Hi all, I must say that I have not been keeping up with all of the discussions, so if I repeat something that has been discussed already & solved / debunked, I apologize.
> However, I don't see that it offers any special security benefits > over putting the control devices on a separate subnet of the global > prefix and filtering that subnet in router A and the left-most > firewall. I understand the concept that Site Locals don't really provide additional security, but there seems to still be some possible advantages with respect to privacy & management that site locals bring. For example, may service providers do wish to provide some sort of 'network-hiding' - meaning that they would like to limit the visibility of their network architecture to the outside world. There is a belief that site-locals could help with this. Additionally, some types of signaling may be completely constrained to a specific site - for example some sort of control plane signaling for radio access networks. Some providers have suggested that site locals could be interesting here. Now, I understand that using site-locals for such a mechanism may bring additional burdens, so going forward with a document listing benefits and drawbacks of site locals is the way forward in my opinion. thanks, John -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
