Leif Johansson wrote: > Tony Hain wrote: > > >Leif Johansson wrote: > > > > > >>Of course we filter - > >> > >> > > > >What is your requirement to do that? I am serious, because those are > >the things the current draft is trying to document. If it is not > >covered by the current text, please send details. > > > > > There are obvious reasons for filtering as Bob Austin pointed > out last > night/this > morning (time-differentiated threads when you are wrapped-around is a > nightmare :-) ) > > Our reasons are the typical ones - mostly protecting from various > features in M$ > software.
Not that all are well implemented, but in general those features are there to make it usable for the technically challenged consumer. > An important point is that there are few hosts which are > *only* local. > In my experience a local-only host (eg a database-server part of a > N-tier application) > are comparatively rare. Using locally scoped addresses for > those is just > more work > than putting the damned thing behind a firewall and filtering > everything. For you as a technically astute network admin, I would agree. For Joe-sixpack who just wants to keep the neighbor kid from messing with his light switches, or to keep the junk-fax marketing company from finding his printer, it is a different story. > > Currently the largest set of locally scoped hosts in my network are > phones. This is > in itself a major pain since I am unable to deploy sip-to-the edge to > these phones > and consequently I am in the process of getting globally scoped > addresses for these > hosts. Let's be crisp with the terms here. Since you say SIP doesn't work, I take it to mean those are ambiguous addresses. Even if you assigned globally unique addresses to them, would you be filtering that address range at the border? > > Right now I cannot find a single application where locally scoped > addresses give > me anything worth the effort. Those are my 5 cents - since > you asked for > details :-) Wait, you started off by saying that you really need to filter and keep some addresses local use, but then turn around and say you don't have any application for that. Which is it? We agree there is no need for you to have ambiguous addresses, but you appear to have a requirement for range limited addresses because you intentionally filter. Getting back to the question, is not trusting the hosts the requirement? Tony -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
