com/profile/04739388146785555872noreply@blogger.comtag:blogger.com,1999:blog-11428745.post-53352894463599902982014-06-09T14:39:51.699-07:002014-06-09T14:39:51.699-07:00I know we are supposed to stop thinking in an IPv4...I know we are supposed to stop thinking in an IPv4 mindset and believe me, I want to. I am very excited of the end-to-end connection possibilities. But as another commenter suggested that the portability of your prefix designation hinges on cash. Therefore NAT ends up being a solution to mitigate future renumbering for smaller establishments.<br /><br />So for now I am using NPTv6 with my firewalls, and I ask all the IPv6 powers that be to also stop treating this new frontier like the v4 days. Reservation of a PD needs to be more accessible to smaller guys.<br /><br />-BrettAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-11428745.post-9074738202745449552014-02-20T23:47:06.309-08:002014-02-20T23:47:06.309-08:00Hi Ed,
My Organization is having many different si...Hi Ed,<br />My Organization is having many different sites interconnected by MPLS VPN from two different providers. Each site is having there own different internet connectivity solutions. In this case while migrating to IPv6, if i use Global unique address provided by ISPs then Since each site is having different ISP, I'll end up with different IPv6 subnets at each site. So can i use ULA in this case at all Sites and do a NAT while using Internet and No NAT for MPLS VPN inter site connection ?irfhttps://www.blogger.com/profile/02016926618673439512noreply@blogger.comtag:blogger.com,1999:blog-11428745.post-48795933368692355412014-02-07T07:05:52.669-08:002014-02-07T07:05:52.669-08:00Thanks for the article Ed. Okay, so we won't ...Thanks for the article Ed. Okay, so we won't use ULA as an RFC1918 substitute, but then how am I going to load-balance my Internet connections? If my router has two ISP connections, my router decides which to use for any given request, so my PC doesn't know which public address to use. Do we just use NPTv6 instead ?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11428745.post-3344661561979050072013-12-17T21:29:04.231-08:002013-12-17T21:29:04.231-08:00If you are dealing with more than one IPv6 address...If you are dealing with more than one IPv6 address (and most of the time you will) then you need to know RFC 3484, 6555 and 6724. In addition, you need to know how your OS has implemented those in order to determine what source and destination pair matching process applies. Needless to say, it isn't going to be easy for help-desk folks to know how an application on a dual stacked network will behave and even on an all IPv6 network how it will behave. There is a lot of learning and testing that will be happening in the years to come as IPv6 become more and more common.<br />- EdEd Horleyhttps://www.blogger.com/profile/11493982547680410823noreply@blogger.comtag:blogger.com,1999:blog-11428745.post-91031076118656578582013-12-02T13:29:44.987-08:002013-12-02T13:29:44.987-08:00ULA is mentioned in RFC 6879, IPv6 Enterprise Netw...ULA is mentioned in RFC 6879, IPv6 Enterprise Network Renumbering Scenarios, Considerations, and Methods<br />tools.ietf.org/html/rfc6879<br /><br />I recall hearing about how devices were going to have more than one address, local, unique unicast, multicast, etc., but also recall hearing that in order for that to work applications would have to know which address to use in which case. Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11428745.post-77934952043072514142013-09-22T08:30:17.654-07:002013-09-22T08:30:17.654-07:00Hi Ed,
Good post. One question though. Could ULA b...Hi Ed,<br />Good post. One question though. Could ULA be used internally alongside Global addressing in order to minimize the impact of renumbering in the event of an ISP change? Since IPv6 addressing is intended to be hierarchical, with ISPs aggregating their address blocks, when an organization needs to switch ISPs and hence renumber their internal networks, this could cause a significant amount of work. I'm thinking of DNS changes and the like, not really prefix aging. If the organization used ULA for internal reachability and based all their internal DNS records off ULA addresses, wouldn't this help minimize the impact of an ISP migration?<br /><br />Just curious and food for thought.<br /><br />Thanks,<br />Andrew von Nagy<br />@revolutionwifi on the TwitterAndrew von Nagyhttps://www.blogger.com/profile/12658799453646609565noreply@blogger.comtag:blogger.com,1999:blog-11428745.post-36275554942985206772013-09-21T15:41:25.903-07:002013-09-21T15:41:25.903-07:00I'm glad that you ended with "ULA is appr...I'm glad that you ended with "ULA is appropriate for a lab, a super-secure network or a proof of concept," because I came here ready to flame, but you disarmed me at the last moment. :)Ryan Rieshttp://myotherpcisacloud.comnoreply@blogger.comtag:blogger.com,1999:blog-11428745.post-60418182566120488152013-09-21T06:23:54.496-07:002013-09-21T06:23:54.496-07:00Thanks for the post. By the way, if someone has do...Thanks for the post. By the way, if someone has doubts about NAT read the RFC 1631. Not mentions about security at allP Bover.https://www.blogger.com/profile/07922077856619997086noreply@blogger.com