[ale] {Disarmed} Re: IPv4 devices on IPv6 network

Michael H. Warfield mhw at WittsEnd.com
Sat Jun 30 13:12:26 EDT 2012 

On Sat, 2012-06-30 at 12:44 -0400, Michael Campbell wrote:
> On Sat, Jun 30, 2012 at 1:10 AM, Alex Carver <agcarver+ale at acarver.net>wrote:
> 
> > Hi everyone,
> >
> > Got a "plan ahead" question for you.  I've got a handful of
> > firmware-based devices that are IPv4-only never to be made IPv6 capable
> > (PLCs, some print servers, data loggers, etc.)

> This may not affect you, and just an FYI, but...you mention AT&T later, so
> be aware that at least with U-Verse, they have said that LANs (on uVerse)
> can no longer use the 10.0.0.0/8 addresses.  There is rumor that this is
> due to AT&T moving to a corporate wide NAT where their whole network is
> going to be behind a NAT, and that your AT&T modem/router is going to be
> given a 10.*.*.* address in that space.   This is supposed to happen 6-Jul.

I saw one message about that couple of months ago, with no confirmation
and which others are saying that AT&T people are denying.  What you are
talking about is CGNAT (which I referred to in my previous message) or
NAT444 and they are NOT support to use 10./8 for that!  There is an IETF
RFC specified block of addresses for Carrier Grade NAT (CGNAT).
 
> The other rumor is that you can have an externally visible IP4 IP for an
> additional $15/mo.  I don't know how this works with existing static IP
> users, and personally I've subscribed to a third party VPN provider through
> which I can forward ports back to my machine so I can have an externally
> visible machine, since I do run services that I need to get to from outside
> AT&T's network.

Be aware that not all VPNs will work through CGNAT.  IPSec NAT-T will.
OpenVPN will.  Cisco AnyConnect / OpenConnect will.  VPNC will.  Most
SSL / DTLS ones will.  Other proprietary ones are a crap shoot.

> So, now we wait.  I'm not a network guy, so I assume there's a way to
> segregate your LAN from theirs even if they do this, but people here
> smarter than I can debate the feasibility and wisdom of doing so =)

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20120630/01b6a1d9/attachment.bin

More information about the Ale mailing list