[ppml] article about IPv6 vs firewalls vs NAT in arstechnica (seen on slashdot)

Fri May 11 04:37:36 EDT 2007

Even if not globally routed, you may want to avoid a possible clash with
another organization, for example in case of a merge.

ULA-central is NOT intended to be uses as IPv6 PI.

IPv6 PI is available already in ARIN, APNIC and AfriNIC. Ongoing policy
proposals in both RIPE NCC and LACNIC.

Regards,
Jordi

(I'm the the one that submitted the ULA-central policy proposal to all the
regions, ARIN coming next)

> De: "william(at)elan.net" <william at elan.net>
> Responder a: <ppml-bounces at arin.net>
> Fecha: Fri, 11 May 2007 00:03:08 -0700 (PDT)
> Para: Tony Hain <alh-ietf at tndh.net>
> CC: <vixie at vix.com>, <ppml at arin.net>, "address-policy-wg at ripe.net"
> <address-policy-wg at ripe.net>
> Asunto: Re: [ppml] article about IPv6 vs firewalls vs NAT in arstechnica (seen
> on slashdot)
> 
> 
> I don't understand your point about why ULA need to be registered if
> its not going to be globally routed. Also PI is not the same as ULA -
> PI do come from RIRs and in IPv6 there was no way to get PI (except
> in a few special cases) until recent ARIN's micro-allocation policy.
> 
> On Fri, 11 May 2007, Tony Hain wrote:
> 
>> I agree that this will help inform the debate, and while Iljitsch did a good
>> job of outlining the issue, he left out a significant point:::
>> People explicitly chose to be in the state of "as there is currently no
>> obvious way to make services only available locally" by insisting that the
>> local-scope addressing range have a global-scope as far as application
>> developers were concerned. Now the application developers are complaining
>> about the consequences of their choice, because the alternative to 'no
>> routing path for an attack' is to insert a device that has to make policy
>> decisions with limited information.
>> 
>> The current ULA-central discussions will be directly involved in this issue.
>> It is critical that all of the RIR's have policies establishing a mechanism
>> for registering ULA-central prefixes & PI. For those who don't recall, the
>> reason ULA-central was tabled was that it was seen as a potential end-run to
>> acquire PI space in the absence of appropriate policy to do so out of a
>> range recognized for global routing.
>> 
>> The need for keeping some things local while others are global is real, and
>> the lack of appropriate mechanisms to accomplish that through the routing
>> system that is designed to deal with path selection leads to entire
>> industries for fragile work-arounds along with their increased complexity.
>> 
>> Tony
>> 
>> 
>>> -----Original Message-----
>>> From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net] On Behalf Of
>>> vixie at vix.com
>>> Sent: Thursday, May 10, 2007 9:59 PM
>>> To: ppml at arin.net
>>> Subject: [ppml] article about IPv6 vs firewalls vs NAT in arstechnica
>>> (seen on slashdot)
>>> 
>>> i think that this article will help inform the debate around the ipv6
>>> transition:
>>> 
>>> http://arstechnica.com/articles/paedia/ipv6-firewall-mixed-blessing.ars
>>> _______________________________________________
>>> This message sent to you through the ARIN Public Policy Mailing List
>>> (PPML at arin.net).
>>> Manage your mailing list subscription at:
>>> http://lists.arin.net/mailman/listinfo/ppml
>> 
>> _______________________________________________
>> This message sent to you through the ARIN Public Policy Mailing List
>> (PPML at arin.net).
>> Manage your mailing list subscription at:
>> http://lists.arin.net/mailman/listinfo/ppml
> _______________________________________________
> This message sent to you through the ARIN Public Policy Mailing List
> (PPML at arin.net).
> Manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/ppml

**********************************************
The IPv6 Portal: http://www.ipv6tf.org

Bye 6Bone. Hi, IPv6 !
http://www.ipv6day.org

This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.