[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: renumbering
Date: Tue, 17 Sep 2002 20:45:10 +0000
From: Paul Vixie <paul@vix.com>
Message-ID: <20020917204510.F28FB28B01@as.vix.com>
| however, at size 10**4 and above, renumbering of this kind will be
| expensive.
The actual renumbering need not be expensive. At the minute it would be,
but more tools/protocols can be developed to make the kind of renumbering
we're talking about more or less invisible as far as the site is
concerned (and yes, A6 would certainly have helped).
We're nowhere near there yet, but we can get there - that is, make all of
this possible. That isn't to require anyone to actually use this stuff
if they don't trust it (the "I won't let anything reconfigure my router
except for me" attitude).
The other kind of renumbering (changing the internal structure of a net)
will perhaps still be hard (though not as hard as for v4) - but running
NAT doesn't help with this at all.
Actually producing something that uses site local addressing where possible,
to isolate local communications from the effects of a global prefix change
is another thing that will assist with all of this, just as external
renumbering is hidden by the use of 1918 addresses hidden behind a NAT.
I have some students working on this now - they seem to have it all working
in a prototype environment (to the stage where if you say
telnet 3ffe:...
it actually makes a connection (where possible) to fec0:... instead)
That is, of course, going too far - if someone gives a numeric address,
that's what should be used, but this makes it easier for their testing,
as they don't get to own the DNS zone files, and so can't get their
systems included easily, so they're currently just using numbers. The
current implementation isn't suitable for use in the wild, but it does
demonstrate that the method works, and site local addresses can be used
without anyone needing to know a lot about it (the application obviously
knows, and should be able to say "no", but most simply don't care).
| and at size 10**5 and above, it will be constant/overlapping.
Huh? What does the size of the net have to do with the frequency of
renumbering - if anything, smaller nets are the ones that tend to shift
around more frequently (they don't have the clout to get good deals from
providers initially, nor do they usually engage in longer term agreements
to achieve that - bigger places do).
If implemented rationally, there's no reason that renumbering a large net
should take a lot longer than a small one - that would only be the case
if we started needing a lot of human intervention everywhere. That's
something that we need to get away from (and that includes getting literal
addresses out of filters and such, and instead using "my prefix" and then
the rest of the address, where that's what we mean).
| my point was, that's a big reason why folks will ask "why not just use NAT?"
And the answer will be, that NAT achieves nothing, but does limit
applications, some things just don't work. And once we get into an
environment where the default isn't "everyone uses NAT", more of the
kinds of applications that just don't work with NAT are likely to appear
(there will be no reason for them not to).
kre