Re: draft-ietf-ipv6-ula-central-02.txt

Fri, 22 Jun 2007 12:16:20 -0700 

Templin, Fred L wrote:
> George Mitchell wrote:
>> Personally, I am less certain about the probability of ULA-Cs
>> being administered such that a collision will never happen
>> than I am about the unlikelyhood of a collision between
>> randomly assigned ULAs.                       -- George Mitchell
> 
> Would it make you feel more certain if the ULA-Cs were
> self-generated by sites exactly as in (RFC4193, Section 3.2)
> and then "registered" with a central authority that would
> register the address as long as it is not a duplicate? I
> don't think ('draft-ietf-ipv6-ula-central', Section 3.2)
> currently says that, but it seems like it would result in
> a scenario that is no worse than for RFC4193 yet with a
> central authority accountable for certifying uniqueness. 
> 
> That said, I would be astonished if this idea has not been
> entertained and debated before.

You mean just like what http://www.sixxs.net/tools/grh/ula/ is doing?
Or similarly for IPv4: http://www.chiark.greenend.org.uk/cam-grin/

Debated only a teeny little bit.

The 'problem' that people have with such a mechanism (even if run by IANA)
seems to be that they 'require' reverse DNS and they want a delegation from
ip6.arpa to their nameservers.

IMHO then again, if you are requiring reverse DNS you clearly are connecting
some way or another to the at large Internet, thus then you come back to the
point of asking these folks how one can reach that at-large Internet from
those blocks that are 'local'. Saying "we will just put global unicast IPs for
the reverse DNS servers and route them inside" means you have global unicast
IPs, and I sure hope they won't change, thus clearly there is also some other
form of addresses involved there. And please don't say NAT. If one is going
the NAT way, please stick to IPv4, I don't want to program code for that.

Thus the next iteration: where do those global unicast addresses that are very
stable and can be used for reverse DNS come from? Need some "PI" folks? :)


One possible way to (partially) solve the latter would be to say "fd00::/32 is
services, fd00::53 is always a DNS server which is capable of resolving".
But that proposal of having anycasted recursive 'service' DNS servers got shot
down.

Greets,
 Jeroen

Attachment: signature.asc
Description: OpenPGP digital signature

--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

Reply via email to