Re: Distributing site-wide RFC 3484 policy

[itojun@itojun.org (Jun-ichiro itojun Hagino)]

> I understood your opinion in one sense, but there might have been  
> problematic cases with reality.
> 
> some part are same as Brian, and we has been tried to write in the  
> Problem statement
> 
> - Currently we already have coexistence of VPN access and Global  
> Internet Access in a site

	as i respnoded to Brian this is a non-issue.

> - demands for controlling prefixes exists in some cases

	this has to be done sorely with routing table using ip6_dst, nothing
	else.  if you use ip6_src for controlling routing, you will go into
	paradise of "policy routing" that is, basicaly, a pitfall towards hell.

> - ULA has been reached consensus among IETF

	this does not mean that we have to use ULA.  moreover, RFC4291 do
	state that addresses other than ::, ::1, ff00::/8, fe80::/10 are
	global unicast, so ULA violates it in some sense.  with "global
	unicast" basically i assume "global reachability".

	sorry that i show up a bit late, but i have been taking medical leave.

	i should write up a draft or two to deprecate ULA.

> - demands for controlling v4-v6 preference

	maybe, but what would you need more than "IPv6 then IPv4"?

itojun