Hello,
A few quick comments on the draft. Sorry for so little content.
As a general note I'm a bit unsure which particular usage cases different
site-local approaches aim to solve.
Substantial:
The moderate use scenario limits their use to cases where site-local
addresses specifically configured by an administrator. Site-local
addresses will not be used if the source and destination hosts could
have used global addresses instead.
==> of course, this brings up the issue with intermittent Internet
connectivity and connections (possibly) breaking (depending on how those
addresses get revoked, I guess).
4.3.2 Firewalls
Firewalls are commonly used in IPv4 to create site boundaries and are
sometimes used to limit the scope of IPv4 addresses. This includes
filtering packets with private IPv4 source or destination addresses.
If IPv6 firewalls are used to connect the site to other sites
(including ISPs), then the firewall must install filters to drop
packets with site-local source and/or destination addresses to keep
them from entering or exiting the site.
==> this req seems be identical to router requirements.
Editorial:
The moderate use scenario limits their use to cases where site-local
addresses specifically configured by an administrator.
==> s/addresses/addresses are/
specific geographic location. In routing protocol terms this is
where there is an IGP/EGP boundary or between areas in an IGP like
OSPF.
==> s/this is/this is typically/
In order for hosts to autoconfigure site-local addresses router's
==> s/'//
local prefixes are being advertised on a subnet, this will
require a switch in the devices to only autoconfigure configure
site-local addresses. See section 4.1 for details.
==> s/ configure//
Site boarder routers must not forward any packets with site-local
==> s/boarder/border/
Site-local addresses should be routed inside the site just like any
other unicast addresses. They can be carried in any IPV6 routing
protocol with out any change. It is expected that an instance of an
IGP routing protocols will be run inside of a single site.
==> s/with out/without/
==> s/IPV6/IPv6/
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
