[ppml] draft-ietf-ipv6-ula-central-02.txt use cases
Scott Leibrand
sleibrand at internap.com
Wed Jun 27 20:05:58 EDT 2007
- Previous message: [ppml] draft-ietf-ipv6-ula-central-02.txt use cases
- Next message: [ppml] draft-ietf-ipv6-ula-central-02.txt use cases
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>> On Tue, 2007-06-26 at 23:48 -0500, Stephen Sprunk wrote: >> >>> If we want to issue address space to folks for "private" use, it needs >>> to be out of the same block(s) that the RIRs use to allocate space for >>> "public" use, because sooner or later those "private" networks are going to end up being publicly routed. >>> >> But if we do this shouldn't we also take steps to prevent abuse >> (hijacking etc) of those "private" blocks. History has shown that >> unannounced PI-blocks that nobody is missing can be abused for a long >> time before anybody cries foul. We may have made a hash of v4, but >> shouldn't have to make the same mistake from the start with v6. Maybe >> RIRs should announce "private" or otherwise "quarantined" blocks from a >> special AS so that they can easily be identified and filtered ... >> although they'd end up wasting space in the DFZ (whatever that is;). >> >> shamilton at exactor.com wrote: > I totally agree with Stephen and others than regardless of original > intent 'private' PI routes will end up public, whether by intention down > the road, by accident, or by hi-jacking. It strikes me that the way to > address this is after the allocation process by means of routing > authentication only - RADB and it's ilk now, certificates later maybe. > I believe this should be addressed as well, and the simplest way to take steps to prevent abuse of private space is to allocate it all out of a single block, and encourage operators to filter any announcements they see out of that block ("deny FC00::/7"). There's no need for routing authentication, certificates, special ASNs, etc. If that's not good enough, then we need to just go ahead and adopt a liberal PI policy for IPv6 and be done with it. It seems to me that this debate is stuck between those who think any sort of ULA-C or liberalized PI is going too far, and those who think that ULA-C doesn't go far enough, and want liberalized PI instead. IMO, ULA-C is the best middle ground we have, and if the folks who think it doesn't go far enough aren't willing to support a step in that direction, then we'll just have to sit where we're at until there's enough demand for liberalized PI. -Scott
- Previous message: [ppml] draft-ietf-ipv6-ula-central-02.txt use cases
- Next message: [ppml] draft-ietf-ipv6-ula-central-02.txt use cases
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the PPML mailing list