Andrew White <[EMAIL PROTECTED]> wrote:
|Dan Lanciani wrote:
|>
|> Andrew White <[EMAIL PROTECTED]> wrote:
|>
|> |Dan Lanciani wrote:
|> |
|> |> There is a huge difference between requiring a /48 and allowing anything
|> |> greater than /8. The former ...
|> |> while the latter means that you can bypass the black hole with 2 or 4
|> |> route additions.
|> |
|> |Of course you can bypass it.
|>
|> The proposed wording is:
|>
|> ``Router manufacturers MUST ensure that said black hole cannot be
|> deconfigured, turned off, or otherwise overridden in toto;''
|>
|> How do you reconcile this with ``Of course you can bypass it.''?
|
|The immediately preceding context was Alan stating that his reading was that
|only /8 routes are to be discarded and that anything more specific would be
|forwarded.
This was the culmination of a thread with more context. In any case, I
can't see how the text can be read to mean that. It clearly states that
the black hole cannot be overridden in toto.
So how about we stop dancing around and answer the question:
Can I completely disable the black hole on my own router or not?
N.B., an answer of the form, ``you can disable it in ways that support what
we consider to be appropriate uses of local addresses'' is not an answer.
|You seemed to be saying that having an easy workaround
|invalidated the value of the filter, which Alan and Christian (and I) seem
|to disagree with.
No, I said that having an easy (or any) workaround is contrary to the proposed
wording. As an aside, I don't think this is a very productive way to come
up with a spec. We are debating the meaning of proposed text when we should
be debating the actual restrictions. Once we agree on the restrictions we
can come up with text. There can be no legitimate reason to argue against
clarifying the text, especially if the claim is that it does not mean what
it plainly says.
|I object to the proposed wording also, if only because routers must be able
|to be configured for 'inside' work at which point local addresses are
|in-scope and should not be filtered. It should be possible to disable the
|filtering or refine it.
That was my point from the beginning. The proposed wording forbids this.
But that appears to be its intent. So object to the intent as well...
|With such a restriction, I don't see much incentive for an ISP (or other
|user) to disable the filters in a general manner. Since most routers will
|filter anyway, they can only route the local packets to other people who've
|disabled the filters, and anyone disabling the filters (and only those
|people) needs to cope with potential routing table increases for their OWN
|tables.
There need be no routing table growth in an overlay network using dynamic
tunnels. Only the existence of absurd restrictions on routing to the entire
"local" prefix could create artificial bloat by forcing multiple /48's (or
whatever) where a single default would have worked.
Dan Lanciani
[EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
