[ppml] [narten at us.ibm.com: PI addressing in IPv6 advances in ARIN]

Geoff Huston gih at apnic.net
Mon Apr 17 21:22:19 EDT 2006


>I personally think the middlebox approach is the easiest to deploy/
>least disruptive to end users/most familiar to ISPs technique to
>implement an end point identifier/routing locator split, but I'm
>cynical enough to be skeptical either approach will be taken...

And probably the highest potential risk, unfortunately.

 From the packet's perspective what's the difference between the helpful 
header rewriting that my middlebox performs and the evil rewriting that 
your middlebox performs? i.e. how can you tell the boundary of a site? How 
can you create a decent security association between the endpoints and the 
middlebox?

Every approach in this space leads one into having to make some very hard 
decisions!

regards,

    Geoff






More information about the ARIN-PPML mailing list