Andrew, > Andrew White wrote: > - If a stable global prefix is available, we strongly recommend > using that and not using site locals.
This ignores the fact that many people will use site-locals because addresses that are not publicly routable are a requirement, and this regardless of the fact they have a stable global prefix or not. Besides, stable global prefixes do not exist today for end-sites. Instead of making this recommendation, I think it would be better to make recommendations on how to use site-locals even if a global prefix is present. > - Site locals and global addresses can exist in parallel on > the same network, but this is likely to cause address selection > problems for applications. I don't like the wording of this. If, instead of "network", you used "VLAN" or "Ethernet segment" or "subnet", I would have agreed. However, this encompasses networks that have only site-locals or only global addresses on any given subnet, and such networks do not have any address selection issues, as each host has only one address. > Note: It might be possible to have site local traffic sent > over a tunnel (eg a VPN). In such a situation, the VPN should > be treated virtually as part of the site. Site local addresses > must not leak outside the tunnel. Agreed. > Though there are probably better ways to do this than using > site locals. This is a perfectly legitimate use. A tunnel is no different than any other link in terms of connecting two networks; this might simply be a matter of economics. If reliability of the link is not a concern, it costs less in many cases to use an encrypted tunnel over the public Internet than a private link such as frame-relay or PTP T1. Therefore, a site that uses site-local address and has two physical locations might use a tunnel to connect them. The tunnel endpoints would have globally routable addresses and the tunnel interfaces would have site-local addresses. Michel. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
