Possibly naive, but I'm not convinced that leaking local addresses for PI purposes is that big a problem.
Assumptions (as specified by H/H draft): (1) Most (all compliant) trunk routers will not route local packets. Most (all compliant) border routers will not route local packets. Some internal routers will not route local packets (depending on configuration). (2) Routing protocols in the above are coded to ignore local address ranges and not update routing tables. In general, only local routers will accept updates for local addresses (and only if not disabled). Now, if I pay my ISP to switch off the filters, what does it gain me? Not much, unless I'm routing to someone else who also has their filters disabled via a path that has the filters disabled. Thus, the only people exposing themselves to routing table explosion are those who disable the filters. Or have I missed something in the economics of the situation? Side point: application level leakage (either via mis-configured DNS or naive address referral) is exactly the same problem as you get if you allow a 'global' address to leak across a filter. If you provide a filtered address to a device outside the filter it won't work. How quickly you detect this depends on whether your router returns an error or just silently discards the packet. -- Andrew White -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
