Re: Why Scopes? (was: Re: [saad] About saad)

Melinda Shore <mshore@cisco.com> Fri, 17 October 2003 18:32 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA15084 for <saad-archive@odin.ietf.org>; Fri, 17 Oct 2003 14:32:23 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AAZON-0003dQ-QG for saad-archive@odin.ietf.org; Fri, 17 Oct 2003 14:32:03 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h9HIW3WO013971 for saad-archive@odin.ietf.org; Fri, 17 Oct 2003 14:32:03 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AAZON-0003dG-MR for saad-web-archive@optimus.ietf.org; Fri, 17 Oct 2003 14:32:03 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA15080 for <saad-web-archive@ietf.org>; Fri, 17 Oct 2003 14:31:53 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AAZOL-0006yI-00 for saad-web-archive@ietf.org; Fri, 17 Oct 2003 14:32:01 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1AAZOK-0006yF-00 for saad-web-archive@ietf.org; Fri, 17 Oct 2003 14:32:00 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AAZOL-0003co-Ju; Fri, 17 Oct 2003 14:32:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AAZO8-0003cS-2h for saad@optimus.ietf.org; Fri, 17 Oct 2003 14:31:48 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA15074 for <saad@ietf.org>; Fri, 17 Oct 2003 14:31:37 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AAZO5-0006y6-00 for saad@ietf.org; Fri, 17 Oct 2003 14:31:45 -0400
Received: from sj-iport-2-in.cisco.com ([171.71.176.71] helo=sj-iport-2.cisco.com) by ietf-mx with esmtp (Exim 4.12) id 1AAZO4-0006y3-00 for saad@ietf.org; Fri, 17 Oct 2003 14:31:45 -0400
Received: from cisco.com (171.71.177.254) by sj-iport-2.cisco.com with ESMTP; 17 Oct 2003 11:28:28 -0700
Received: from mira-sjc5-c.cisco.com (IDENT:mirapoint@mira-sjc5-c.cisco.com [171.71.163.17]) by sj-core-2.cisco.com (8.12.9/8.12.6) with ESMTP id h9HIVCeA015650; Fri, 17 Oct 2003 11:31:12 -0700 (PDT)
Received: from cisco.com (stealth-10-32-241-42.cisco.com [10.32.241.42]) by mira-sjc5-c.cisco.com (Mirapoint Messaging Server MOS 3.3.6-GR) with SMTP id ANG51414; Fri, 17 Oct 2003 11:31:10 -0700 (PDT)
Date: Fri, 17 Oct 2003 14:31:09 -0400
Subject: Re: Why Scopes? (was: Re: [saad] About saad)
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v552)
Cc: <saad@ietf.org>
To: "James Kempf" <kempf@docomolabs-usa.com>
From: Melinda Shore <mshore@cisco.com>
In-Reply-To: <021401c394d0$861298e0$396015ac@dclkempt40>
Message-Id: <13D76828-00D0-11D8-B6D5-000A95E35274@cisco.com>
Content-Transfer-Encoding: 7bit
X-Mailer: Apple Mail (2.552)
Content-Transfer-Encoding: 7bit
Sender: saad-admin@ietf.org
Errors-To: saad-admin@ietf.org
X-BeenThere: saad@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/saad>, <mailto:saad-request@ietf.org?subject=unsubscribe>
List-Id: Scope Addressing Architecture Discussion <saad.ietf.org>
List-Post: <mailto:saad@ietf.org>
List-Help: <mailto:saad-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/saad>, <mailto:saad-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

On Friday, October 17, 2003, at 01:03 PM, James Kempf wrote:
> One of the things I'd like to see is a list of why people use scoped
> addresses (RFC 1918) in IPv4.

I've talked to a very large number of people about this (or
rather why they use NATs, which is a slightly different
question), and the most common reasons are:

1) don't want to buy more addresses
2) simplification of network management/renumbering
3) security/firewalling/unreachability

The first two are already being dealt with in one form
or another.  The third is only peripherally being addressed
and certainly not satisfactorily (for whatever value of
"satisfactory").  The reality is that some large number
of users, including some users who consider themselves
relatively expert (network administrators, etc.) don't want
their hosts to be reachable by default but they do want
them to be able to initiate connections themselves.  I'm
not sure there's a good answer to this question, since
the users' wishes are incompatible with the IETF's working
assumptions about reachability.

There was a BOF on distributed firewalls several meetings
ago that I think is at least in some way relevant, but 1)
there doesn't seem to be a lot of momentum behind it, and 2)
some jiggering would be required.  Also, this really is a
big-A architecture problem that involves pulling together
some disparate technologies, and has been noted elsewhere,
the IETF doesn't do this sort of thing very well.

Melinda


_______________________________________________
Saad mailing list
Saad@ietf.org
https://www1.ietf.org/mailman/listinfo/saad