[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt [not DCHPv6]

To: Eric Klein <ericlklein@softhome.net>
Subject: Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt [not DCHPv6]
From: Stig Venaas <Stig.Venaas@uninett.no>
Date: Tue, 26 Jul 2005 17:36:11 +0200
Cc: v6ops@ops.ietf.org
In-reply-to: <01b201c591d5$679e0d00$0401a8c0@mtc.ki.se>
References: <E1DieGN-0006vm-6P@newodin.ietf.org> <20050618011842.656c62f1.ipng@69706e6720323030352d30312d31340a.nosense.org> <20050627182217.773a77b1.ipng@69706e6720323030352d30312d31340a.nosense.org> <20050725082942.GA22657@storhaugen.uninett.no> <20050726002055.6473e811.ipng@69706e6720323030352d30312d31340a.nosense.org> <583F25A0-55F3-4F19-A037-0B1CC1584EB4@ecs.soton.ac.uk> <20050726111203.GH29226@storhaugen.uninett.no> <01b201c591d5$679e0d00$0401a8c0@mtc.ki.se>
User-agent: Mutt/1.4.1i

On Tue, Jul 26, 2005 at 02:30:17PM +0300, Eric Klein wrote:
> Stig Venaas Wrote:
> > There's been discussion regarding DHCPv6 PD and route injection. This
> > is sort of a degenerated case of that (:
> >
> > I believe how to do injection is the biggest issue here. I don't quite
> > believe in all hosts in a site injection routes. Maybe some kind of
> > tunneling is easier.
> >
> > Mechanisms for injecting host routes could be useful for people doing
> > anycast though. This is done today but then with just a few trusted
> > hosts, not all the hosts in a site.
> 
> Although these are valid points, I would think that these DHCPv6 issues
> should be brought up in relation to the DHCPv6 drafts rather than the NAP
> one.

I only noted DHCPv6 in the first sentence. Everything I say about
injection is a general problem. Main point is that having host routes
for all hosts (or all that is to communicate with the outside) is not
really that easy in practise.

So as I'm saying, tunneling might be easier, which is basically what
the NAP draft suggests (using MIPv6).

> > I must say though that I never understood what one gains by hiding the
> > topology, and there's lots of complexity and pain related to this. I
> > guess the idea with NAP draft though is that if some silly people
> > insist on hiding their topology, then it should tell them how it can
> > be done.
> >
> The point of this draft was that NAT and topology hiding are not useful for
> security and NAP via native IPv6 can better handle the security issues. This
> is why we do not offer work arounds that bring back NAT topology hiding into
> IPv6.

But you try to offer work arounds by suggesting MIPv6, right? And the
question was whether other tunneling mechanisms or host routes could be
an alternative.

Stig

> 
> Eric
>

References:
- I-D ACTION:draft-ietf-v6ops-nap-01.txt
  - From: Internet-Drafts@ietf.org
- Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
- Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
- Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt
  - From: Stig Venaas <Stig.Venaas@uninett.no>
- Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
- Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt
  - From: "Mark K. Thompson" <mkt@ecs.soton.ac.uk>
- Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt
  - From: Stig Venaas <Stig.Venaas@uninett.no>
- Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt [not DCHPv6]
  - From: "Eric Klein" <ericlklein@softhome.net>

Prev by Date: Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt [not DCHPv6]
Next by Date: v6ops agenda
Previous by thread: Re: I-D ACTION:draft-ietf-v6ops-nap-01.txt [not DCHPv6]
Next by thread: RE: I-D ACTION:draft-ietf-v6ops-nap-01.txt
Index(es):
- Date
- Thread