[ppml] draft-ietf-ipv6-ula-central-02.txt use cases
sleibrand at internap.com
Wed Jun 27 20:05:58 EDT 2007
>> On Tue, 2007-06-26 at 23:48 -0500, Stephen Sprunk wrote:
>>> If we want to issue address space to folks for "private" use, it needs
>>> to be out of the same block(s) that the RIRs use to allocate space for
>>> "public" use, because sooner or later those "private" networks are going to end up being publicly routed.
>> But if we do this shouldn't we also take steps to prevent abuse
>> (hijacking etc) of those "private" blocks. History has shown that
>> unannounced PI-blocks that nobody is missing can be abused for a long
>> time before anybody cries foul. We may have made a hash of v4, but
>> shouldn't have to make the same mistake from the start with v6. Maybe
>> RIRs should announce "private" or otherwise "quarantined" blocks from a
>> special AS so that they can easily be identified and filtered ...
>> although they'd end up wasting space in the DFZ (whatever that is;).
shamilton at exactor.com wrote:
> I totally agree with Stephen and others than regardless of original
> intent 'private' PI routes will end up public, whether by intention down
> the road, by accident, or by hi-jacking. It strikes me that the way to
> address this is after the allocation process by means of routing
> authentication only - RADB and it's ilk now, certificates later maybe.
I believe this should be addressed as well, and the simplest way to take
steps to prevent abuse of private space is to allocate it all out of a
single block, and encourage operators to filter any announcements they
see out of that block ("deny FC00::/7"). There's no need for routing
authentication, certificates, special ASNs, etc.
If that's not good enough, then we need to just go ahead and adopt a
liberal PI policy for IPv6 and be done with it.
It seems to me that this debate is stuck between those who think any
sort of ULA-C or liberalized PI is going too far, and those who think
that ULA-C doesn't go far enough, and want liberalized PI instead. IMO,
ULA-C is the best middle ground we have, and if the folks who think it
doesn't go far enough aren't willing to support a step in that
direction, then we'll just have to sit where we're at until there's
enough demand for liberalized PI.
More information about the ARIN-PPML