On Tue, 29 Oct 2002, Richard Draves wrote: > > The latter is how I read it must be implemented -- and > > reading Microsoft's implementation and the reason they're > > using SL *strongly* suggests they > > also have read it that way. There are very probably many others. > > No, I think you're the only person reading it the latter way. > > My expectation is that routers will need to be configured to understand > site boundaries. A conservative position is that routers by default > should regard their interfaces as belonging to different sites, unless > they are configured to be in the same site. Or perhaps other aspects of > the router's configuration (eg the network prefixes assigned to > different interfaces, or the routing protocols in use) could be used to > default the site configuration.
I feared as much. Somehow I had hoped MS had learned the lesson. This practically seems to make site-locals totally useless due to non-existant security in current unamanaged networks, at the very least. Nobody can bind to site-local addresses unless he can be double sure the upstream routers actually are configured with the site boundary towards the global internet. (Without even getting into the application problems..) -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
