On Mar 23, 2009, at 9:31 AM, Ted Hardie wrote:
Imagine for a moment that an organization has gotten PI space from
an RIR. It has a choice now to find upstreams who will announce
that prefix to the global routing table. This proposal appears to
allow it to also insert some 1:1 mapping box at a network border,
and to change from that PI space to PA space.
That is certainly an option, and please don't understand me to be
arguing against it in a legislative sense. That said, if one has PI
and chooses to run PA, one wonders about the real need for PI
addressing - I would expect that the network might release its PI
prefix. If one isn't willing to release the PI space, then I really do
wonder about the NAT usage. It will technically work, I just think the
policy questions get really muddy.
At the end of the day, I think that there is a place for PI - with a
handwaving gesture, it ca be argued that anyone that can justify an AS
number and in fact has multiple upstreams is probably well-served by
PI. That said, the line of reasoning that takes the RIRs into PI space
ultimately results in the same kind of swamp we have in the IPv4 route
table. If "insanity" is defined as "applying the same algorithms to
the same data and expecting a different result", those who complain
about the IPv4 route table and request PI space are insane. I think
providing a way to reach address independence that doesn't use PI and
looks to the ISPs like PA has a material benefit. So I would expect
O(10^4) PI networks world-wide, and the vast majority using a
different model, such as this one.
I would be surprised to see a link-local address in that context, as
IPv6 systems aren't supposed to use them unless the address of the
peer is also link-local.
Frankly, this whole effort challenges the notion I had of IPv6 scopes
enough that I am still not sure I understand it well. If the box
doing
this has an interface on the link, I am not sure why it cannot do this
translation using link-local addresses. I can picture a wireless box
designed to do this, for example.
"Cannot" and "is not supposed to" are two different things. The
definition of link-local has elements of locality on a link, which I
think bear consideration.
Is that a good idea? No, as it further confuses the host stack
about whether
scopes have a real meaning they need to know and care about, but I
don't think I yet understand how that scenario is logically distinct
from these proposals.
True, and at one point in the past few months I myself have wondered
whether unsubnetted SOHO and residential networks would be just as
happy with link-local. But I think that it is better to use a ULA if
one is looking for a local address as that is what it is designed for.
_______________________________________________
nat66 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nat66
