[arin-ppml] Draft Policy 2011-5: Shared Transition Space for IPv4 Address Extension - IAB comment
William Herrin
bill at herrin.us
Thu Jun 30 15:22:33 EDT 2011
On Thu, Jun 30, 2011 at 2:44 PM, Tony Hain <alh-ietf at tndh.net> wrote:
> William Herrin wrote:
>> V6's address selection algorithm uses the same
>> order-I-got-it-from-the-name-server approach that IPv4 uses and the
>> name server uses the same round-robining on AAAA records that it uses
>> for A records.
>
> That would be a broken implementation. The address selection rules
> specifically state 'longest match'. The only time DNS order comes into play
> is when you fall into the 'I don't care'/default policy table entry. 6to4
> and teredo have explicit policy table entries, so DNS is a secondary
> influence.
If you'll refer me to the RFC and paragraph where the order of entries
returned by getaddrinfo is defined, I'll be pleased to correct any
misunderstanding I have about how IPv6 applications select destination
addresses from the name.
>> 1. Win7 won't configure a 6to4 tunnel if it sees an RA with another
>> IPv6 address. Therefore even if Joel's problem were exactly as serious
>> as he claims, it is within every ISP's power to prevent it from
>> showing up by simply configuring an IPv6 pool alongside the 2011-5
>> IPv4 address pool.
>
> Absolutely, but most ISPs are not foresighted enough to get past the
> eye-candy of the 'easy out' in a NAT444.
> Unfortunately allocation policy does not dictate deployment practice.
And if Joel is right, any who lack that foresight will suffer the
support calls as a result. Do you presume that ISPs are idiots? So
long as there -is- a reasonable way to use the 2011-5 addresses, one
that doesn't require touching all the customers' machines, I fail to
see the problem.
> And those federal agencies were supposed to be working on IPv6 deployments
> more than 3 years ago ... ;0
Longer than that. It was a running joke when I worked at the Census
Bureau in 2005.
> They also have a much simpler situation because they can deploy isatap
> routers, and as soon as that name resolves and the prefix is acquired from
> the router it will be preferred before 6to4. This works fine as several
> non-fed (ostensibly for-profit) companies have been doing exactly that for
> years.
And the ISP using 2011-5 addresses can't deploy an isatap router?
Pardon me for saying so, but it sounds like you already have the
technical solutions an ISP needs to mitigate the objections that Joel
raised. Documenting them is surely a good reason for the IETF to
produce an RFC, but it doesn't effectively argue against implementing
2011-5.
Regards,
Bill Herrin
--
William D. Herrin ................ herrin at dirtside.com bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
More information about the ARIN-PPML
mailing list