On 12/07/2010 05:13 AM, David Sommerseth wrote:
On 07/12/10 02:26, Les Mikesell wrote:
  
On 12/6/10 6:27 PM, Brian Mathis wrote:
    
You are enjoying a side-effect of NAT by thinking it
is a firewall.
      
The other nice side-effect of NAT is that you get an effectively infinite number 
of addresses behind it without any pre-arrangement with anyone else.  Even if 
ISPs hand out what they expect to reasonably-sized blocks, won't it be much 
harder to deal with when you outgrow your allotment?  We've had the opportunity 
to move to ipv6 for ages but we haven't (in the US, anyway).  I think the reason 
is that most people like the way NAT works and don't really want a public 
address on every device.
    
So you are afraid of out-growing from an assigned /48 net?  Let's do
some math here ... and I hope I get it right ...

IPv4:  aa:bb:cc:dd  .... that's 32 bit
IPv6:  aaaa:aaaa:aaaa:: .... this is 48 bits out of 128bits

In the IPv6 scenario, you have been assigned 'aaaa:aaaa:aaaa::' as your
IPv6 prefix by your ISP.

So that means that you have 128-48 bits available for your own
addressing scheme.  That is 80 bits you have absolutely full control
over.  Of course, it's recommended to have subnets no smaller than 64
bits.  So that makes it:

IPv6 /64 subnets:  aaaa:aaaa:aaaa:bbbb::

That means you have 16 bits for subnets.  2^16 = 65536 subnets, each
with 64bit addressing.  And if my math doesn't fail me now, a 64 bit
addressing scheme is doubling the IPv4 address scope 32 times.

What I mean is that from 32 bit to 33 bit, you have 2 * 32 bit
addressing scope.  from 32 to 34, you have you have 4 * 32 bit
addressing scope.  For each bit you add, you double what you had.

It is simply insanely many addresses.  And if you fear that ISPs or IANA
might run out of address spaces.  Remember that they have 48 bits to
play with, which is the IPv4 address scope doubled 16 times.

Of course some ISP's will probably just hand out /64 networks to most of
their customers (most probably to home users).  But that's another
story.  And a /64 network is possible but not so easy to subnet further,
and is also not recommended.


  
ISP's are supposed to hand out /48's so you can move to a new ISP without having to disrupt
your internal addressing.


kind regards,

David Sommerseth

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

  


--
Stephen Clark
NetWolves
Sr. Software Engineer III
Phone: 813-579-3200
Fax: 813-882-0209
Email: steve.clark@netwolves.com
http://www.netwolves.com