Re: [v6ops] draft-ietf-v6ops-enterprise-incremental-ipv6 WGLC

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 06 August 2013 00:20 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01DE721F9BCA for <v6ops@ietfa.amsl.com>; Mon, 5 Aug 2013 17:20:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 91jJFiSHdjpr for <v6ops@ietfa.amsl.com>; Mon, 5 Aug 2013 17:20:37 -0700 (PDT)
Received: from mail-pb0-x22d.google.com (mail-pb0-x22d.google.com [IPv6:2607:f8b0:400e:c01::22d]) by ietfa.amsl.com (Postfix) with ESMTP id 6238621F9BC9 for <v6ops@ietf.org>; Mon, 5 Aug 2013 17:20:37 -0700 (PDT)
Received: by mail-pb0-f45.google.com with SMTP id mc17so3976857pbc.18 for <v6ops@ietf.org>; Mon, 05 Aug 2013 17:20:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=G39t+hD6f7PcoD4rSFk4mdhmIqGzX1+FppD/MTj3AeY=; b=Rzr2rfbeMWKH9vP9n+M8WZPkFrMAiDV8liWfUQiC2wURAvpVLE4AtN9i4+Nm8PFurC vO/tflECMVOP/CIkZwT6xbN1y9ToENyYQTnMW7heBMleFfOAbYIe5I/RkWOd6mmM8Xcw OLhXIzNLeWZ3qZGBfMBNNwuCy3dSZROAQd6tz0igVNeP80GwVTjEkAZ2GMiNEpgWT9rY GDNqfU1ITlLPB4UYRTS/0eYMhOD9FT+myZ7OnGva0+VqS2pO9+5ZclqfIOQylOSzIFkL 4MDWSV9sInt3CoPumXlh0iqKtMyiB2/vUGepYbKjsgHl54R5FP2tqEwmW6Di1il4a2xS e3PQ==
X-Received: by 10.68.211.138 with SMTP id nc10mr25074536pbc.162.1375748436775; Mon, 05 Aug 2013 17:20:36 -0700 (PDT)
Received: from [172.24.31.170] (wireless-nat-1.auckland.ac.nz. [130.216.30.112]) by mx.google.com with ESMTPSA id eq5sm1570710pbc.15.2013.08.05.17.20.32 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 05 Aug 2013 17:20:35 -0700 (PDT)
Message-ID: <5200414F.4010905@gmail.com>
Date: Tue, 06 Aug 2013 12:20:31 +1200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
References: <201308041800.r74I03pC023049@irp-view13.cisco.com> <3374_1375690984_51FF60E8_3374_427_1_983A1D8DA0DA5F4EB747BF34CBEE5CD15C5041E1E5@PUEXCB1C.nanterre.francetelecom.fr> <8C48B86A895913448548E6D15DA7553B96E2C5@xmb-rcd-x09.cisco.com> <1375738748.38980.YahooMailNeo@web142501.mail.bf1.yahoo.com> <1375739355.31146.YahooMailNeo@web142505.mail.bf1.yahoo.com>
In-Reply-To: <1375739355.31146.YahooMailNeo@web142505.mail.bf1.yahoo.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "v6ops@ietf.org" <v6ops@ietf.org>
Subject: Re: [v6ops] draft-ietf-v6ops-enterprise-incremental-ipv6 WGLC
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Aug 2013 00:20:38 -0000

On 06/08/2013 09:49, Mark ZZZ Smith wrote:
...
>> I don't really understand it either. The value I see in ULAs is that it is 
>> your own local address space, meaning that you're in complete charge of it, 
>> unlike the global address space you have been given by somebody else. It seems 
>> to me that one way to increase robustness is to reduce external dependencies. 
>> Using a local address space, that is used in preference to a global address 
>> space when there is a choice, in general should be more robust because you have 
>> absolute control over it.
>>  
> 
> Just to clarify though, I'm not for NAT in any form. I think NPT is a lot better, however I still think that because it hides the external identity of hosts from themselves that it creates constraints that are better to avoid. Through experience, I've come to the view point that global uniqueness of identity (through globally unique addresses) is a property that is nearly as important as global reachability for troubleshooting and security.

It seems to me that any IETF consensus document should make it clear
that ULAs are for internal use only, that GUAs should be used in parallel
for external access, and that NPTv6 is (if mentioned) only an experimental
specification.

Also note that draft-liu-v6ops-ula-usage-analysis and
draft-liu-v6ops-running-multiple-prefixes are around and cover
this topic.

   Brian