[JoshTriplett]

> Once you go IPv6, you never go back. After dealing with the hell that is limited IPv4 address space, everything just seems so easy.

When I first looked at IPv6, I found it odd that it used 128-bit addresses, when 64 bits would uniquely identify every device (and MAC addresses in practice were 48 bits, because almost nothing uses EUI-64).

Now I look at IPv6 and wish the address was large enough to hold a cryptographic hash.

[ghshephard]

The thing you quickly realize is that IPv6 isn't so much about a large number of 128 bit addresses, it's about a large number of 64 bit networks. Each network capable of handling essentially unlimited number of addresses.

So, when people talk about how many "Addresses" are available, they are barking up the wrong tree, they should talk about how many networks are available.

Ironically, I've seen tens of thousands of IPv6 networks deployed, and almost all of them are in RFC 4193 space, which is the equivalent of IPv4s RFC 1918 (10.x.x.x/8, 172.16.x.x/12, and 192.168.x.x/16).

But, unlike RFC 1918, where the space is constricted, and too many people use 10.1.x.x or 192.168.1.x, and end up in conflict, companies are pretty good about choosing a completely random ::/48 from FD::/8 - odds of a conflict are pretty minimal between two companies.

[dsl]

Yeah, everyone treats non-routable space as a security control. So expect to only see DMZs and edges of networks in the routable IPv6 space.

[ghshephard]

Non Routability has a really bad reputation, but enterprise/corporate IT people are fond of it.

The nice meet-in-the-middle approach is to use a RFC 4193 space + NAT-PT. Gives you close to best of both worlds - you get end-end connectivity, but full address portability with little effort when you change ISPs.