Michael Thomas wrote: > Keith Moore writes: > > > What I want to know is why the concept "local" in > > > the absense of enforceability (cf strong auth) > > > isn't a thoroughly bogus concept. > > > > for the purpose of security, in any network of significant > size, > it certainly is. > > > if site-locals are useful at all it is not because of security. > > Well then, I guess I'm at a loss about why people would > want to use site-locals for local services. If it's not > for the possibility of access control, then what else > is it? > Access control is one aspect of what SL provides. It is a clear address space that service providers can put in bogon filters, and enterprise managers can filter without having to go into detail about which specific devices on a subnet are allowed in or not. It does not comprise a full service security solution, and should not be sold as such. It is simply a way to clearly articulate the difference between public and private endpoints.
What some on the list are having a hard time with is the concept that it can be challenging to explicitly list every device that is not allowed access from the public Internet when networks get to be large. This problem gets even more complex when the nodes start moving around. For the network manager, having a clean filter for FEC0/16 allows random internal use addressing without concern that those systems will be visible from the public side. One might argue that for router requirements, there should be a MUST NOT propegate the SL prefix into BGP. At a very minimum this should cause an 'are you sure' message. Tony -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
