Nathan Lutchansky <[EMAIL PROTECTED]> wrote:
|First, I can see a lot of advantages to having unique, non-routable site
|prefixes. One big advantage I can see is that VPNs can be created between
|arbitrary sites without worry of renumbering either site. If we can find
|a way to implement site IDs in a reasonable manner, it would be a big win
|for IPv6.
[...]
|Why not leverage the global DNS system to do this? DNS can be used to
|assign ownership and do duplicate detection, and can also solve the
|two-faced DNS problem. Here's how:
[...]
|VPNs between arbitrary companies could easily be created.
[...]
|The only possible unfortunate side effect that this may have is that, as
|Steve pointed out, some unscrupulous ISP may begin advertising site-local
|prefixes into the global routing tables.
Or, turning this into a positive, when the (supposed) routing problem is
solved and large routing tables can be accommodated, such advertising could
be allowed. This would make for a smooth transition away from non-portable
address space at some later time.
|This system is probably the most flexible and low-overhead of all those
|proposed in the last week, and requires relatively few changes in existing
|code. My apologies if this scheme has been proposed already, but I'm on a
|slow link and searching the archives is rather painful. -Nathan
I don't know if your specific scheme has been proposed but, with a little
tweaking to support automatic VPNs, it becomes essentially equivalent to
my proposal for identity addresses (addresses that you can actually own
without depending on the ISP not to pull the rug out from under you). I
think your proposal exposes a bit more of the implementation to the application
(or at least application-level resolver code), but I'd happily support it
anyway. Either approach sidesteps the large-routing-table issues by pushing
the initial lookups onto the DNS (a system which must be able to handle the
load if IPv6 is to work at all) and distributing the rest of the routing
decisions. I'm not sure that your approach would help with multi-homed sites
as much as mine would, but that's probably a small price to pay for keeping the
addresses in a form which could later simply be injected into the core routers
when/if that becomes supportable.
In the past there has been strong objection to allowing end users to own any
kind of global (provider-independent) unique address (or address-like object)
even if it is not directly routable. Perhaps now that 6to4 has let the genie
out of the bottle it will be more palatable to allow users not fortunate enough
to own any IPv4 space to play as well...
Dan Lanciani
[EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
