[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-ipv6-unique-local-addr-08.txt

To: "Brian McGehee" <doc@xxxxxxxxxx>, <ipv6@xxxxxxxx>
Subject: Re: I-D ACTION:draft-ietf-ipv6-unique-local-addr-08.txt
From: "Stephen Sprunk" <stephen@xxxxxxxxxx>
Date: Fri, 3 Dec 2004 17:39:59 -0600
Cc:
Delivery-date: Sat, 04 Dec 2004 02:38:19 +0200
Envelope-to: archive@lists.atm.tut.fi
List-help: <mailto:ipv6-request@ietf.org?subject=help>
List-id: "IP Version 6 Working Group \(ipv6\)" <ipv6.ietf.org>
List-post: <mailto:ipv6@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
References: <0MKz1m-1CaKM243lR-0001zH@mrelay.perfora.net>
Sender: ipv6-bounces@xxxxxxxx

Thus spake "Brian McGehee" <doc@xxxxxxxxxx>

I have to agree with this MUST NOT.

|+    Advertising locally assigned ULA AAAA records in the global DNS
|+    MUST NOT occur as they are not globally unique and will lead
|+    to unexpected connections.

Although there is a good chance that someone else in the world has my same
name, they don't receive their mail at my home address.  OK, Bad example
(reversed).  But if there is a chance of overlap; allowing this insures
there is a chance of misdirection.

My original thought in allowing ULA AAAA records in the global DNS was that it is not operationally feasible to expose those records to all of the hosts that have connectivity to those addresses and no others, particularly when you're using them to communicate privately to another organization.

There is certainly a failure mode where two parties may inadvertently select the same prefix and one may get traffic intended for the other due to entries in the global DNS, but that is no different from someone publishing a ULA IP address on a web page instead of a DNS name that points to that address. The failure is the collision, not the DNS entry.

I did think about this and considered the odds of the above happening to be significantly lower than the risk of a host not being able to resolve names for machines it can reach via a ULA because it (or its nameserver) is inadvertently using the global DNS instead of a local zone file.

Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking


--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@xxxxxxxx
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

References:
- RE: I-D ACTION:draft-ietf-ipv6-unique-local-addr-08.txt
  - From: Brian McGehee

Prev by Date: Re: I-D ACTION:draft-ietf-ipv6-unique-local-addr-08.txt
Next by Date: Re: I-D ACTION:draft-ietf-ipv6-unique-local-addr-08.txt
Previous by thread: RE: I-D ACTION:draft-ietf-ipv6-unique-local-addr-08.txt
Next by thread: Re: I-D ACTION:draft-ietf-ipv6-unique-local-addr-08.txt
Index(es):
- Date
- Thread