Robert Elz writes:
> At MU, we have undergrad student labs, that we basically filter from
> the world - they have no end to end connectivity at all. And that has
> nothing at all to do with NAT (of which we have none at all) nor with
> 1918 addressing (of which we also have none at all). Nor will it have
> anything at all to do with site local addresses.
Robert,
Color me clueless, but why can't you give them a
global prefix, but just not advertise their route
past the administrative boundary you choose (eg,
the lab)? Why is an IETF sanctioned "don't route
this prefix beyond where you should route it --
which, by the way, you decide where ``beyond'' is"
better than just blackholing the actual prefixes
you want to contain?
To my mind that seems easier in some sense because
it's reactive: ie globally number first, determine
who the l00zers are later -- a capability you
probably need to have anyway. I guess I don't see
what being proactive with special addresses really
buys since it's _your_ definition of site -- and
its containment thereof that's important. Indeed,
site-locals don't really seem to buy much on the
manageability front since you still need to decide
who gets them and why, and where the boundaries of
the site are.
And of course, if you ever decide to change your
policy (or part of your policy), you don't need to
renumber with global prefixes (eg, you want to
allow part of your lab to be global visible so
they can show the world their new cold fusion
results).
Mike
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
