Keith, >> Michel Py wrote: >> GUSL does not create PI globals. As its name implies, >> it creates globally unique site-locals, which would >> avoid NAT and/or renumbering when two sites connect.
> Keith Moore wrote: > I don't think we should use FEC0::/10 for these. Those > were intended as site-local addresses, and people have > ideas that these have security properties, that > applications should favor them, etc. Making SLs globally > unique and routing them between sites amounts to an > architectural change - but more importantly it conflicts > with assumptions that are already built into some > applications and into people's minds. Okay, you convinced me. GUSL is good for mergers, but if it is used for inter-site communications it's an architectural change. >> You are missing the point. If network administrators >> do not like restricted SLs, they will use 2002:0A00::/24 >> instead, a one-way ticket to NAT. > humbug. this is too fanciful to have any credibility. > why should network adminis pick an obscure prefix when > we are making much better and more obvious solutions > available? Because they want addresses that are not publicly routable, and nothing you can say will change this. Here's the dilemma: if the scope of GUPI is global, how could you guarantee that people won't pay their ISPs to leak the GUPI address in the defaultless routing table? The big difference is that with GUSL we would have extended the scope to friendly sites, not to global. The risk of GUSL ending up global PI could be managed. With GUPI, you are asking for a blank check. If GUPI addresses leak unaggregated in the global routing table, we have recreated the IPv4 swamp and possibly killed IPv6. How do you plan to manage this risk? Risk / benefit analysis: Solving problems with site-locals only is not a big enough carrot to take the risk of recreating the swamp. Make the carrot bigger. Michel. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
