Re: Host-based may be the way to go, but network controls areneccessary

["Craig A. Huegen" <chuegen@cisco.com>]

On Wed, 20 Nov 2002, Erik Nordmark wrote:

> In this case the border router would not know whether there are
> alternative destination addresses that the host could have chosen, thus
> I suspect the set of polices that can be handled is less then in the
> more general case.

For a larger enterprise network, this becomes a showstopper.  If the host
picks a destination address on the least preferred network, the network
infrastructure has no way to redirect him.

An alternative is to push policy to the hosts that's a bit smarter than
longest-bit-match, except in a large enterprise, programming policy to
100,000+ hosts is extremely hard to do unless it's standardized and
centralized in the network.  Now, I have no problems with the host
learning policy (through RA, or through a DNS mechanism, or whatever) but
it needs to be a required, standard part of IPv6.

/cah

---
Craig A. Huegen, Chief Network Architect      C i s c o  S y s t e m s
IT Transport, Network Technology & Design           ||        ||
Cisco Systems, Inc., 400 East Tasman Drive          ||        ||
San Jose, CA  95134, (408) 526-8104                ||||      ||||
email: chuegen@cisco.com       CCIE #2100      ..:||||||:..:||||||:..