Thank you Joe. That is where my thoughts went with all of it and its nice to see it written out line by line.
There is just one point that needs to be considered as well, and that is what next? While I believe ULA-Central should be used for private VPNs or internal infrastructure, I also ask everyone to consider the following: 1. Either designate space FC00::/8 as ULA-central and finish the documentation and processes needed (which their is a draft in front of IETF right now). 2. Or release space FC00::/8 for another type of use (becuase sitting on the shelf is wasteful) 3. Or maybe double the size of statistically unique ULA. Ok. Those are my thoughts. Fire at will. Marla Azinger Frontier Communications -----Original Message----- From: Joe Abley [mailto:[EMAIL PROTECTED] Sent: Monday, July 09, 2007 7:25 PM To: IPv6 WG Subject: Why ULA-* will not harm the DFZ The risk to the DFZ of leaking ULA-* {routes, packets, whatever} keeps coming up on this list. I thought I'd try to address just that problem in isolation, just to see whether I'm hearing things right. Please attack the following. 1. With PI address space there is an expectation of global utility (or, reachability across the DFZ, or however you want to describe "useful on the Internet"). I said expectation, not guarantee. 2. With ULA-* address space there would be no expectation of global utility. In fact, there would be an expectation that the addresses are for local use only (for some definition of "local"). 3. There is doubt that any ULA-* address space would be kept properly local in all cases. In fact, there is an expectation that {routes, packets, something} would leak. 4. If some leaks are tolerated, then maybe, eventually, all leaks will be tolerated. Let's assume that will happen, just to see where it takes us. 5. If everybody has non-PA addresses (be they PI or ULA-*) and they are all leaked to the Internet, then the DFZ will suffer state explosion. 6. If operators can distinguish between should-be-local addresses (ULA-*) and allowed-to-be-global addresses (PI) in ASICs then operators can filter in order to head off the cataclysm looming in (5). 7. Since people were told up-front that their ULA-* addresses were no good for use on the Internet, step (6) shouldn't cause anybody to lock and load their lawyers. (6) and (7) above ring true for ULA-* but not for PI-for-all. So, ULA- * would not harm the DFZ in the way that PI-for-all might harm the DFZ. Joe -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------