> i have never said we should terminate existing connections. i suggested > we should refuse new incoming connections (TCP SYN).
I suspect that is problematic. An example renumbering scenario: Address A is assigned to the host. It is in the DNS with ttl=1 week. Now address B is also assigned to the host. It starts to get advertised in the DNS with ttl=1 week. Shortly after this address A is removed from the DNS RRset for the host and A is marked as deprecated. At this point in time new outgoing connections will use B as the source and such connections can stay up for more than 1 week. But incoming connections might use a destination address of A since the TTL on the RRset which contained A has not yet expired. Then after 1 week the address A can be made invalid on the host. --- If you want to refuse SYNs to a deprecated destination then you need a longer renumbering period: first wait for 1 week until the DNS TTL expires on the original RRset, then mark A deprecated and wait for enough time to allow existing connections to terminate. Erik -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
