[ppml] IPv6 flawed?

Sun Sep 2 16:21:13 EDT 2007

On 2-sep-2007, at 6:37, Paul Vixie wrote:

>> - It never delivered initial promises, such as aggregation (the "8K
>> DFZ"). In their great wisdom, the IETF pushed the protocol out  
>> with the
>> promise that they will deliver the missing features (such as  
>> multihoming
>> and effortless renumbering) later.

> agreed.

IETF is still working... And it's not like adopting PI in the mean  
time helps.

>> Problem, nobody figured it out.

> disagreed.  see A6, DNAME, bitstring labels,

What's the deal here? This was removed very quickly from BIND.  
Wouldn't it have made more sense to keep it in there to allow further  
experimentation at least?

Although I can understand the problems with A6, it's a shame that the  
IETF abandoned efforts to make renumbering easier.

> and 8+8.

That's only half a solution, the way it was written down 10 years ago  
doesn't do anything useful. If you fix the problems, you end up with  
something like shim6.

>> - As it turned out down the road, the multiple-addresses-per-host are
>> too much of an administrative overhead.

> the thing i keep asking is, where was the per-address default route  
> for
> inbound, and where was the LCR hook for outbound?  without those,  
> simply
> adding multiple subnets to a LAN and hoping hosts would figure it out
> was just vaporware.  (note well: A6/DNAME/bitstrings didn't have  
> solutions
> to those problems, either.)

I think it was Itojun who told me that they looked at tying the  
default route to the source address but there were problems with  
that. No answers to my questions about what those problems are.

The implementers need to do something here.

> nothing's changed: ipv6 fails to solve the problems ipv4 had,
> and makes the problems ipv4 had even worse, but nevertheless it's  
> what we'll
> have to use while awaiting real innovation, to come, presumably or  
> hopefully,
> some time later.

The problem isn't that we don't know how to fix the problems: we do,  
and often the protocols exist. It's living with the tradeoffs that we  
as a community have a problem with. We want small routing tables, but  
we also want PI. We want stable addresses for applications so the  
network must figure out reachability, but we also want to connect to  
a remote host without delay. We want security and encryption, but not  
a PKI.

IPv6 has some innovation on the link, such as autoconfiguration,  
which many people don't like, by the way, but other than that, it's  
just IP that we know and love with larger addresses. So it has all  
the downsides of IPv4, only now we get to build a bigger network so  
the downsides are all the more troublesome.

> note: i'm not speaking as an arin trustee here.

Really?  :-)