Internal Address Space
David Kessens
david@IPRG.nokia.com
Fri, 3 May 2002 08:52:31 -0700
David,
On Fri, May 03, 2002 at 09:39:22AM -0400, David F. Newman wrote:
>
> In the old IPv4 days sites would use private address space inside a firewall
> for either address conservation or just plain old security through obscurity.
Are you saying that 64-bits/number of hosts on one LAN doesn't give
you a nice amount of obscurity if you want to try to guess IP
addressess within a particular /48 ?!? :-)
> Now that a site can get a /48 to do with as they please is it
> necessary to use private IP space anymore.
It has never been necessary or required to use private space for
anything. That doesn't mean that there are cases where private address
come handy, for example for home-users who are often a victim of 'a
little faster than ISDN speed' Internet providers who seem to think
that customers want PPPoE and charge obscene amounts of money for
getting a few IP addresses.
> I am wondering if people out there use public routable IPs on both
> sides of their firewall.
Of course, people are doing that. People do that with ipv4 all the
time too. v6 doesn't really change anything here except that it is
quite a bit harder to guess somebodies v6 address since there are just
many more to guess...
David K.
---