Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)

Philip Homburg <> Thu, 07 January 2021 14:55 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5EF753A11DC; Thu, 7 Jan 2021 06:55:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id sCImI63Zm8-s; Thu, 7 Jan 2021 06:55:26 -0800 (PST)
Received: from ( [IPv6:2001:888:1044:10:2a0:c9ff:fe9f:17a9]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1F9E03A11D8; Thu, 7 Jan 2021 06:55:25 -0800 (PST)
Received: from (localhost [::ffff:]) by with esmtp (TLS version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305) (Smail #157) id m1kxWh9-0000ImC; Thu, 7 Jan 2021 15:55:23 +0100
Message-Id: <>
Cc: Ted Lemon <>, IPv6 Operations <>
Subject: Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)
From: Philip Homburg <>
References: <> <> <> <> <> <> <> <> <> <>
In-reply-to: Your message of "Thu, 7 Jan 2021 08:08:05 -0500 ." <>
Date: Thu, 07 Jan 2021 15:55:21 +0100
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 07 Jan 2021 14:55:29 -0000

>    And for that matter how hard it would be to implement, and what
>    the benefit would be, versus the drawbacks. Most of the time
>    when people do split DNS, it's because they want information
>    behind the firewall to be invisible globally not so much for
>    operational reasons (because they wouldn't work) but because
>    they don't want to reveal the inner workings of the network
>    behind the firewall. So even if this feature Mark's proposing
>    were widely implemented in host resolvers (which it would have
>    to be to be useful), and even if we had the technology to actually
>    populate this sort of information accurately in the DNS, I think
>    most people who operate DNS servers that could in principle
>    advertise non-global addresses this way would choose not to. So
>    yeah, I'd predict not much uptake.

I can see a few benefits of Mark's proposal. One is that it is good to
have a standard representation of information. In particular,
Mark's proposal would make it possible to have a master zone file that has
both public and private DNS entries. Then a split-DNS server could serve
only the public data to the outside world. 

At the same time, I think it would be great if we can put link-local addresses
in DNS. 

There may be more applications, for example in the context of VPNs. 

It may tie in nicely with scope IDs in socket addresses. If a DNS
record specifies that is valid only on a VPN link, then maybe we can already
tie the address to that link. No need to change applications, it can be
hidden in the stub resolver.