Le 07-07-25 à 17:34, Iljitsch van Beijnum a écrit :
On 25-jul-2007, at 13:13, Marc Blanchet wrote:As I said at the mike today, I really think we can't avoid such a mechanism.I agree with Brian. There must be a way for enterprises to push a RFC3484 policy to its nodes.It occurs to me that we're trying to solve a subset of the full problem here. There is lots of site-wide stuff that may potentially be distributed. Stuffing those in DHCP and/or RAs is problematic because we essentially need to redo this every time a new piece of information is found that needs to be distributed, and because it would get too big. I don't think a nice, complex RFC 3848 table will necessarily fit into less than a kilobyte, which is the most you can possibly borrow from DHCP/RA.Once you have connectivity,
well, but the policy will enable you to have that connectivity. If the policy the node currently have is wrong, then the node might not reach the server you are talking about.
downloading data of arbitrary size, providing information of an arbitrary nature, is trivial through well-known mechanisms such as HTTP. The only missing piece is the name/address of a small set of servers that are initially queried for this information. And this is something that will fit in a DHCP or RA message.
ok, so you agree on the idea, but you prefer another method than DHCP or RA. Maybe you should write a draft on the method you are proposing?
Marc. ----- IPv6 book: Migrating to IPv6, Wiley, 2006, http://www.ipv6book.ca