Tony Hain wrote:
Brian E Carpenter wrote:
Markku Savela wrote:
...
Even if IPv6 is enabled, the system administrator WILL not
give global
addresses to the internal nodes anyways. If site locals are not
available, they invent something else for the purpose.
Access control
Markku Savela wrote:
...
Even if IPv6 is enabled, the system administrator WILL not give global
addresses to the internal nodes anyways. If site locals are not
available, they invent something else for the purpose.
Access control lists in routers were in use for this years before
RFC 1597.
Brian,
Brian E Carpenter wrote:
Access control lists in routers were in use for
this years before RFC 1597. Preventing unwanted
access has never been a valid argument for private
addresses and never will be.
I have to disagree with this. There are some legitimate cases of using
private
Brian E Carpenter wrote:
Markku Savela wrote:
...
Even if IPv6 is enabled, the system administrator WILL not
give global
addresses to the internal nodes anyways. If site locals are not
available, they invent something else for the purpose.
Access control lists in routers were in
Tony,
Tony Hain wrote:
[...]
the decision was
based on fear of NAT [...]
Local
address space is a filtering function, and exists with or without header
mangling. Filtering will exist in real network deployments, so having a
space set aside for that purpose does not change the
http://www.ietf.org/internet-drafts/draft-wasserman-ipv6-sl-impact-02.txt
In above document...
---
3.1 The Fundamental Issue
...
- The addresses are unreachable outside of their original
context.
...
---
Some may think the above is actually a benefit: all
Sorry, the subject should have been Draft IPv6 Minutes from the San
Francisco IETF. The minutes are OK.
Bob
At 01:05 PM 3/28/2003, Bob Hinden wrote:
Draft IPv6 working group minutes from the San Francisco IETF are attached.
Please review and send comments.
Thanks,
Bob
It is interesting that Erik pointed out there was not enough information
to make a decision due to lack of agreement about the requirements, yet
that was ignored and the decision was made to press on and call a
question that was not even on the agenda ...
From the minutes, the characterizations I
Eliot Lear wrote:
While RPF is useful and good, better is a
default-deny model.
Those are orthogonal concepts. Route filtering is about limiting the
ability to return traffic to a site, while RPF is about enforcing that a
site is sourcing traffic from a valid prefix. Both are required.
Tony
