Op 23 okt. 2012, om 19:28 heeft Michael Thomas het volgende geschreven: > On 10/23/2012 10:25 AM, Teco Boot wrote: >> >> I'm not sure if giving each host a >> prefix in 2001:yyyy's address space is scalable either for the hosts, the >> SLAAC >> announcements, or just carving up 2001:yyyy's addresses, especially if you >> have >> a large VPN population. I've done that myself, and I have doubts that it's >> the >> right approach. >> I can't get why employer doesn't assign a 2000:: address to the server, other >> than test uRPF filters and get protocol designers crazy :-) >> > > They ran of space in the 2000:: allocation? Ran out a /16 prefix? I can arrange a course on setting up an address allocation scheme.
> They merged two companies? Yepp, the need for renumbering keeps business going. We have a nice WG for this. Please check their drafts for your scenario, I can't find it. Request to add it? I think that in general, enterprises do not permit a VPN termination in homenets, where internal traffic is exposed to the Internet. At least, sad faces from the security team. That brings us back to the MIF use case, with VPN and Internet provisioning domains. And VPN kit on a host. > There's lots of reasons why a company would have multiple prefixes. Yes. On MIF and VPN termination in the homenet, a host can get addresses from multiple DHCP servers, each with own DNS server(s), just like a normal MIF node. What is the problem? (other than get BRDP in place and a couple of sad faces :-). Teco > > Mike _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet