[75440] in North American Network Operators' Group
Re: IPV6 renumbering painless?
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri Nov 12 20:06:22 2004
Date: Fri, 12 Nov 2004 17:06:17 -0800
From: Owen DeLong <owen@delong.com>
Reply-To: Owen DeLong <owen@delong.com>
To: Daniel Roesen <dr@cluenet.de>, nanog@merit.edu
In-Reply-To: <20041112212611.GA12237@srv01.cluenet.de>
Errors-To: owner-nanog-outgoing@merit.edu
> OK, but this doesn't have any effect on your "Listen",
> "NameVirtualHost" and "<VirtualHost>" statements of your httpd.conf,
> "ListenAddress" in sshd.conf, "Bind" in proftpd.conf, "*-source" and
> "listen-on*" in named.conf, [...]
>
True. However, in all of the cases above except named.conf,
names are a perfectly valid substitute for the IP address.
> Not to forget all the IP address based ACLs.
>
I suspect that eventually, we will discover that ADDRESS-based
ACLs simply do not scale to a V6 world, and, you will see support
for other strategies, such as host-name based ACLs.
>
> Given that a server often has to know it's exact IP address very
> often (especially if it has multiple IP addresses associated with
> it's public interface), it's not a real relief compared to the other
> struggles you have when subnet changes.
>
In most of those instances, the server can get it's address from
a nameservice, and, only really needs to know the unique name
for the correct address.
Owen
