-----Original Message-----
>> This is the harm that can be caused when you publish a >> LA ULA. > >That is certainly a possible outcome if you happen to collide with someone, >that someone happens to be mixing PI/PA and LA ULA addresses for a given >hostname, and you happen to try to contact a host via that hostname. Care >to calculate the odds that your scenario will happen? As someone who will end up supporting installations or have to debug problems related to connectivity, the actual odds are not important. If the odds are greater than 0, it will happen. Whatever solution that is proposed here should keep that in mind. Also, any solution should keep in mind how to work around any such problems when it does happen. If addresses are in global DNS, does that make my life horrible when trying to create scenarios where I need to avoid parts of the DNS? Not sure thats an issue here, but I think it needs to be considered. >However, there do exist cases where the behavior is well-defined and correct >even in the face of ambiguity. Suppose you have: The scenario you proposed can be done without using global DNS. I would almost argue that you would want to do it outside of the global DNS, since I do not need to advertise this part of my infrastructure to the world. >Removing the LA ULA from DNS will not solve the ambiguity problem anyway, >nor does it mask the interaction with address selection rules. The problem >still exists at the IP layer, and any application that supports IPv6 address >literals (i.e. nearly all of them) would see the exact same behavior if >users were to type in an ambiguous ULA literal instead of a hostname that >resolved to that ULA. Should we also ban users from distributing LA ULAs >via smoke signals or avian carriers to keep from trying to use addresses >where they're not valid? You are probably right here. But I think the standards should try and do what it can to protect unknowing entities from unwanted behaviour. As you stated later, you can't stop people from doing things, even with a MUST NOT in the document, but I do not think this is a good argument for NOT tightening up a document where the IETF feels certain behaviour should be restricted or isolated to local use only. After following this thread for a bit, my outside opinion is that we should keep the global DNS as clean as possible, and allow internal organizations do what they need to without unknowingly mess up an innocent bystander who will not have any idea of whats going on or how to fix/work around problems. --rich -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
