[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

using "reserved" IPv6 space

Subject: using "reserved" IPv6 space
From: Jean-Francois.TremblayING at videotron.com (Jean-Francois.TremblayING at videotron.com)
Date: Fri, 13 Jul 2012 13:56:11 -0400
In-reply-to: <[email protected]>

-Hammer- <bhmccie at gmail.com> a ?crit sur 13/07/2012 12:21:13 PM :

> I like the ULA approach. 

Global and ULA are two approach, but there's a third one: GUA + ULA. We 
actually put a GUA on servers speaking publicly, a ULA on servers speaking 
in our domain only and *both* ULA and GUA on servers which talk both ways. 
Our datacenter firewalls are configured to enforce GUA-GUA and ULA-ULA 
connections only (just simple URPF over two interfaces). 

This setup works very well, surprisingly we've had very little source 
address selection problems so far (knock on wood). We're very happy that 
the separation between public and "private" networks is clear, it helps a 
lot with debugging and service separation. 

/JF

Follow-Ups:
- using "reserved" IPv6 space
  - From: trejrco at gmail.com (TJ)

References:
- using "reserved" IPv6 space
  - From: bhmccie at gmail.com (-Hammer-)

Prev by Date: The Cidr Report
Next by Date: The Cidr Report
Previous by thread: using "reserved" IPv6 space
Next by thread: using "reserved" IPv6 space
Index(es):
- Date
- Thread