RE: Why Scopes? (was: Re: [saad] About saad)
"Michel Py" <michel@arneill-py.sacramento.ca.us> Fri, 17 October 2003 21:58 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA25966 for <saad-archive@odin.ietf.org>; Fri, 17 Oct 2003 17:58:20 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AAcbh-0005QH-JP for saad-archive@odin.ietf.org; Fri, 17 Oct 2003 17:58:01 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h9HLw1Ij020839 for saad-archive@odin.ietf.org; Fri, 17 Oct 2003 17:58:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AAcbh-0005Q2-ET for saad-web-archive@optimus.ietf.org; Fri, 17 Oct 2003 17:58:01 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA25963 for <saad-web-archive@ietf.org>; Fri, 17 Oct 2003 17:57:50 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AAcbe-00021o-00 for saad-web-archive@ietf.org; Fri, 17 Oct 2003 17:57:58 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1AAcbe-00021l-00 for saad-web-archive@ietf.org; Fri, 17 Oct 2003 17:57:58 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AAcbg-0005Pf-JO; Fri, 17 Oct 2003 17:58:00 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AAcbY-0005PN-I2 for saad@optimus.ietf.org; Fri, 17 Oct 2003 17:57:52 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA25960 for <saad@ietf.org>; Fri, 17 Oct 2003 17:57:41 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AAcbV-00021i-00 for saad@ietf.org; Fri, 17 Oct 2003 17:57:49 -0400
Received: from adsl-209-233-126-65.dsl.scrm01.pacbell.net ([209.233.126.65] helo=arneill-py.sacramento.ca.us) by ietf-mx with esmtp (Exim 4.12) id 1AAcbV-00021Z-00 for saad@ietf.org; Fri, 17 Oct 2003 17:57:49 -0400
Content-class: urn:content-classes:message
Subject: RE: Why Scopes? (was: Re: [saad] About saad)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Date: Fri, 17 Oct 2003 14:57:19 -0700
Content-Transfer-Encoding: quoted-printable
Message-ID: <DD7FE473A8C3C245ADA2A2FE1709D90B06C66C@server2003.arneill-py.sacramento.ca.us>
X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
Thread-Topic: Why Scopes? (was: Re: [saad] About saad)
thread-index: AcOU3ej23AdhnuHwQ7OFDCJHEHVSwQAGldQg
From: Michel Py <michel@arneill-py.sacramento.ca.us>
To: Melinda Shore <mshore@cisco.com>, James Kempf <kempf@docomolabs-usa.com>
Cc: saad@ietf.org
Content-Transfer-Encoding: quoted-printable
Sender: saad-admin@ietf.org
Errors-To: saad-admin@ietf.org
X-BeenThere: saad@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/saad>, <mailto:saad-request@ietf.org?subject=unsubscribe>
List-Id: Scope Addressing Architecture Discussion <saad.ietf.org>
List-Post: <mailto:saad@ietf.org>
List-Help: <mailto:saad-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/saad>, <mailto:saad-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Content-Transfer-Encoding: quoted-printable
Melinda, > Melinda Shore wrote: > I've talked to a very large number of people about this > (or rather why they use NATs, which is a slightly > different question), Indeed. > and the most common reasons are: > 1) don't want to buy more addresses > 2) simplification of network management/renumbering > 3) security/firewalling/unreachability Yes. I just posted a more detailed analysis along the same lines. > The reality is that some large number of users, including > some users who consider themselves relatively expert > (network administrators, etc.) don't want their hosts to > be reachable by default but they do want them to be able > to initiate connections themselves. I'm not sure there's > a good answer to this question, since the users' wishes > are incompatible with the IETF's working assumptions > about reachability. IMHO the answer to this is a firewall, not scoping. I just raised this question: should scoping provide firewall features or not? IMHO no because these are two different issues. Since we don't want NATv6, the requirement that hosts should be able to access the outside implies that their scope must be compatible with doing so. If these hosts must be protected from the outside when they are not initiating the connection, this function shall be provided by a firewall. Yes, firewalls are a PITA because they build hard state, and hard state is evil and distributed hard state is worse, but I don't think this is a topic for this list. Michel. _______________________________________________ Saad mailing list Saad@ietf.org https://www1.ietf.org/mailman/listinfo/saad
- RE: Why Scopes? (was: Re: [saad] About saad) Michel Py
- RE: Why Scopes? (was: Re: [saad] About saad) Michel Py
- Re: Why Scopes? (was: Re: [saad] About saad) J. Noel Chiappa
- Re: Why Scopes? (was: Re: [saad] About saad) Brian E Carpenter
- Re: Why Scopes? (was: Re: [saad] About saad) Ralph Droms
- RE: Why Scopes? (was: Re: [saad] About saad) Erik Nordmark
- RE: Why Scopes? (was: Re: [saad] About saad) Michel Py
- RE: Why Scopes? (was: Re: [saad] About saad) Erik Nordmark
- RE: Why Scopes? (was: Re: [saad] About saad) Michel Py