Andrew White wrote:
Pekka Savola wrote:
That's not the complete picture. Addresses leak. They leak to others using the local scope, but without connectivity. I'd much prefer using globals first, because falling back to globals from first trying locals could take a long time (consider e.g. stupid firewalls who silently drop packets).
This should not be an important issue, but I fear in practice, it is..
Agreed. There could be a long timeout on connection if we use an invalid address (local or global) as our first choice, and an out-of-scope local is theoretically guaranteed to be invalid.
Operational experience on a production network: We have seen the results of those timers with different implementations. They can be up to 3 minutes and 30 seconds per invalid address. Multiply that by the number of 'published/leaked' addresses (v6 nodes with multiple interfaces can have many) and you end up with an unusable system.
- Alain.
-------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
