[AusNOG] IPv4

Mark Newton newton at atdot.dotat.org
Sun Mar 3 19:55:18 EST 2013

On 03/03/2013, at 19:00, Don Gould <don at bowenvale.co.nz> wrote:

> Paul how is DNS for this?
> Please excuse my ignorance but I don't understand how you use DNS to multihome a device.

There's this idea in IPv6 that you can separate the identifier from the locator.

That's a jargon term, that's essentially wrapped up with the idea that applications/services can use addresses that aren't totally fixed to their location, in the way that IPv4 has commonly been used.

The DNS is full of identifiers. The locators are the AAAA records.

For a while in the mid-2000's it looked like "people who weren't ISPs" would not be granted RIR allocations of IPv6 address space.  To multihome, they'd use DHCPv6 and SLAAC to establish locators for every service from every ISP, and use magic pixie dust to do failover and load balancing between them.

So your workstation in your office would have an IPv6 ULA from EVERY service provider your enterprise connects to. So would your routers, probably your printers and mobile devices too. They'd all be in the DNS, updated by some yet-to-be-written magic to make sure that everyone on the Internet could locate them if their identifier was known.

Every device would run a "SHIM6" layer which would dynamically negotiate and translate endpoint IPv6 addresses with whatever peers it needed to communicate with. And your enterprise would run SHIM6 middleboxes to dynamically renegotiate and rewrite source and destination addresses to cater for link failures, congestion, routing policy, etc.

Geoff Huston chaired the IETF SHIM6 working group, and there was some OpenBSD sample code produced, I think.

It never really took off. My personal take on it was that if it was so great, why weren't we all running SHIM4 middleboxes already? SHIM6 seemed to me to introduce something that's functionally equivalent to NAT into the internetworking layer (but you can't call it NAT because you don't do NAT in IPv6 :).  It also created a hierarchical separation between networks operated by service providers (who'd multihome with BGP just like always) and everyone else (who would never have portable IPv6 addresses), a distinction that I reckon the carriers would exploit to its full miserable end.

Thankfully the RIR orgs adopted policies which enabled PI assignments to non-ISPs, and SHIM6 stalled.  So now the plan is to use BGP, portable assignments, and DNS just like we always have.

That has advantages and disadvantages, of course. But doesn't everything?

   - mark

More information about the AusNOG mailing list