[75337] in North American Network Operators' Group
Re: Important IPv6 Policy Issue -- Your Input Requested
daemon@ATHENA.MIT.EDU (Leo Bicknell)
Thu Nov 11 15:04:47 2004
Date: Thu, 11 Nov 2004 15:01:36 -0500
From: Leo Bicknell <bicknell@ufp.org>
To: nanog@merit.edu
Mail-Followup-To: nanog@merit.edu
In-Reply-To: <20041111191615.C0CA4582AC@segue.merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
--45Z9DzgjV8m4Oswq
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
In a message written on Thu, Nov 11, 2004 at 11:16:04AM -0800, Tony Hain wr=
ote:
> The existence of the address space does not require nat. Being stuck in t=
he
> mindset where there is only one address on an interface leads people to
> believe that nat is an automatic result local addresses. Assigning a local
> prefix for local purposes (like a printer or lightswitch) at the same time
> as a global prefix for those things that need to reach the Internet does =
not
> require nat.
It's not clear to me that having multiple addresses on every machine
makes anything simpler or easier.
In particular, if I'm multi-homed to two networks, the "IPv6 way"
seems to have each box have an IP address on each network. Which
means each box gets to decide which address to use for outgoing
connections. For those of us used to managing this on the central
router(s) or nat box(es) that's a rather strange idea. If you want
to continue to have central control to balance your traffic then
we need an entirely new method to communicate with the end hosts
(or maybe even individual applications on the end host) to indicate
which network is "preferred".
Having to double the size of every ACL in your network (once for
the local address, once for the "public" address) does not seem
simpler. It also seems dangerous, since almost all devices have a
limit to ACL size. As if larger addresses wasn't already enough
penality on those boxes now we have to list each machine twice.
Finally, and perhaps most importantly, the notion that there will
be no PI space, is well, laughable. The notion that everyone, no
matter how big or how small will add and remove IP Addresses from
every device on their network every time they connect or disconnect
=66rom an ISP does not sound like a step forward from either public
PI space, or from using 1918 space and NAT.
--=20
Leo Bicknell - bicknell@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org
--45Z9DzgjV8m4Oswq
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFBk8UgNh6mMG5yMTYRAkaAAKCIb+ZQM/7Cx93DZeZLb0biCJ03aQCfTadI
BoscG0Sun9ZoZ0aH1hSEBW4=
=ptuk
-----END PGP SIGNATURE-----
--45Z9DzgjV8m4Oswq--
