Michael Thomas wrote:
...
The thing I don't understand is whether the
address aggregation problem introduced by a
new class of globally unique addresses is
really any worse than the existing problems
with route aggregation, and specifically about
mobility and
Robert Elz wrote:
...
If anything, the risk is less with SL addresses, as they can
be clearly
labelled for local use only, lowering the chances that
people will ever
decide they would like to interpret them as global addresses
(all of these
things are just numbers, so perceptions, and
Brian E Carpenter wrote:
...
I don't. What part of my postings makes you think so? Tony and I are
proposing schemes that are aggregatable and that are not tied to a
provider.
For the record, you've yet to persuade me that these schemes are
aggregatable in the real world of competitive
The problem is that the local ISP has every motivation to take the money
with no substantial costs, because those appear at the aggregating
transit providers upstream. While it sounds nice to say we will
legislate against that, reality is that it will happen, so the only
reasonable defense
In your previous mail you wrote:
On Wed, 22 May 2002, Pekka Savola and Hesham Soliman (ERA) wrote:
...
Actually, as a side
node, I think 2462 should be deprecated and replaced by
3041please don't shoot!
Where did I put my M16. ;-)
In the meantime, you
In your previous mail you wrote:
In draft-dupont-ipv6-rfc3041harmful-00.txt titled RFC 3041 considered
harmful Francis argues that rfc 3041 gives no privacy benefit whilst
increasing complexity and making DDoS attacks easier.
= yes, I maintain my argument (but if you can improve
I've been staring at this for three days, and I think the
answer (in the current state of the BGP art) is yes, or
at least the risk that it is yes is unacceptably high.
Just stuffing some probably-unique bits into a SL is not
going to generate aggregatable addresses; it's going to
generate
Keith Moore writes:
I've been staring at this for three days, and I think the
answer (in the current state of the BGP art) is yes, or
at least the risk that it is yes is unacceptably high.
Just stuffing some probably-unique bits into a SL is not
going to generate aggregatable
my opinion is that the space in an ISP's routing tables
and the cpu time of their routers belongs to the ISP and
the ISP can (and will) do whatever it wishes with it, as
long as they keep their agreements. the fact that these
are limited resources will quite naturally result in
Keith Moore writes:
Define public. Given the peerwise distribution
of routes, isn't the distinction of public
rather arbitrary? If I convince my provider to
route my site local prefix across their backbone
(but not leaked outside their AS's), is that a
Keith Moore writes:
Define public. Given the peerwise distribution
of routes, isn't the distinction of public
rather arbitrary? If I convince my provider to
route my site local prefix across their backbone
(but not leaked outside their AS's), is that a
Even if the adversary somehow knows there is only one machine per
subnet, I think RFC 3041 still enhances privacy.
First, it hides the manufacturer of your network card.
Second, it prevents the adversary from tracking usage of the network
card across multiple subnets. This is important for
Keith Moore wrote:
...
I'd be happy to see a scalable alternative to provider-based
addressing,
but that's not a good argument against SLs with site-ids.
I was not arguing against SLs with site-ids, just that we should not try
in any way to lead people down the path where those site-ids are
...
I'd be happy to see a scalable alternative to provider-based
addressing,
but that's not a good argument against SLs with site-ids.
I was not arguing against SLs with site-ids, just that we should not try
in any way to lead people down the path where those site-ids are
perceived
Keith Moore wrote:
...
I was not arguing against SLs with site-ids, just that we
should not try
in any way to lead people down the path where those site-ids are
perceived to be globally unique.
I disagree in the strongest possible terms.
It's absolutely insane to expect applications
On Thursday, June 27, 2002, at 11:03 AM, Richard Draves wrote:
Even if the adversary somehow knows there is only one machine per
subnet, I think RFC 3041 still enhances privacy.
First, it hides the manufacturer of your network card.
Second, it prevents the adversary from tracking usage of
Title: Site Locals and the DFZ
There has recently been a very large discussion about site locals in the thread, Re: Fwd: IPv6 Scoped Addresses and Routing Protocols. Paul Francis' draft and this discussion has made me wonder if there might be a use for an aggregatable concept of site locals
Well any app that is generating 'spam' should be restrained
You missed the point of what I was saying. Within the context of a
private network of one or more sites, there should be no ambiguity
because the local manager is in control of the proposed site-id bits.
no, because there is
Keith,
Keith Moore wrote:
if you have enough bits for the site-id you can make the probability
of a conflict approach zero *provided* the site bits are randomly
chosen. but the easiest way to avoid conflicts is to make the
site-id globally unique, and there's no good reason to not do so.
Who delegates the globally-unique site-ids?
presumably ICANN or their designees.
If the site-ids are
globally unique, how are they any different from global addresses?
they have a different prefix so they can easily be distingiushed
from public addreses.
Keith Moore wrote:
...
(in other words, it's not reasonable to assume that a private network
is well-bounded
Like it or not, routing protocols actually do require that the
boundaries of a network be well defined.
or that it doesn't interconnect with other networks
that do connect to the
Keith Moore wrote:
...
(in other words, it's not reasonable to assume that a private network
is well-bounded
Like it or not, routing protocols actually do require that the
boundaries of a network be well defined.
but not all routers share the same view.
and in general applications
Keith Moore wrote:
Who delegates the globally-unique site-ids?
presumably ICANN or their designees.
This introduces a management headache. The address registries already
are struggling with managing the global address space. Adding another
registry will not be beneficial.
If the
At 03:33 PM 6/27/2002 -0400, Brian Haberman wrote:
Keith,
Keith Moore wrote:
if you have enough bits for the site-id you can make the probability
of a conflict approach zero *provided* the site bits are randomly
chosen. but the easiest way to avoid conflicts is to make the
site-id
Exactly. Perhaps I'm over-abstracting...but it seems to me
like a globally-unique site-id is just another form of a global
address.
of course it's a global address. but that doesn't mean it's globally
routable.
I think there are lots of reasons not to make these site-ids globally
I think there are lots of reasons not to make these site-ids globally
unique, if we choose to adopt them.
name one.
The cost of administration of the global database.
there doesn't need to be a global database. try again.
Tony Hain wrote:
I was not arguing against SLs with site-ids, just that we should
not try in any way to lead people down the path where those
site-ids are perceived to be globally unique.
As long as the site-id is a locally administered value, a network
administrator can use them privately
Keith Moore wrote:
I think there are lots of reasons not to make these site-ids globally
unique, if we choose to adopt them.
name one.
The cost of administration of the global database.
there doesn't need to be a global database. try again.
If there isn't a global
Keith Moore wrote:
...
of course it's a global address. but that doesn't mean it's globally
routable.
You have just argued yourself into a corner. If the address the app
chooses is not globally routable, how does it connect? Why would it have
chosen SL over the PA prefix to begin with?
Tony,
Tony Hain wrote:
Keith Moore wrote:
...
of course it's a global address. but that doesn't mean it's globally
routable.
You have just argued yourself into a corner. If the address the app
chooses is not globally routable, how does it connect? Why would it have
chosen SL over
Brian,
And if you want to use AS numbers, just remember that a 64 bit
AS number will not fit inside 37 bits.
I don't think this is a good argument. Today, the AS number is 16 bits.
Tomorrow, it will be 32, which is 4 Billion AS numbers. 37 bits would be
128 Billion AS numbers, probably more
Title: Site Locals and the DFZ
Glenn Morrow wrote:
Another question would be is the DFZ
a site?
No, it is not; and I dont think it
will ever be. If there is a place where you would find disparate routing policies,
that is the DFZ.
Michel.
�
Oops. My mistake.
Brian
Michel Py wrote:
Brian,
And if you want to use AS numbers, just remember that a 64 bit
AS number will not fit inside 37 bits.
I don't think this is a good argument. Today, the AS number is 16 bits.
Tomorrow, it will be 32, which is 4 Billion AS numbers. 37
...
of course it's a global address. but that doesn't mean it's globally
routable.
You have just argued yourself into a corner.
no I haven't. the addresses are for private interconnection agreements,
not for global routing.
Keith
...
As I said, all they have to do is coordinate the space.
this is more difficult than you make it sound. private networks
have found it difficult to coordinate IPv4 private address space,
or even to coordinate the NAT mappings between their addresses
spaces. and there's no
Keith Moore wrote:
...
but if the normal way
you get a site local is to buy a router, why would anybody need
more site local prefixes than routers?
Because routers have interfaces in multiple sites.
...
If you are arguing that a multiparty app with
multiple participants on both sides
kre,
Tony and I are proposing schemes that are aggregatable and
that are not tied to a provider.
kre wrote:
Both those schemes are geographic based addresses - these aggregate
if and only if one assumes that areas that are geographically close
are also topologically close.
This is
Brian E Carpenter wrote:
For the record, you've yet to persuade me that these schemes are
aggregatable in the real world of competitive ISPs.
Tony Hain wrote:
I understand the concern, but it comes down to a matter of
cost/benefit tradeoff. If a geo scheme turns out to be cheaper to
Keith Moore wrote:
...
but if the normal way
you get a site local is to buy a router, why would anybody need
more site local prefixes than routers?
Because routers have interfaces in multiple sites.
seems like a stretch for those 'sites' to not have routers themselves
and thus, their
Hi,
.
Aren't we suppose to have sufficient IP address so that each can have
globally unique address? If that is the case, can't each user get his/her
own IP address without bothering about renumbering in the service provider?
Why are we trying to constrain the end user, to solve the routing
Hi Alain,
There has been a very long discussion on the fate of Site Local addresses
in the wg. There are still two opposite views of what to do about them:
Most of that discussion focused on whether or not to remove site-local
addresses from the architecture, not on this draft. And, we have
41 matches
Mail list logo
