Re: Distributing site-wide RFC 3484 policy

[Iljitsch van Beijnum <iljitsch@muada.com>]

On 24-jul-2007, at 10:10, Jun-ichiro itojun Hagino wrote:

> > Before moving to "draft-fujisaki-dhc-addr-select-04.txt",

Can't find a draft with that name...

> 	- the entire "source address selection" stuff was a mistake.
> 	  network has to be deployed so that any ip6_src/ip6_dst pair can go
> 	  out of the organization somehow.

That ship has sailed. Even if you could, through some kind of  
herculian effort, make it so that only a single IPv6 address is  
available per host rather than 1 or more for 1 or more interfaces,  
there's going to be the issue of having both an IPv4 and an IPv6  
address. I currently have a mail client that won't fall back to IPv4  
if IPv6 doesn't work. That's not acceptable.

> 	  (a) if there's some issue like uRPF in some of your ISPs, the  
> egress
> 	      routers in your organization should implement source-based
> 	      routing to workaround it.

When a host has selected addresses, other boxes can't overrule that.  
The best thing you can do is generate a quick unreachable so the host  
can retry with a different source/dest address combination.

> 	  (b) the whole idea of ULA/ULA-x should be killed at once.

No it shouldn't. People want it, no reasonable counter arguments have  
been presented.

> 	- alain durand said that he would prefer to have single IPv6 address
> 	  on a node.  i would not go that far (for renumbering and multi-
> 	  address multihoming) but i object to have addresses with different
> 	  reachability or "scoping".

You should have spoken up somewhere in the last century. This stuff  
is a done deal today, no point in turning back halfway and turning  
back completely is not possible at this point.

> 	- so, there's no need for you to think about "distributing source
> 	  address selection policy".

Deciding for other people what they don't need is extremely impolite.