[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A use for site local addresses?

Tony Hain wrote:
> Brian E Carpenter wrote:
> > EricLKlein wrote:
> > >
> > > Brian E Carpenter wrote:
> > > > Well, I'd hoped to avoid that question until we had mailing list
> > > > consensus on deprecating SLs.
> > > >
> > >
> > > I would tend to say that we are a long way from consensus
> > about SL's.
> That is the understatement of the day...
> >
> > Tony's draft (http://www.tndh.net/~tony/ietf/site-local.txt)
> > makes a good case for globally unique provider independent
> > addresses with a non-routeability option. It would be
> > interesting to know if we have consensus about that.
> Keep in mind it was a quick hack from prior email, so there may be other
> points that people want addressed.
> >
> > IMHO it doesn't make a case for SLs in their present
> > incarnation (i.e. ambiguous address space). There is a lot of
> > operational pain in ambiguous address, once you start
> > building VPNs between business partners or otherwise merging
> > "private" networks. I think we should also seek consensus
> > that ambiguous addresses are unacceptable.
> I agree ambiguous addresses are unacceptable for some purposes, but that
> does not mean all uses are invalid. Maybe the real problem here is that
> we only provide a site controlled address space that is ambiguous. If we
> had a PI space, I believe there would be no need to argue about
> keeping/deprecating the ambiguous space. 

I prefer to think about this the other way round: kill the ambiguous
space, which we have learnt the hard way is a mistake, and then design
the alternative, which may well be unrouteable GUPI (and for all I care,
starts with FEC::/10).

> It sounds like your issue is
> with the logic about prefering the short /10. If we dropped the logic
> and added a flag in the RA to indicate the prefix applications should
> prefer to cover the intermittently connected case, would you still have
> an issue with the ambiguous addresses existing?

I think the scenario where two networks merge or build a VPN between
them would remain messy. You will remember Bob Moskowitz's analysis of
the ANX scenario with Net 10, which seemed to be unsolvable. I hear from 
IBM Global Services that this is still a daily problem with hosted
customers, when several of them need to access RFC 1918 addresses from 
the same hosting center. So it's just cleaner not to have the problem
at all. 

However, an RA flag rather than a magic prefix seems like a very good 
idea in any case. It is robust under a number of assumptions about
the future.

IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to majordomo@sunroof.eng.sun.com