IETF Logo Mail Archive

Re: [v6ops] I-D Action: draft-ietf-v6ops-ula-usage-recommendations-02.txt

Jan-Frode Myklebust <janfrode@tanso.net> Mon, 17 February 2014 11:00 UTC

Return-Path: <janfrode@tanso.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0843D1A010C for <v6ops@ietfa.amsl.com>; Mon, 17 Feb 2014 03:00:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gGR5pT7oWqla for <v6ops@ietfa.amsl.com>; Mon, 17 Feb 2014 03:00:19 -0800 (PST)
Received: from mail-ee0-f51.google.com (mail-ee0-f51.google.com [74.125.83.51]) by ietfa.amsl.com (Postfix) with ESMTP id DF6EE1A011E for <v6ops@ietf.org>; Mon, 17 Feb 2014 03:00:18 -0800 (PST)
Received: by mail-ee0-f51.google.com with SMTP id b57so7033789eek.38 for <v6ops@ietf.org>; Mon, 17 Feb 2014 03:00:15 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-type:content-disposition :content-transfer-encoding:in-reply-to:user-agent; bh=p+TpS5Rkl55pxJXd0etePjpv8cTN5mWeriiAkqMOd7E=; b=T20xTG+FalA5UKuKQacGRpNtOFICENAZshzGF4tWIEwCSq0iUYC1PGF+lyNN+wQTDX N1E+jV4N7Aoryo67Dx55NwmyDHRMUgA4Ufw3ExDF1yDhXhKKs+dTi9TO2kbbUMHjXtX8 TRa4IQk5JhVDbXCGCOwtQrZJ8y7Hj2ItQllmi3aEMyDzqeBSrVp64d37eX5fUpO2BkCf EIeiNTo8e77kYtrgdIRHMtt77rBAstdyYuCmJGA79Ez+/t7Sa6GJ7eTd/S+Rk7CpgwZK 9qxJF0WyG+ARA2yAVMjZWGgs6HHV3fQai82lMlYBEJhcPFKYX7m2hD5kJpTBl8h1T06a H21w==
X-Gm-Message-State: ALoCoQlSwcG0H705SfcJiNCnPva5i3Db7kAQZdyn5AMFxtpphNeUDoWVSzHzFtNL91gL3o4KxRbH
X-Received: by 10.15.42.72 with SMTP id t48mr26930736eev.45.1392634815634; Mon, 17 Feb 2014 03:00:15 -0800 (PST)
Received: from localhost ([81.167.37.170]) by mx.google.com with ESMTPSA id x2sm56010763eeo.8.2014.02.17.03.00.14 for <multiple recipients> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Feb 2014 03:00:14 -0800 (PST)
Date: Mon, 17 Feb 2014 12:00:13 +0100
From: Jan-Frode Myklebust <janfrode@tanso.net>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <20140217110013.GA31822@mushkin>
References: <20140214091302.13219.20624.idtracker@ietfa.amsl.com> <m21tz6javn.wl%randy@psg.com> <1442fd6c81e.5859224653900445752.5189762259388794287@internetdraft.org> <52FEBE28.1010006@gmail.com> <8E2A8B56-6F05-4F09-BE7E-651B9CA42458@delong.com> <5300CE32.1050808@gmail.com> <BD473E46-E382-44E6-B474-A56D074318FA@delong.com> <530104B3.3070205@gmail.com> <53010E70.5000401@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <53010E70.5000401@gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/tOY4uEDWX_phQglQjJ9R57SvlK4
Cc: V6 Ops List <v6ops@ietf.org>
Subject: Re: [v6ops] I-D Action: draft-ietf-v6ops-ula-usage-recommendations-02.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Feb 2014 11:00:21 -0000

On Mon, Feb 17, 2014 at 08:16:00AM +1300, Brian E Carpenter wrote:
> >>> Le 15/02/2014 19:16, Owen DeLong a écrit :
> >>>> Indeed, the situations where ULA usage is detrimental vastly
> >>>> outnumbers those where it is actually beneficial.
> 
> That's an opinion, but it isn't an argument for abolishing
> ULAs. It's actually an argument for improving this draft so
> that it describes the cases in which ULAs are beneficial.

> Could we have a detailed conversation about whether those cases
> are correctly described in the draft?

Yes please.

My use case is that we have a set of datacenter internal services/servers
that should *never* be routed out. When not using ULA we've had a couple
of incidents where the routes did leak out and servers that shouldn't
have been available on the Internet was. So we've decided to use ULA for
the same set of servers as we previously used rfc1918-adresses for. No
NAT involved. No servers should reach Internet directly. Yes we could
achieve the same by putting proper ACLs in place on the borders, but since
we've failed to do that in the past, the belt and suspenders approach is
attractive.

Is this a "valid" ULA usage? 


  -jf

v2.23.0 | Report a Bug | By Email