Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 -Unique local addresses)

  • From: Adrian Chadd
  • Date: Thu Oct 21 23:38:54 2010

On Thu, Oct 21, 2010, Leo Bicknell wrote:

> If you could number your internal network out of some IPv6 space
> (possibly 1918 style, possibly not), probably a /48, and then get
> from your two (or more) upstreams /48's of PA space you could do
> 1:1 NAT.  No PAT, just pure address translation, 1:1.
> 
> You can "renumber" by configuring a new outside translation.  The
> NAT box can do the load distribution functions discussed here, some
> users out one provider, others out the second provider.  There is
> no port complication, so incoming connections are much simpler.

You assume the protocol(s) don't include IP addresses inside the
payload.

You also assume the protocol(s) don't do things like checksum
application payloads, which include IP addresses.

Both of which I've seen, today. Some of which I occasionally see
inside, hm, "over-enthusiastic" HTTP procotol/application
designers. 

NAT's going to be needed, but it's going to be more stateful
inspection-y than most of the vocal nanog+ipv6 people desire. :)



Adrian






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.