[TriLUG] IPv6 workshop
glcox at pobox.com
Mon Apr 18 19:18:29 EDT 2011
On Sun, 17 Apr 2011, Alan Porter wrote:
>> If there's the IP equivalent of Local Number Portability, lemme know.
> I think the answer to your question is "DNS".
Buh? Last I checked, DNS names can't be popped into your resolv.conf
(or other OS equivalent). They can't be put into the config of a
device for "what IP am I?" And, there's layer-7 items where IP needs
to be declared instead of name (some backend networks that don't
span out; some NAS configs, for security).
DNS and DHCP can't solve everything, and I doubt most people have a
fully-realized Puppet or cfengine SkyNet taking care of everything.
Swapping ISPs just got a lot more touches: instead of focusing on the
DMZ and border in a move, you have to touch a whole lab/site/office.
I'm sure for homogenous or tiny home networks this isn't an issue, having 3
or 4 devices to touch (most of which are dhcp'ed), oh noes! I have about
30, between VMs, physical devices, and configs dependent upon them, which
I could do by hand, but it's getting annoying; at $WORK, with a lab of
immense size, running tons of gear as a server instead of a dynamic client,
it'd be herculean.
> The same is currently true for my IPv4 numbers that Linode dished out to
> me. If they go belly-up, or I choose another hosting provider, I get
> new IPv4 addresses.
It's apples and oranges. Because Linode gives you a public IP, if they
die, you must move. No question there. But that's because you're public,
not already in a NAT'ed bubble. Now, let's assume I have a private island
in that provider. Call it Xen guests inceptionized inside a Linode, call
it a small NAT'ed office, call it a large lab at $WORK that doesn't want
to be tied to IT deciding they can save $5 by changing providers. A 1:1
public-to-private NAT lets a bubble survive unaltered.
I'm fine with the idea that if you want to be public, and change ISPs,
that you have to touch that box. I'm just saying, if I keep much of a
site private and just want things to go out to the world for web browsing
and updates once in a while, I'd like that to work, too, without being
on the hook for changing anything south of the router. I'm ok if you
have trouble getting Skype to work with a remote PDU or storage array.
> If you're looking for private addresses, take a look at the "Unique
> Local Address" space in fc00::/7.
> These addresses are for exactly what you're looking for... private
> addresses that are NAT'ed behind a router.
Already found the addresses. What I'm looking for is the cross-router
NAT/masquerade piece so (v4 and v6) internal can speak v4 external. v6
external is of zero interest now, but transitioning to (v4 or v6)-to-6
public-to-private later by dual homing might be.
More information about the TriLUG