On 8/24/07, David Conrad <[EMAIL PROTECTED]> wrote: <snip> > If you obtain address space from a service provider and you decide to > change providers, you have (in most cases) two options: renumber or > deploy NAT. It is a simple cost/benefit tradeoff, with the costs > impacting software and protocol developers not really a > consideration. From the perspective of the network administrator, > which is easier? Going through every configuration file, network > management program, firewall, router, etc. throughout their entire > infrastructure and changing every reference to IP addresses or > deploying a new box into the network infrastructure (and I'm not > going to go into whether or not that box is deemed to have provide > additional security)? Obviously, if you obtain provider independent > address space, you don't need to renumber. Unfortunately, this > doesn't scale.
sound to me that what we need is a new way to - configure hosts - configure routers - configure ACL on routers/firewall/wherever - services (http, mail ++++) - dns (a bit special, more about it further down) where it is possible to do the change ONE place and get all other fields like the same changed at the same place in all of the above place and other I have forgotten... and at the same place have the changes be done transparent or with as short outages as possible, less than 1minut I would say. In other word. We need to get totaly ride of the manual configuration that has to be done when changing IP addresses, changing domain names etc. NA/RA build into IPv6 has some of this but it just make it possible to configure IP on the host... DNS is one place this could be done, but DNS isn't trustworthy enough yet, and we also have the NAT/RFC1918 ip addresses that make it harder. But without such a automatic system we are forever bound to IP addresses, or hostnames wherever we go. -- Roger Jorgensen | [EMAIL PROTECTED] | - IPv6 is The Key! http://www.jorgensen.no | [EMAIL PROTECTED] _______________________________________________ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
