[ppml] I-D ACTION:draft-ietf-ipv6-ula-central-02.txt

Kevin Kargel kkargel at polartel.com
Fri Jun 29 10:08:26 EDT 2007


 So is what you are really saying is that the addresses "may" wind up in
the DFZ and you do want them to be able to transit the DFZ?

otherwise anywhere your ULA packets live the processing entity should
also be able to reach the ULA-DNS .. 

what I am hearing is that you feel if it is technically possible to
route ULA across the DFZ then we should not limit that capability..
leave it up to the user..  

I'm still confused..   


> -----Original Message-----
> From: Mark_Andrews at isc.org [mailto:Mark_Andrews at isc.org] 
> Sent: Thursday, June 28, 2007 10:33 PM
> To: Kevin Kargel
> Cc: ipv6 at ietf.org
> Subject: Re: I-D ACTION:draft-ietf-ipv6-ula-central-02.txt 
> 
> 
> > I am afraid I am slow..  I still don't get the need to publicly 
> > advertise DNS for ULA(-x) .. if your neighbor cannot route 
> to your ULA 
> > he doesn't need to know what it's names are..  if you do 
> allow him to 
> > enter your network via VPN or whatever there is either a dhcp-like 
> > process by which he is granted an address which will also 
> give him a 
> > name server to use, or when he says "Hey, Can I have access to your 
> > network" you can say "Sure, here are your credentials and my DNS 
> > server is..."=20
> 
> 	Well firstly these address will appear outside of IPv6 packets
> 	in environments where they will be automatically processed along
> 	with every other IPv6 address that is being processed.  The
> 	place that it processing the addresses may or may not be able
> 	to reach the ULA-C servers for the reverse lookup.
> 
> 	It really should be up to the *user* of the ULA-C addresses
> 	to decide if they want to provide more than NXDOMAIN to
> 	interested parties on the Internet.  We shouldn't be
> 	arbitarially limiting functionality if it is technically
> 	possible to provide that functionality.
> 
> > Then of course because you can populate your DNS server 
> with whatever 
> > zones you want when your neighbor queries your name server it will 
> > tell him what he wants to know.
> > 
> > Aren't your DNS servers going to provide different views 
> for clients 
> > coming from PI or PA than they do for clients coming from 
> ULAx anyway?
> > or is your network going to be a completely glass house?   Typically
> > "local" clients get more access and information than 
> non-local clients.
> 
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org
> 



More information about the ARIN-PPML mailing list