In message <87y55sjcc7.fsf@nemi.mork.no>, =?utf-8?Q?Bj=C3=B8rn_Mork?= writes:
Lee Howard <Lee@asgard.org> writes:
The 6renum WG at IETF just closed, with a list of work items remaining for other WGs to complete. I recommend RFC6879 in particular, with RFC6866 describing some parts of the problems and RFC7010 being the outstanding work.
The IETF has generally been taken as an assumption that the home network is
unmanaged (see the Homenet charter and architecture document, for instance). The administrator of a managed network can follow RFC6879 and renumber pretty seamlessly.
Yes, given - careful planning - smart macro usage - some scripting
Feel free to show me a typical business site with more than 2 of those in place...
FWIW, I did a little exercise on my home network, running just a few basic services which I assume most businesses will run as well. This resulted in a number of text configuration file formats requiring requiring knowlegde of the prefix list (i.e. not suitable for DNS names): - spamassasin (trusted_networks) - BIND (recursion allowed acl)
Named actually looks at netmasks and prefix lengths on interfaces and generates named acls based on those. Named regularly scans the interface list and adjusts the named acl based on the changes it sees. It could use a routing socket rather than a timer to do this. The default allow-recursion acl uses that named acl. If the site prefix length was available to it, say via being advertised in the RA, it would also generate a "localsite" acl.
- sendmail (relaying access) - ntp (peer access) - cups (printer access) - squid (http proxy access)
All of these use different configuration syntax and generally do not support macro expansion of the prefix. So you'd have to script any updates.
I'm in particular fond of the sendmail and ntp syntaxes, which can best be described as "weird".
sendmail: IPv6:2001:0db8:0f00 RELAY
ntp: restrict 2001:db8:f00:: mask ffff:ffff:ffff:: nomodify
When you can't even standardize on a prefix syntax, how the heck are you going to make renumbering seamless??
You have a daemon that reconfigures components of the system when new interfaces are. I already have dhclient do this for me with IPv4. It already goes and talks to machines on the other side of the world and reconfigures them because the IPv4 address my ISP is giving me as changed. You have templated configuration files for that daemon to use.
In the unmanaged home, since everything is automatic, renumbering should be seamless.
Most homes will have at least one manually configured IP device. Typical candidates are - printers - media (video and/or audio) playback devices - additional wlan access points
We can close our eyes and ignore them, but they are still there. Yes, yes, the firmware programmers are going to get much much smarter when they add IPv6 to these devices. I'm sure.
Firstly ULA's will save a lot of these devices as they don't need to be visible outside of the house. For those that do need to be externally reachable a "Renumber Ready" campaign would help the punter choose the right box.
I'm still in favour of reducing the renumbering burden as much as possible, even for home networks.
Bjørn -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org