Date: Thu, 18 Jul 2002 13:16:08 +0200
From: Francis Dupont <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
| => address assignment is not the good way to manage an IPv6 network,
| address registration is simpler so better.
This depends what kind of net you're attempting to run, and how.
Inside my house, I might want to group various different pieces of
furniture on the LAN into related address groups. This allows me
to write firewall rules easily to grant similar access to all of the
chairs, without having to identify each one (they'll come from
different manufacturers, so the EUI won't help group them).
In this kind of environment I can be fairly confident that one of the
chairs isn't going to decide to simply configure itself a different
address to side-step my policies. So as long as all the furniture talks
to my server to have its address allocated, I can assign addresses that
match my policies, and have the firewalls simply apply the correct
policies as soon as the node becomes active.
Certainly, address registration can be useful as well - but that's not
a configuration function, it is a post configuration function, so
arguably belongs elsewhere. And also, certainly, not all nets require
all of this administrative baggage, and so it needs to be possible to
run a net with no DHCP servers at all. So, while as an interim measure
until we get something better, doing some of the missing "extra" config
using DHCP, and not providing any alternative that really works might
be acceptable, longer term, we need methods for all of this that works
(which means not well known addresses, of any kind) without requiring
anything like DHCP.
kre
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
