North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: 240/4

  • From: Daniel Senie
  • Date: Tue Oct 16 18:09:20 2007

At 05:20 PM 10/16/2007, David Ulevitch wrote:

Daniel Senie wrote:
If all of 240/4 is given over without guidance to private address use, a
huge mess will follow, should we later decide it safe to use on the public network.

Nobody would allow that to happen. Once it goes RFC1918, it would never go back.

Adding four /8's to the IPv4 RIR assignable space (as you suggest) isn't buying anyone any time before we run out.

No. It would provide a play space where this could be explored further, and may be of use for private interconnects between some companies. It would not hurt anything to allocate this space.

The effort someone would spend figuring out if 204/4 is reachable and not-pain-inducing in their infrastructure is better spent figuring out how to make IPv6 work within their sphere of responsibilities.

The code changes to solid, proven IPv4 stacks to allow 240/4 to work are likely to expose enterprises to very little risk. Certainly we can expect it to be a lot less risk than IPv6 stacks which are at this point largely unproven. Adding additional IPv4 space from 240/4 may well buy enterprises enough time in the IPv4 world for IPv6 to receive sufficient code coverage and native deployment for corporations to accept the risk of introducing IPv6 on a broad scale.

I know you're trying to beat the drum that everyone should get off their posteriors and roll out IPv6, but every time I go research another product that'd be needed, it's not ready. The latest was in reading the release notes for firewalls from one vendor. Sure the boxes will handle IPv6 in some fashion, but oh, sorry, you wanted to deploy a redundant pair of firewalls? The stateful synchronization isn't ready yet.

Given the relative simplicity of the code change to activate 240/4 in an IPv4 stack, it's likely all major vendors could have patches out for allowing its use in private networks with little risk and little expendature of time. It's quite likely such changes could be out a very long time before IPv6 stacks in firewalls, routers and hosts receive sufficient testing to be deemed safe.