Re: [Fwd: I-D Action: draft-carpenter-6man-why64-00.txt]
Tim Chown <tjc@ecs.soton.ac.uk> Fri, 10 January 2014 08:38 UTC
Return-Path: <tjc@ecs.soton.ac.uk>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F93C1ADFBC for <ipv6@ietfa.amsl.com>; Fri, 10 Jan 2014 00:38:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.759
X-Spam-Level:
X-Spam-Status: No, score=-1.759 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.538, SPF_NEUTRAL=0.779] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4JWbTsRkG3e1 for <ipv6@ietfa.amsl.com>; Fri, 10 Jan 2014 00:38:17 -0800 (PST)
Received: from falcon.ecs.soton.ac.uk (falcon.ecs.soton.ac.uk [IPv6:2001:630:d0:f102::25e]) by ietfa.amsl.com (Postfix) with ESMTP id 1BDDF1AD8DA for <ipv6@ietf.org>; Fri, 10 Jan 2014 00:38:16 -0800 (PST)
Received: from falcon.ecs.soton.ac.uk (localhost [127.0.0.1]) by falcon.ecs.soton.ac.uk (8.13.8/8.13.8) with ESMTP id s0A8c2c0029018; Fri, 10 Jan 2014 08:38:02 GMT
X-DKIM: Sendmail DKIM Filter v2.8.2 falcon.ecs.soton.ac.uk s0A8c2c0029018
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=ecs.soton.ac.uk; s=201304; t=1389343082; bh=vu5BJ+ltpmuACAoT6096EcLo6xg=; h=Mime-Version:Subject:From:In-Reply-To:Date:Cc:References:To; b=GOTGdsqx0hBGSect/G2DIEolUAHxKXj7x5Sb1XruM6sqWcSY/ojC6PvPMiMyrNILZ NAbr5CbbMLzehw1kYAgA5LWkIkWmdiz2pKp6FBDtD69JbyMloQ5Uo58g8NYA3GdDx7 e6DU5N9vtvTqt/VerA5FOyfc0dM1/SJsrfZuDVkk=
Received: from gander.ecs.soton.ac.uk (gander.ecs.soton.ac.uk [2001:630:d0:f102::25d]) by falcon.ecs.soton.ac.uk (falcon.ecs.soton.ac.uk [2001:630:d0:f102::25e]) envelope-from <tjc@ecs.soton.ac.uk> with ESMTP (valid=N/A) id q098c20959661066yD ret-id none; Fri, 10 Jan 2014 08:38:02 +0000
Received: from [192.168.1.107] (host213-123-213-183.in-addr.btopenworld.com [213.123.213.183]) (authenticated bits=0) by gander.ecs.soton.ac.uk (8.13.8/8.13.8) with ESMTP id s0A8bsTe029963 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Fri, 10 Jan 2014 08:37:54 GMT
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 7.1 \(1827\))
Subject: Re: [Fwd: I-D Action: draft-carpenter-6man-why64-00.txt]
From: Tim Chown <tjc@ecs.soton.ac.uk>
In-Reply-To: <52CFAB11.4070404@globis.net>
Date: Fri, 10 Jan 2014 08:37:53 +0000
Content-Transfer-Encoding: quoted-printable
Message-ID: <EMEW3|2fd7c38ede48a28d67a71d4cc03848e9q098c203tjc|ecs.soton.ac.uk|A593A077-A1DA-4DE7-9F96-7F1366F35EB8@ecs.soton.ac.uk>
References: <52C9D788.8060606@gmail.com> <52CBE0E6.5020107@globis.net> <CAKD1Yr2yPzQHCJHUWBa9-+=nn9BbjLhBB4e896NPWne_Unnwgg@mail.gmail.com> <52CECC76.1030706@globis.net> <CAKD1Yr3rvnDRPpkBEV4EVrrSAQYLutGg0qoweZkKv5em=4-dRw@mail.gmail.com> <52CFAB11.4070404@globis.net> <A593A077-A1DA-4DE7-9F96-7F1366F35EB8@ecs.soton.ac.uk>
To: Ray Hunter <v6ops@globis.net>
X-Mailer: Apple Mail (2.1827)
X-ECS-MailScanner: Found to be clean, Found to be clean
X-smtpf-Report: sid=q098c2095966106600; tid=q098c20959661066yD; client=relay,ipv6; mail=; rcpt=; nrcpt=3:0; fails=0
X-ECS-MailScanner-Information: Please contact the ISP for more information
X-ECS-MailScanner-ID: s0A8c2c0029018
X-ECS-MailScanner-From: tjc@ecs.soton.ac.uk
Cc: 6man <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jan 2014 08:38:19 -0000
On 10 Jan 2014, at 08:10, Ray Hunter <v6ops@globis.net> wrote: >> Lorenzo Colitti <mailto:lorenzo@google.com> >> >> Or - as Tim points out, SNMP scraping will do this securely for you today, and vendors are already building better and more scalable address registration notification features (syslog, etc.) into switches. > Not everyone allows SNMP access from other management vendors in a multi vendor environment. Not everyone feeds syslog to other management vendors. > Again, you are imposing an alien operations model. It imposes polling, It imposes inter-vendor cooperation and access to all remote devices via a management protocol. Actually, no. It's a choice. We saw the choice of trying to lock down all address assignment for IPv6, or instead to accept that any device can pick any address and put measures in place to monitor/track which addresses are used where (should we need to trace something back). We chose the latter approach. If you want to take the lock-down path, that's your choice. > Every time a switch on any one of 1000 sites changes, you're going to have to update your central poller. A central registration model avoids that overhead. Well, yes, but there would be some provisioning for that device and you just need to make the polling configuration part of that. It's usually as simple as an address to poll. In our case (as you guess :) most of our equipment is one vendor. The SNMP polling approach has advantages too. There's a lot of very useful information you glean from that, that can be very beneficial in aspects of network management other than address accountability. We also make quite heavy use of 802.1X btw, but then many campuses do so today thanks to eduroam. >> And if you're not doing this for the purpose of tracking, then why are you doing it? Is it just because it's what you do in IPv4? If so, then sorry, that's not a valid technical argument. > At the risk of repeeating myself: helpdesk call correlation, problem correlation, log correlation, ability to track to /128 (for future filtering or tracking or resource protection of processes and devices within the network that rely on databases or caches keyed by IP address) > > In IPv4, this protection happens automatically due to address scarcity, without doing anything else. > > IPv6 /64 breaks address scarcity. I think many sites will see there are also positive sides to this, and embrace it rather than trying to lock everything down. But it's a choice. Tim
- RE: [Fwd: I-D Action: draft-carpenter-6man-why64-… Templin, Fred L
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Mark ZZZ Smith
- [Fwd: I-D Action: draft-carpenter-6man-why64-00.t… Brian E Carpenter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Ray Hunter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Alexandru Petrescu
- RE: [Fwd: I-D Action: draft-carpenter-6man-why64-… Templin, Fred L
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Alexandru Petrescu
- RE: [Fwd: I-D Action: draft-carpenter-6man-why64-… Templin, Fred L
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Alexandru Petrescu
- RE: [Fwd: I-D Action: draft-carpenter-6man-why64-… Templin, Fred L
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Brian E Carpenter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Brian E Carpenter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Tim Chown
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Tim Chown
- RE: [Fwd: I-D Action: draft-carpenter-6man-why64-… Templin, Fred L
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Alexandru Petrescu
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Alexandru Petrescu
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Alexandru Petrescu
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Brian E Carpenter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Lorenzo Colitti
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… George Michaelson
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Lorenzo Colitti
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Brian E Carpenter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Lorenzo Colitti
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Ray Hunter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Alexandru Petrescu
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Tim Chown
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Ray Hunter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Tim Chown
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Emmanuel Thierry
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Ray Hunter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Lorenzo Colitti
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Ray Hunter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Tim Chown
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Alexandru Petrescu
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Lorenzo Colitti
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Ray Hunter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Emmanuel Thierry
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Lorenzo Colitti
- Zillions of addresses [Fwd: I-D Action: draft-car… Brian E Carpenter
- Re: Zillions of addresses [Fwd: I-D Action: draft… Ray Hunter
- Re: Zillions of addresses [Fwd: I-D Action: draft… Tim Chown
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Alexandru Petrescu
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Emmanuel Thierry
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Mark ZZZ Smith
- RE: [Fwd: I-D Action: draft-carpenter-6man-why64-… Christian Huitema
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Brian E Carpenter
- Re: [Fwd: I-D Action: draft-carpenter-6man-why64-… Mark ZZZ Smith