Take the case of a 20,000 node network where half are allowed global access and half are not. It is much more complex to sort through a 10,000 node list per packet for access filtering than it would be to have two entries, SL deny & PA allow. Yes the list of which 10,000 nodes are allowed the global prefix has to be maintained, but it can be applied according to allocation policy rather than per packet processing.
How are you planning to configure and organize these 20,000 nodes?
If the private nodes are randomly distributed around the network, I certainly think that I'd rather configure an access list with 10,000 addresses and run autoconfiguration, then configure an access list with one prefix and have to support DHCP or manual configuration for all 20,000 nodes, but YMMV. If the private nodes are organized into private and public subnets, so that you could use autoconfiguration with site-local addresses on some networks and global addresses on others, then why would you need site-locals for that? You could just advertise two different global prefixes, and filter one of them... Margaret -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
