[address-policy-wg] Re: [ppml] article about IPv6 vs firewalls vs NAT in arstechnica (seen on slashdot)
- Previous message (by thread): [address-policy-wg] RE: [ppml] article about IPv6 vs firewalls vs NAT in arstechnica (seen on slashdot)
- Next message (by thread): [address-policy-wg] Re: [ppml] article about IPv6 vs firewalls vs NAT in arstechnica (seen on slashdot)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
william(at)elan.net
william at elan.net
Fri May 11 09:03:08 CEST 2007
I don't understand your point about why ULA need to be registered if its not going to be globally routed. Also PI is not the same as ULA - PI do come from RIRs and in IPv6 there was no way to get PI (except in a few special cases) until recent ARIN's micro-allocation policy. On Fri, 11 May 2007, Tony Hain wrote: > I agree that this will help inform the debate, and while Iljitsch did a good > job of outlining the issue, he left out a significant point::: > People explicitly chose to be in the state of "as there is currently no > obvious way to make services only available locally" by insisting that the > local-scope addressing range have a global-scope as far as application > developers were concerned. Now the application developers are complaining > about the consequences of their choice, because the alternative to 'no > routing path for an attack' is to insert a device that has to make policy > decisions with limited information. > > The current ULA-central discussions will be directly involved in this issue. > It is critical that all of the RIR's have policies establishing a mechanism > for registering ULA-central prefixes & PI. For those who don't recall, the > reason ULA-central was tabled was that it was seen as a potential end-run to > acquire PI space in the absence of appropriate policy to do so out of a > range recognized for global routing. > > The need for keeping some things local while others are global is real, and > the lack of appropriate mechanisms to accomplish that through the routing > system that is designed to deal with path selection leads to entire > industries for fragile work-arounds along with their increased complexity. > > Tony > > >> -----Original Message----- >> From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net] On Behalf Of >> vixie at vix.com >> Sent: Thursday, May 10, 2007 9:59 PM >> To: ppml at arin.net >> Subject: [ppml] article about IPv6 vs firewalls vs NAT in arstechnica >> (seen on slashdot) >> >> i think that this article will help inform the debate around the ipv6 >> transition: >> >> http://arstechnica.com/articles/paedia/ipv6-firewall-mixed-blessing.ars >> _______________________________________________ >> This message sent to you through the ARIN Public Policy Mailing List >> (PPML at arin.net). >> Manage your mailing list subscription at: >> http://lists.arin.net/mailman/listinfo/ppml > > _______________________________________________ > This message sent to you through the ARIN Public Policy Mailing List > (PPML at arin.net). > Manage your mailing list subscription at: > http://lists.arin.net/mailman/listinfo/ppml
- Previous message (by thread): [address-policy-wg] RE: [ppml] article about IPv6 vs firewalls vs NAT in arstechnica (seen on slashdot)
- Next message (by thread): [address-policy-wg] Re: [ppml] article about IPv6 vs firewalls vs NAT in arstechnica (seen on slashdot)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]