On Tue, 3 Jul 2007, Paul Vixie wrote:
The general idea is that the bulk of address assignments used should be,
one would expect and hope, PA, and aggregated, into large assignments
of PI blocks (ideally one per ASN) in the DFZ. The scalability of the
DFZ depends on this, in fact.
no. while it's true in the current system that identity-follows-routing,
that may not always be true, and away from the DFZ, it's already untrue.
therefore we must reject the aggregation-centric view, or at least, constrain
it to only being valid for globally connected devices, reachable from DFZ.
There are cases where the network administrators dont care about the
global DFZ, aggregation or whatever, they just want enough IP for their
INTERNAL usage. And now are we back to what we (where I work) need ULA-C/G
for...
- we don't need the full internet connectivity or reachability, we simply
dont care whats on the internet from our point of view. We have RIR
assigned IPblock for _all_ our global needs and let our chosen ISP provide
us global internet when they announce _our_ RIR assigned netblock
- unique addresses so when we interconnect to other organization we dont
get collision ever, neither now or in 10years time. ULA-L simple isnt
enough, 2^40 is not good enough. No point in argueing over that.
- we dont want NAT anywhere in our network, that break the end to end
connectivity we need for lots of things. Our internal video or phone
system or whatever other application we have/will get.
- we need full reverse DNS control over the ULA-C/G blocks we have (we
will get several thousands of them) since that way the other organization
just have to go to the internet root DNS to lookup our IPs, they dont need
to tune their DNS for reaching thing in OUR network.
(we are looking at something between 500 and upto 10 000 or more unique
ULA-C/G blocks for or network and use)
- ...
sure we could use PI, but we dont need any of the features on the internet
really... and for those features we need we have our RIR assigned netblock
for that purpose.
sure we could just get a bigger PA block from our RIR but they dont buy
_OUR_ arguments for why we need more IP, which is okay since it is our
INTENRAL network that required the amount of IP we need. We dont have any
issues to justify that we need a /32 after the current policies, or any of
the other I've seen suggested.
And dont come telling us how we should structure our INTENRAL network, we
have our reasons and our requirments, good or bad from others point of
view, but they are the guidelines we are running our network and business
after.I really doubt anyone like to be told that since it is strictly
internal:)
Another reason for not using RIR assigned IP for our internel network
usage are the justification we have to provide for getting a bigger block
from RIPE. Or that it might be harder to explain why we need 500-10000++
PI blocks from RIPE than to just get ULA-C/G from whoever provide it. RIRs
or IANA direct through a robot. For us it doesnt mather much really, we
just need some UNIQUE IP addresses for our internal usage WITH global
reverse DNS possibility...
I guess other enterprises see this the same way. They simply want INTERNAL
unique IP addresses with global reverse DNS options, nothing less, nothing
more.
They probably wont bother to become LIR just for internal IP, their ISP(s)
provide them with their internet connectivity, and they can probably
easy justify to get PI if they want that.
--
------------------------------
Roger Jorgensen | - ROJO9-RIPE - RJ85P-NORID
[EMAIL PROTECTED] | - IPv6 is The Key!
-------------------------------------------------------
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
