Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
Rémi Després <remi.despres@free.fr> Wed, 27 August 2008 08:55 UTC
Return-Path: <owner-v6ops@ops.ietf.org>
X-Original-To: ietfarch-v6ops-archive@core3.amsl.com
Delivered-To: ietfarch-v6ops-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 889A73A6817 for <ietfarch-v6ops-archive@core3.amsl.com>; Wed, 27 Aug 2008 01:55:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.809
X-Spam-Level:
X-Spam-Status: No, score=0.809 tagged_above=-999 required=5 tests=[AWL=-1.207, BAYES_40=-0.185, FH_RELAY_NODNS=1.451, HELO_EQ_FR=0.35, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CdYxPC21gE1Q for <ietfarch-v6ops-archive@core3.amsl.com>; Wed, 27 Aug 2008 01:55:22 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id A3ACD3A6842 for <v6ops-archive@lists.ietf.org>; Wed, 27 Aug 2008 01:55:22 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-v6ops@ops.ietf.org>) id 1KYGlD-000LIH-LF for v6ops-data@psg.com; Wed, 27 Aug 2008 08:52:15 +0000
Received: from [212.27.42.28] (helo=smtp2-g19.free.fr) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from <remi.despres@free.fr>) id 1KYGl9-000LHa-4R for v6ops@ops.ietf.org; Wed, 27 Aug 2008 08:52:12 +0000
Received: from smtp2-g19.free.fr (localhost.localdomain [127.0.0.1]) by smtp2-g19.free.fr (Postfix) with ESMTP id 7556112B6D3; Wed, 27 Aug 2008 10:52:10 +0200 (CEST)
Received: from ordinateur-de-remi-despres.local (per92-10-88-166-221-144.fbx.proxad.net [88.166.221.144]) by smtp2-g19.free.fr (Postfix) with ESMTP id D8EBA12B6BE; Wed, 27 Aug 2008 10:52:08 +0200 (CEST)
Message-ID: <48B51578.6000602@free.fr>
Date: Wed, 27 Aug 2008 10:51:04 +0200
From: Rémi Després <remi.despres@free.fr>
User-Agent: Thunderbird 2.0.0.16 (Macintosh/20080707)
MIME-Version: 1.0
To: Gert Doering <gert@space.net>
CC: Dan Wing <dwing@cisco.com>, 'Truman Boyes' <truman@suspicious.org>, 'Brian E Carpenter' <brian.e.carpenter@gmail.com>, 'Mark Smith' <ipng@69706e6720323030352d30312d31340a.nosense.org>, jhw@apple.com, 'IPv6 Operations' <v6ops@ops.ietf.org>
Subject: Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
References: <01af01c9065b$b4602440$c2f0200a@cisco.com> <48B23391.1090503@gmail.com> <01cd01c90672$a57c8790$c2f0200a@cisco.com> <48B31DA3.6080001@gmail.com> <07d201c906f7$50a85e30$c2f0200a@cisco.com> <48B32B43.5010103@gmail.com> <084c01c906fe$f9bf1840$c2f0200a@cisco.com> <48B33430.40704@gmail.com> <A31EB889-2BD9-4283-A408-AB6DCC1D568A@suspicious.org> <08be01c90712$d876cd40$c2f0200a@cisco.com> <20080826114919.GN19694@Space.Net>
In-Reply-To: <20080826114919.GN19694@Space.Net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-v6ops@ops.ietf.org
Precedence: bulk
List-ID: <v6ops.ops.ietf.org>
Gert Doering (m/j/a) 8/26/08 1:49 PM: > On Mon, Aug 25, 2008 at 05:29:47PM -0700, Dan Wing wrote: >> Internalt to external is permitted, by default, in the current document. >> >> We are discussing external to internal. > > What is "internal to external" is inevitably "external to internal" to > someone else. > > How do you solve "tunneling is permitted if solicited from the inside" for > the > > Host A --- CPE A ----[Internet]---- CBE B --- Host B > > case? In my understanding, there is no ambiguity. Internal or External is defined only for a two-sided device the place of which is specified in the global Internet: - External is toward the core (or the root) of the routing hierarchy, i.e. the side of the device where the 0/0 route goes (the "rest of the world"). - Internal is the opposite. It is toward the periphery (or the leaves) of the routing hierarchy, where the 0/0 route doesn't go. Thus: - A is internal to CPE A. - CPE B and B are external to CPE A. - A and CPE A are external to CPE B. - B is internal to CPE B Filtering control, if not dministrative, should always come from the internal side (from A to CPA A, from B to CPE B). RD
- Fwd: Some suggestions for draft-ietf-v6ops-cpe-si… Fred Baker
- Some suggestions for draft-ietf-v6ops-cpe-simple-… Mark Smith
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Brian E Carpenter
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… Dan Wing
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Brian E Carpenter
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… Dan Wing
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Mark Smith
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… EricLKlein
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Brian E Carpenter
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… Dan Wing
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Brian E Carpenter
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… Dan Wing
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Brian E Carpenter
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… Dan Wing
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Truman Boyes
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… Dan Wing
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Brian E Carpenter
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Gert Doering
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… Dan Wing
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Rémi Després
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Rémi Després
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Gert Doering
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Rémi Denis-Courmont
- But are we talking IPv6 only? That's how I read t… Mark Smith
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… teemu.savolainen
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Rémi Després
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… Rémi Denis-Courmont
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… Rémi Denis-Courmont
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… Dan Wing
- RE: But are we talking IPv6 only? That's how I re… Dan Wing
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… james woodyatt
- Re: Some suggestions for draft-ietf-v6ops-cpe-sim… james woodyatt
- Re: But are we talking IPv6 only? That's how I re… james woodyatt
- RE: Some suggestions for draft-ietf-v6ops-cpe-sim… Dan Wing
- Re: But are we talking IPv6 only? That's how I re… Mark Smith
- Purpose of ALD (was Re: Some suggestions for draf… james woodyatt
- Re: But are we talking IPv6 only? That's how I re… james woodyatt
- RE: Purpose of ALD (was Re: Some suggestions for … Dan Wing
- RE: But are we talking IPv6 only? That's how I re… Dan Wing
- Re: But are we talking IPv6 only? That's how I re… james woodyatt
- RE: But are we talking IPv6 only? That's how I re… Dan Wing
- Re: But are we talking IPv6 only? That's how I re… Rémi Denis-Courmont
- RE: But are we talking IPv6 only? That's how I re… Templin, Fred L
- RE: But are we talking IPv6 only? That's how I re… Dan Wing
- RE: But are we talking IPv6 only? That's how I re… Templin, Fred L
- Re: But are we talking IPv6 only? That's how I re… james woodyatt
- RE: But are we talking IPv6 only? That's how I re… Templin, Fred L
- Re: But are we talking IPv6 only? That's how I re… james woodyatt
- RE: But are we talking IPv6 only? That's how I re… Templin, Fred L
- Re: But are we talking IPv6 only? That's how I re… Rémi Després
- RE: But are we talking IPv6 only? That's how I re… Dan Wing
- RE: But are we talking IPv6 only? That's how I re… Templin, Fred L
- Re: But are we talking IPv6 only? That's how I re… Rémi Després
- RE: But are we talking IPv6 only? That's how I re… Templin, Fred L
- RE: But are we talking IPv6 only? That's how I re… Dan Wing
- Re: But are we talking IPv6 only? That's how I re… Mark Smith
- Re: But are we talking IPv6 only? That's how I re… Mark Smith
- Re: tunnel protocols (draft-ietf-v6ops-cpe-simple… james woodyatt