I have a comment on the Zill draft as well as the Bellovin draft. The Zill draft lacks instructions for the host on what it should *do* with the information it receives. The Bellovin draft, however, describes this in its Section 2.3. I'm fine with that description. However, I worry about one paragraph:
In their default configuration, devices MUST NOT accept packets from any non-link-local prefixes until they have received suitable advertisements. However, there MAY be a configuration option to permit acceptance of packets with the current link's prefix.
If this text is to be taken literally, it would imply that a host that supports this extension could never communicate outside the link if the router doesn't support the same extension. I'm assuming this only applies *if* the use of the advertisements has been configured on?
And then I have some higher-level questions. Steven says himself in the draft that its an open question whether such an extension should exist. I have a few related questions. One question is why this would have to be done by the nodes, wouldn't it be simpler to do this in the routers (acting also as firewalls)? Note that to use the extension, you'd have to configure the routers anyway. In this case the argument about the hardness of filter configuration on a toaster isn't very good.
Secondly, I know you Steven have worked on distributed firewalls. Do you think we should have a very simple mechanism for filtering as a part of neighbor discovery, a more powerful but also more complex mechanism running at higher layers, or both?
Jari
-------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
