Steve,
May I observe that the definition of a site in the "Scoped Address
Architecture" draft contains a loophole? The draft says that "A personal
residence may be treated as ... a part of a site (for example, when the
residence obtains Internet access via an employer's or school's site)."
This is in fact the classic definition of a "corporate" network, i.e.
all the systems that are hidden behind the corporate firewall(s). From a
networking point of view, there is not much difference between an
employee's home, a remote office, or even the laptop of a traveling
employee: once there are brought "behind the firewall" through some kind
of VPN tunnel, they effectively become part of the "site."
So far, I have found two important attributes of "IPv6 sites." The first
one is the address stability: site addresses are stable, even if the
site's external prefixes change; indeed, they are only subject to
renumbering if two sites are merging. The second one is the "border
police": site local packets are not supposed to leave the site, nor to
originate outside the site; this provides a very rough form of access
control, which may be adequate for some inexpensive devices or services.
(Yes, I know perfectly well that this is weak -- at least as weak as
firewalls.)
I believe that most practical network manager will equate a site with a
corporate network, with the practical exception of large corporations
that will probably have to split their network into multiple sites, e.g.
one site per campus. Or, to put it differently, the site will be a
subset of the corporate network that enjoys its own independent
connections to the Internet.
By the way, it is a bad idea to swallow an employee's home network into
a corporate site, as indicated in the addressing example. You definitely
don't want the employee's teen-age children to roam your network...
-- Christian Huitema
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
