>
> bill;
>
> > to reiterate my concerns expressed at the mic yesterday,
>
> Thank you very much.
>
> > Ohta-san, would you be comfortable with 200,000,000 devices
> > being shipped with the IP address 131.112.32.188 (the address
> > of one of your organizations nameservers) being burned into
> > eeprom?
>
> I will be comfortable with 200,000,000 devices being shipped
> with the IP address 127.0.0.1 (an anycast address) being burned
> into eeprom, which was the point of my comment to you, yesterday.
so would i, but for perhaps distinctly divergent reasons. :)
> I'll be fine if 127.0.0.1 is replaced by some anycast address,
> as long as certain address range (say /24 in the C swamp or
> /16 in class B) of the address is not used by anyone.
and that can -NOT- be assured, hence the danger of
promoting the use of well known addresses.
>
> > disclaimers about restricting, by IETF fiat, well known addresses
> > to special IP ranges will -NOT- work in the real world.
>
> I'm not sure what you mean.
>
> Each well know addresses may have its own range to protect against
> route filtering and there is no requirement of mine that
> the addresses are restricted to special IP range.
one can not ensure all parties that do routing will respect
the IETF concerns regarding routing restrictions. A quick
look at the prohibitions of using RFC 1918 space in the
Internet adn the empirical evidence of thier leakage (AS112
project) are a powerful incentive to protocol designers
that operators take prohibitions as suggestions at best.
that said, all addresses are potentially "well-known".
> > If you are willing to commit your enterprise to absorb 0.1%
> > of the total packets generated by 200,000,000 devices, then
> > perhaps I will be persuaded that use of well-known addresses
> > is an operationally acceptable technique.
>
> 200,000 devices are not for usual enterprises (or universities)
> but for ISPs of medium scale.
missed an order of magnitude there. presuming a vendor
picks the "well-known" address that your enterprise uses
and burns it into eproms (e.g. the recent netgear episode)
and ships them -worldwide- then all those devices will
try and use your service - since it has your well known
address hard coded. UoW NTP IP service was burned into
a vendors hardware, saturating the incoming network links
to the university and the university network itself.
> But, I know an ISP, internal of which I know well, with >3,000,000
> subscribers is operating DNS servers for all the subscribers.
>
> So, what is the problem?
excessive traffic from non-customers.
> > Yes, I know we do it now and it reduces the level of effort
> > in getting new features deployed, but in -EVERY- case, the
> > use of well known addresses has caused problems.
>
> I think I have shown a solution on the problem on root server
> addresses with anycast addresses and AS numbers.
and there are significant long-term problems with that
approach, such as content coherence and route hijacking.
> If there are other cases, let me know so that I can try to use
> anycast approach for the problems.
>
> Masataka Ohta
--bill
#----------------------------------------------------------------------
# To unsubscribe, send a message to <[EMAIL PROTECTED]>.
