Hi Christian,
I am not stuck on the idea that GUPIs need to be globally routable.
At this point, my problem statement only has two real requirements,
both based on the valid reasons that people have given for using
site-local addresses on non-isolated networks:
- ISP Independence: No need to renumber when you change
ISPs or an ISP renumbers. Have addresses you can
use on intermittently connected networks.
- Easy Access Control/Privacy: Suitable for use in home
and small office settings and enterprise settings
to protect local nodes and services.
A non-globally-routable form of GUPI will be much better than site-locals
to address the first problem (although they should be routable between
enterprises, etc.). I'm not sure about overloading the current site-local
space for this purpose, though.
I am still in favor of some sort of allocation/registration, however, as
I think it is valuable to be able to determine who an address belongs to
(when it gets leaked, or when doing remote network management, etc.).
Steve Bellovin's proposal may give us a way to solve the second problem
(with or without the presence of GUPI addresses).
Are there other reasons why folks would choose to use site-local addresses
on non-isolated networks? If so, I think that we should also seek
architecturally sound ways to address those problems.
Margaret
At 08:26 AM 11/26/2002 -0800, Christian Huitema wrote:
> - Some companies may pay their ISPs to globally route their
> GUPI addresses. I know that some people don't
> want this to be possible, but I'm not sure why.
> I agree that we should only advise this if we can
> come up with an aggregable method for allocating
> GUPI addresses.
Margaret,
You should check the evolution of the size of the DFZ tables, for
example at http://bgp.potaroo.net/. From my neck of the woods, I
perceive a consensus on two points: that rapid growth of the number of
globally routed prefixes is not a good thing; and that the major cause
of growth is "site multi-homing", which translates exactly into "some
companies may pay their ISPs to globally route their (global)
addresses". (Attempts at traffic engineering through clever use of
routing tables is probably the other cause of table growth.)
The whole point of placing restrictions on the routability of the GUPI
is precisely to thwart attempts to pay your way into the routing table:
whatever the amount of money on the table, the ISP cannot say yes since
it cannot guarantee that other ISPs will route the GUPI.
-- Christian Huitema
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
