[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Real life scenario - requirements (local addressing)



On Fri, 8 Aug 2003, Aidan Williams wrote:
> >There is a difference of a couple of degrees of magnitude here.  Absolute
> >yes/no are irrelevant (because there is always some filtering); it's more
> >important to figure out the probability which results in the highest
> >percentage of getting it right at the first try, a good percentage of
> >doing well at the second if really needed etc.
> >  
> >
> Imagine a parallel universe where *all* addresses are "global".  We can
> assume that there will be plenty of "global" addresses that are filtered
> to reduce their range of communication for the same reasons as people
> filter their networks today.

Ok..
 
> So, the *probability* of a random "global" address being usable for
> communication will drop as a consequence of not partitioning the "local"
> ones in their own little pig pen.

Maybe so, but then the communication will fail *anyway*, because all 
addresses are blocked.  It's more of a question "why are you trying to 
reach a node which has chosen not communicate with you?" and "why did the 
person publish the address of the node which he wishes doesn't communicate 
with others in the first place?"
 
> Worse still, there will be *no possibility* of receiving a hint that any
> particular global address an application uses may be useless for
> communication outside a local network.
> 
> Why would you choose to have no information?

An ICMP unreachable message could be that hint.

You seem to assume that it's a problem if you try to communicate with a
random node and it refuses to talk to you.  It's not, it's a feature (if
the non-communication is intended).  You should not be getting that
address from anywhere (e.g. DNS) without reference to an application it
should work with.  If you do, that's the problem with the system
administrator -- but the app can fail in any case so that's not a problem.  
On the other hand, if you just wanted to manually look up some address,
and try to use it but fail, there's no problem as you should have expected 
the communication to fail (or at least, didn't have a high hope of 
success, and trying was your best bet anyway).

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to majordomo@sunroof.eng.sun.com
--------------------------------------------------------------------