On Mar 4, 2011, at 6:03 PM, james woodyatt wrote: > On Mar 4, 2011, at 10:55 AM, RJ Atkinson wrote: >> >> As with audits of financial records, perfection is not required, >> but a certain confidence interval IS desired/required/needed. > > > It seems to me that proper accounting of which hosts are using what IPv6 > addresses is probably better achieved by enhancing routers with the > capability to journal their neighbor discovery cache insertions to a secure > repository for offline review. That combined with authorization logs from > EAPOL ought to provide sufficient confidence for most civilian audits. Am I > missing something? > > > --james woodyatt <j...@apple.com> > member of technical staff, core os networking > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > --------------------------------------------------------------------
Playing my favorite refrain regarding separation of functions and powers: James, you are missing the need for routers to tend to the business of routing. Placing the configuration and accounting and audit mechanisms elsewhere greatly benefits network performance and separates router software and configuration from the non-trivial end system management functions. If I were responsible for transporting IP packets, I would insist on distancing my self from attempts to complicate my life beyond trying to keep up with software updates from A, C, HP, J, HP and etc. while keeping the network running well. Tuning BGP should be enough. No mas! James R. Cutler james.cut...@consultant.com -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
