Date: Fri, 27 May 2016 09:09:01 +0200 From: Niklaas Baudet von Gersdorff <niklaas@box-fra-01.niklaas.eu> To: freebsd-net@freebsd.org, tinc@tinc-vpn.org, Mailinglists FreeBSD <freebsd-questions@freebsd.org> Subject: Re: IPv6, ULAs and FreeBSD Message-ID: <20160527070901.GA7911@box-fra-01.niklaas.eu> In-Reply-To: <CAN6yY1uEwttkd7iCBrjoFytUjUiNL1Ew-j7pm=-S=dY9HBXPYQ@mail.gmail.com> References: <20160519124446.GB2444@box-fra-01.niklaas.eu> <20160523034855.GA37797@box-fra-01.niklaas.eu> <20160524061707.GA77980@box-fra-01.niklaas.eu> <20160526193602.GF49239@box-fra-01.niklaas.eu> <CAN6yY1uEwttkd7iCBrjoFytUjUiNL1Ew-j7pm=-S=dY9HBXPYQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--uAKRQypu60I7Lcqm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Kevin Oberman [2016-05-26 21:11 -0700] : > There are a lot of excellent reasons to avoid ULAs. There are a very > few good, or even so-so reasons to use them. The most commonly cited > reason is security which is almost always wrong. In almost 20 years of > working with IPv6 I have yet to see any valid security reason for > using ULAs. There are any number of excellent papers on this. Kevin, thanks for your comment. I have no professional background in IT, so I really appreciate your remarks. > The most valid use is when you can only get a /64 from your provider. I got a /112 for each of my virtual servers... So, I decided to go for ULAs for the VPN between them. > I really guess all of this needs to be in the handbook so people don't > waste time trying to do things that are documented to either not work > or not work effectively. And, unless you are really, really sure you > need ULAs, They mostly just break things. I agree. In addition, I would like to emphasise that it should be in both FreeBSD's and tinc's handbook. I guess I could have known, if I had read the RFCs, but adding some notes in the handbook(s) would ease things a lot. --uAKRQypu60I7Lcqm Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXR/KHAAoJEG2fODeJrIU/ai8P/jQRlPHFPp7cZ7Ws1jwo5erm knh1UJHdNUknRyxgLAYxFK35tYiEKgWNS3m/Ra03iRmXozS9R+IrDkJdxI4ik9o5 5DlSIr8MMB9dsghOoPQfIAEwW8yOsIFdPs+FohpbSevm7MIEpjncvhV+6yTA6LDs +ZP0bGTGTm+/wFwVNYjvbwhCd7PtRXTsUGPNjU/byMT48eNg/mHDnIszJQTE00JM 0KXtzbsPBETjc8FPTJqYfOR0EjrPO99y1uF9ZKVSyw37D7nRIgTAQFO1nZmZ7Q27 U7eIbwwOIW12M1fl2YA+HSWkW1tXDxOAznwi27Cjz/YHETqmqECYa4Gkl9/NIUvS i8MM6VsLD/62gr6CvfaMMugLm9gqxx/OoQtYAYwdE0a4J1y/PoIvVfxfqb1tmdw2 DO0qePwrTHh5YBaXaUIOTjhgMxjtyxfJh41gM0viATNkVRo6B19oTnen+9ba3TST Fm2u4+r8wT+HvPZJvk5VLaHAj5Ic5wDR8WiiDxgLDMOtka+2k7uW5dS7gk7I3lQ1 4nxpLAdD+DKyuhlc91VVAJwG0RQ3V3iecLHe3xeg/bM+8KZYCqxJ5FL9Pwati8mt iETPapfToPvskh38gQluOXidbhnqjc5QDZ3rinNke7AK1a07odLO2ayi2rq77YEq l72rDOf2bEfsA1vXLDqi =etyx -----END PGP SIGNATURE----- --uAKRQypu60I7Lcqm--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160527070901.GA7911>