I've just submitted a proposal for how to make use of stable, limited range addresses on a local network without advertising those addresses in DNS (or other application referral mechanisms) - and which I hope will therefore minimize leakage. The idea is to advertise potential prefix substitutions using an extension to RA. Since the "limited range" addresses are only exposed through RA (no need to expose them in DNS or elsewhere), then I think they should be less likely to leak out and cause problems.
This proposal doesn't limit the organization to a single "range scope", or for that matter, a single stable prefix. different stable prefixes can be used within different portions of the same network if that is found to be desirable. In contrast to draft-bellovin-ipv6-accessprefix, this proposal doesn't make any claims about the suitability of substituted prefixes for access control- in fact, use of a substitute prefix is always optional. My proposal is only intended to allow consenting apps to discover a prefix that is stable across renumbering events. virtual preprints available at http://www.cs.utk.edu/~moore/I-D/draft-moore-ipv6-prefix-substitution-00.txt Keith -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
