Sorry for cross-posting but not sure where it really belong... ----------- Hi, First, the question is more, what is the correct way of dealing with situation like this? I work for a entity with a big and closed network where security and being closed came first. We're not governement but we have our mandate defined by them. Our only connection to Internet are through several uplinks with few public IP where we run proxy solution for the little traffic that are allowed to hit internet. Are in reality no incoming routes to us, and none out. Internal we use RFC1918 IP space,(private IP) and we for now have enough IP space but we are experience conflicts between IP space when connecting to other big closed network. Not to forget the size, we will probably run out of IP space to... (and I know others have run out of RFC1918 space on their internal network) Most would suggest request a /48 or bigger from your uplink right now and that's not going to work for several reasons: * size, just one of bigger sites connected probably need more than a /48 just for themself, and we have several of them, and alot of smaller sites/network. We're probably talking /32 or more if I have to guess. * scalability, we could of course get /48 and break the /64 boundary, a thought I seriously hate. But that will give us other kind of problems, sites needing a /64 or more due to some equipment or so... * there are other BIGGER network of the same type. * control over who is using what IP and where etc... as said above, security and being closed are probably the two most important factors for us. * need global unique IP's since we're connecting to other network of the same type, and NAT are not really the way we want to go with IPv6 ... and probably more I can't remember right now. The solutions aren't really that tricky but let me mention a few options... * Site local would have solved our problem BUT it's obsolite, quite stupid really. * just take a prefix and use it... this will give us problem in the future due to not being unique. * extensiv usage of NAT, eh do we really want to even consider THAT for IPv6? * become LIR and request the needed IP space. * let one of our uplinks request the IP space for us. I'm in favour of the last two options, any of them... and they are as I see it the really two options as things are now. Any thoughts? comments? -- ------------------------------ Roger Jorgensen | rogerj@stud.cs.uit.no | - IPv6 is The Key! http://www.jorgensen.no | roger@jorgensen.no -------------------------------------------------------