[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-v6ops-nap-00.txt <PROXIES>

To: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
Subject: Re: draft-ietf-v6ops-nap-00.txt <PROXIES>
From: Pekka Savola <pekkas@netcore.fi>
Date: Mon, 4 Apr 2005 13:48:12 +0300 (EEST)
Cc: brc@zurich.ibm.com, ericlklein@softhome.net, v6ops@ops.ietf.org
In-reply-to: <20050404144349.1676cdbf.ipng@69706e6720323030352d30312d31340a.nosense.org>
References: <200503291601.LAA13050@ietf.org> <002801c535da$0fcbe310$0201a8c0@ttitelecom.com> <20050402193200.080bb5ec.ipng@69706e6720323030352d30312d31340a.nosense.org> <424F9B40.5000405@zurich.ibm.com> <Pine.LNX.4.61.0504032034270.8107@netcore.fi> <20050404144349.1676cdbf.ipng@69706e6720323030352d30312d31340a.nosense.org>

On Mon, 4 Apr 2005, Mark Smith wrote:

In any case, proxies become a necessity when ULAs are used.  The
situation differs because in v4 you can use NAT ("implicit proxy")
instead.


I've understood that the intended, most common use of ULAs would be to
deploy them in parallel with globals, rather than instead of globals. I
wouldn't think a proxy would be a necessity in that scenario. Or have
I misunderstood what you're saying ?

That's correct, but I suspect the situation may be different in some cases. There will certainly be large deployments which only have ULA addresses, I suspect.

In a ULA only scenario, a proxy would be necessary to access external
content. It's use as a topology hiding mechanism wouldn't be of much
value though, as the ULA addressed topology would be unreachable over
the public Internet anyway.

The users who wish to hide the topology likely also want to hide non-routable topology. Thus, using a proxy is benefit because by definition the local topology (whether non-routable or not) cannot be discerned.

As said, using proxies in ULA-only case (note that it could be that some nodes are ULA-only [but still need to have controlled access out] and some may be ULA+global) might fulfill some other perceived requirements rather than just topology hiding -- e.g., NAT-like security.

--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

References:
- I-D ACTION:draft-ietf-v6ops-nap-00.txt
  - From: Internet-Drafts@ietf.org
- Re:draft-ietf-v6ops-nap-00.txt <PROXIES>
  - From: "EricLKlein" <ericlklein@softhome.net>
- Re: draft-ietf-v6ops-nap-00.txt <PROXIES>
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
- Re: draft-ietf-v6ops-nap-00.txt <PROXIES>
  - From: Brian E Carpenter <brc@zurich.ibm.com>
- Re: draft-ietf-v6ops-nap-00.txt <PROXIES>
  - From: Pekka Savola <pekkas@netcore.fi>
- Re: draft-ietf-v6ops-nap-00.txt <PROXIES>
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>

Prev by Date: Re: draft-ietf-v6ops-nap-00.txt <PROXIES>
Next by Date: RE: draft-ietf-v6ops-nap-00.txt <PROXIES>
Previous by thread: Re: draft-ietf-v6ops-nap-00.txt <PROXIES>
Next by thread: RE: draft-ietf-v6ops-nap-00.txt <PROXIES>
Index(es):
- Date
- Thread