In your previous mail you wrote: > => this point is supposed to be solved by RFC 3484 and related APIs but: > - the private/public address switch (rule 7) is not in the policy table > - related APIs assume that every applications were changed in order to > use them (so they are nearly useless). > > Regards Of course, the privacy/public address switch isn't in the policy table, you can control it by configuring policy table in not a beautiful way. => this is less than not a beautiful way...
It's too simple. Just put a privacy address with 128-bit prefix-len into the policy table. => first there are good implementations which don't match 001 prefixes over 64 bits, second privacy addresses are highly temporary. As a privacy address is re-generated periodically, the policy table has to be updated accordingly in the former case. => the policy table is not supposed to be so dynamic. IMHO we need a proper solution for rules which can't be configured through the policy table... Regards [EMAIL PROTECTED] -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
