Hi John,
Please find comments inline
Cheers
Suresh
John Spence wrote:
My reading of the current and proposed specs are that privacy addresses
may be generated in addition to autoconfigured addresses (of scope
greater than link-local). Is there any provision for having **only**
privacy addresses, and no autoconfigured addresses? This would make it
more difficult (in a good way) to find interfaces using inbound
connections, such as scanning. In my reading of
[http://www.ietf.org/internet-drafts/draft-ietf-ipv6-privacy-addrs-v2-04.txt],
section 3, bullet 2 begins “Create additional addresses …”. Perhaps
there is another reference, but that implies that privacy addresses can
only complement public autoconfigured addresses, not take the place of them.
The term additional is used to refer to addresses which are not
link-local. This term is introduced n the second paragraph of section 1,
where we see the following text.
"All nodes combine interface identifiers (whether derived from an IEEE
identifier or generated through some other technique) with the
reserved link-local prefix to generate link-local addresses for their
attached interfaces. Additional addresses can then be created by
combining prefixes advertised in Router Advertisements via Neighbor
Discovery [DISCOVERY] with the interface identifier."
If you feel further clarification is required, please let me know. I am
in the middle of doing a new revision.
I’m sure there would be side-effects (like how could an administrator
invalidate a privacy address early by removing or changing the prefix
being sent by the router if autoconfiguration is not in use).
Autoconfiguration IS still IN USE even with privacy addresses. The
prefix can be invalidated just as well with privacy addresses as with
non-privacy addresses. I do not see any issues in this regard. In short
privacy addresses just extend stateless autoconf, and hence will retain
all the properties of a stateless autoconf address.
So, my question then is “Do the current or proposed specs allow me to
have an interface with a link-local address and a privacy address only,
no static and no autoconfigured”?
Yes.
**John Spence****, **Command Information (HQ: Herndon VA)
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
------------------------------------------------------------------------
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------