On Mon, 2 Feb 2004, Brian E Carpenter wrote: > > 1) specifying just one allocator to the end-sites; this is always bad > > and prone to create monsters such as ICANN. > 7> That's unfair language. ICANN is not a monopolist. > > > It seems like that the model should be provided to support > > enough registries (e.g. 2 bit = 4 or 3 bits = 8). > > It might indeed be wise for IANA to only hand out 1/8 of the space > to the first registry - that would leave flexibility to create > more if competition proved necessary.
Well, I just feel quite uncertain of the current model -- we're basically telling IANA to find someone to build a monopoly by selling IP addresses. Not so different from what RIRs do, of course, but at least they pretend the addresses don't cost anything. Here we WANT them to cost money. Monopolies and money for (pretty much) nothing seems like a bad idea. The only thing that seems to cost a significant amount of money in the proposal is to have a possibility to get the addresses over phone, fax, or whatever -- so that they cannot be processed automatically. On further thought, requiring non-Internet -based mechanisms doesn't seem to be worth the trouble, because those can't be (semi)automated. Anyone requiring such addresses can find a place to surf to a website, or send an email. If not, they have other things to worry about (or can use the locally generated ones if they really want). > > Any routing protocol that is used between sites MUST filter out any > > incoming or outgoing Local IPv6 unicast routes. The exception to > > this is if specific /48 IPv6 local unicast routes have been > > configured to allow for inter-site communication. > > I do agree this is badly phrased - it isn't the *protocol* that > does the filtering, it's the default router config. Just as NATs > are shipped with an effective "deny all" configured, IPv6 routers > should be shipped with "deny FC00::/7" configured. It would be trivial to say that the devices SHOULD (or MUST) be shipped with a built-in reject route for FC00::/7 -- this is simple and very easily implemented but then note that: - this only affects packets which are forwarded (destination address) - in source address, it would not be checked - the routers would have to know participate in the IGP, i.e., stub decide couldn't just point a default route towards the site's internal infrastructure (I'm not so sure how realistic this is). On the other hand, making this a firewall / access-list policy is pretty much unworkable because whether it would be activated or not would depend on the existance of the more specific routes. This would be a very unwelcome connection between the filters and routing tables. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
