[address-policy-wg] Re: [ipv6-wg] closed network and need for global uniqe IP space
- Previous message (by thread): [address-policy-wg] Re: [ipv6-wg] closed network and need for g loba l uniqe IP space
- Next message (by thread): [address-policy-wg] Re: [ipv6-wg] closed network and need for global uniqe IP space
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Geoff Huston
gih at apnic.net
Fri Dec 23 22:01:32 CET 2005
At 10:03 PM 23/12/2005, Roger Jorgensen wrote: >On Fri, 25 Nov 2005, Gert Doering wrote: ><snip> > > The idea is that ULAs are random-generated in a way that makes it "fairly > > unlikely" that you end up in an address collision. But there is no > > guarantee, of course. indeed. The chances of collision exceed 0.5 once the pool of random;y drawn numbers exceeds 1.24 million. > > > > There is also a second sort of ULAs that are globally unique but still > > private, but as far as I know, there is no registry yet that will hand > > them out. So these can't be used yet. > >Who would know more about this? I'm in the process of writing down some >startup thoughts about how we can (and maybe should) implement IPv6 here >where I work. It's a closed national network where security is prio 1 and >we might also have to work/connect to other network of the same type in >other countries... in short, we need to be globaly unique so we actually >need that registrary to be there:) the original ULA document combined both self-selected ULAs and registry-selected ULAs. Over the period of a year of IETF consideration they were split in two, and the random self-selction method became RFC 4193 and the so-called centrally assigned IDs draft expired . Some URLS: - the history of the drafts: http://smakd.potaroo.net/ietf/idref/draft-ietf-ipv6-unique-local-addr/index.html - the centrally assigned drafts: http://smakd.potaroo.net/ietf/idref/draft-ietf-ipv6-ula-central/index.html There was a long discussion on the IPv6 list about the issues with the operation of a registry. I've forgotten when, but around May - July 2003 sounds familiar for some reason. The concept of a central register of unique 40bit sequences is not completely dead. At RIPE 51 I described some current work at APNIC that includes a certificate identity scheme that uses this same concept (http://www.ripe.net/ripe/meetings/ripe-51/presentations/pdf/ripe51-address-certificate.pdf (see page 14 of the presentation). I also did some maths of the collision probability of random 40bit long numbers (the so-called "birthday problem" in an expired draft (http://smakd.potaroo.net/ietf/idref/draft-huston-ipv6-local-use-comments/index.html). It _may_ be the case that a form of centrally assigned unique 40 bit strings for use in the context of the original model of centrally-assigned unique local addresses may be a useful by-product of the certification work - but if it proceeds that this is likely to be some time away yet from becoming part of the service portfolio associated with certification. regards, Geoff
- Previous message (by thread): [address-policy-wg] Re: [ipv6-wg] closed network and need for g loba l uniqe IP space
- Next message (by thread): [address-policy-wg] Re: [ipv6-wg] closed network and need for global uniqe IP space
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]