IETF Logo Mail Archive

Re: I-D.ietf-v6ops-cpe-simple-security-09

Mark Baugher <mbaugher@cisco.com> Fri, 05 March 2010 03:07 UTC

Return-Path: <owner-v6ops@ops.ietf.org>
X-Original-To: ietfarch-v6ops-archive@core3.amsl.com
Delivered-To: ietfarch-v6ops-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6EA9E3A8E7D for <ietfarch-v6ops-archive@core3.amsl.com>; Thu, 4 Mar 2010 19:07:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.495
X-Spam-Level:
X-Spam-Status: No, score=-8.495 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_HI=-8, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y13G3XLAkB91 for <ietfarch-v6ops-archive@core3.amsl.com>; Thu, 4 Mar 2010 19:07:08 -0800 (PST)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id E62EB3A89E2 for <v6ops-archive@lists.ietf.org>; Thu, 4 Mar 2010 19:07:07 -0800 (PST)
Received: from majordom by psg.com with local (Exim 4.71 (FreeBSD)) (envelope-from <owner-v6ops@ops.ietf.org>) id 1NnNp9-000OOk-Bt for v6ops-data0@psg.com; Fri, 05 Mar 2010 03:03:35 +0000
Received: from [171.71.176.72] (helo=sj-iport-3.cisco.com) by psg.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.71 (FreeBSD)) (envelope-from <mbaugher@cisco.com>) id 1NnNp7-000OOR-6b for v6ops@ops.ietf.org; Fri, 05 Mar 2010 03:03:33 +0000
Authentication-Results: sj-iport-3.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEAOcDkEurR7Hu/2dsb2JhbACbRXOfRphnhH0Egxc
X-IronPort-AV: E=Sophos;i="4.49,585,1262563200"; d="scan'208";a="215516971"
Received: from sj-core-5.cisco.com ([171.71.177.238]) by sj-iport-3.cisco.com with ESMTP; 05 Mar 2010 03:03:20 +0000
Received: from sjc-mbaugher-8713.cisco.com (sjc-mbaugher-8713.cisco.com [10.19.93.36]) by sj-core-5.cisco.com (8.13.8/8.14.3) with ESMTP id o2533KBa019771; Fri, 5 Mar 2010 03:03:20 GMT
Subject: Re: I-D.ietf-v6ops-cpe-simple-security-09
Mime-Version: 1.0 (Apple Message framework v1077)
Content-Type: text/plain; charset="us-ascii"
From: Mark Baugher <mbaugher@cisco.com>
In-Reply-To: <A424A6DF-68F3-4338-833E-872490C6CB23@apple.com>
Date: Thu, 04 Mar 2010 19:03:19 -0800
Cc: IPv6 Operations <v6ops@ops.ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <429FD946-7AD4-4C3A-B2F4-0226244E5C08@cisco.com>
References: <D6F5ACD2-EB43-477E-9F48-AC3EDB3F7EB4@apple.com> <0E826480-B510-4907-9F38-6119C0D7523B@cisco.com> <929CA789-3B68-4B60-A623-311D072B4F17@cisco.com> <AA773B57-8CD1-4701-A39A-F2E10DEED35E@apple.com> <38CDE90C-7CF7-41B2-893E-E2811B3E51B1@cisco.com> <A424A6DF-68F3-4338-833E-872490C6CB23@apple.com>
To: james woodyatt <jhw@apple.com>
X-Mailer: Apple Mail (2.1077)
Sender: owner-v6ops@ops.ietf.org
Precedence: bulk
List-ID: <v6ops.ops.ietf.org>

On Mar 4, 2010, at 5:08 PM, james woodyatt wrote:

> On Mar 4, 2010, at 16:50, Mark Baugher wrote:
>> On Mar 4, 2010, at 4:41 PM, james woodyatt wrote:
>>> 
>>> I will say that it doesn't make sense to me that my service provider should be allowed to join my organization-local scope multicast groups, or that I can join their organization-local scope groups.  That's what it would mean if we said 'site-local' here instead of what it currently says.
>> 
>> Site scope give us the same thing and I recommend that we use that instead.
> 
> I'm confused.  To what "same thing" are you referring?
> 
> I've explained that making site-local the DEFAULT multicast scope boundary places the subscriber network in the same organization-local scope as the provider network, whereas making organization-local the DEFAULT multicast scope boundary places the subscriber network and the provider network in different organization-local scopes.

You stated it but didn't explain it.  As Fred Baker has pointed out to you in his recent email: 'RFC 4291 knows nothing of an "organization-local" scope'.  I don't see read any explanation in your latest version but only a reference to RFC 4291.  Here are the 4291 definitions:
'Site-Local scope is intended to span a single site. Organization-Local scope is intended to span multiple sites belonging to a single organization.'

> 
> In what way are subscribers and providers part of the same organization?  Why are they not separate organizations by DEFAULT?

Site-local scope means that the multicast messages will not be forwarded outside the site.  That's "the same thing" as what we need.  What about this problem of having my organizational scope multicast visible to my service provider.  Where is it written that a site must be part of a the nearest organization?  My home network is not part of any organization.  If I had organization-scope multicast on my home network, I would not expect my default CPE gateway to forward organization-local messages out my service access-network interface - and vice versa.  Where is your use case of organization-local scope defined?  Not in the source you cite. 

Mark

> 
> 
> --
> james woodyatt <jhw@apple.com>
> member of technical staff, communications engineering
> 
> 
>

v2.23.0 | Report a Bug | By Email