Re: Important IPv6 Policy Issue -- Your Input Requested
To the end user of address space it is absolutely irrelevant how large the total space is or what the size of the routing table is. What matters is how much cost/effort you need to expend to get your address space, and what you need to use it for. A guarantee of global uniqueness has an unavoidable (and, in fact, quite significant) cost; some uses of address space don't require global uniqueness; therefore there will be a market demand for non-unique space.
then let them make up addresses. oh, you mean they don't want to collide with global addresses? so they want nat? i though a major goal of v6 was no nat. again, you want you cake or want to eat it?
At 10:10 PM 11/8/2004, Randy Bush wrote:
To the end user of address space it is absolutely irrelevant how large the total space is or what the size of the routing table is. What matters is how much cost/effort you need to expend to get your address space, and what you need to use it for. A guarantee of global uniqueness has an unavoidable (and, in fact, quite significant) cost; some uses of address space don't require global uniqueness; therefore there will be a market demand for non-unique space.
then let them make up addresses. oh, you mean they don't want to collide with global addresses? so they want nat? i though a major goal of v6 was no nat.
Is it SO hard for people to understand that it's possible today to use private address space and public address space in a network WITHOUT using NAT? In today's networks, printers do NOT need global addresses. Telephones which connect only to a PBX in a private network need not have public addresses. On those same networks, workstations and servers might have public addresses. We have these neat devices called routers that allow private address subnets and public address subnets to talk to one another WITHOUT NAT, within an enterprise network. There was a local scope addressing that some thought would fill this role, but then a bunch of folks decided that was a bad idea and shot it. Sounds like the documentation address block will fill the role of supporting telephones, printers, factory floor automation and other devices which do not (and in some cases SHOULD NOT) talk to the public Internet. Please make honest arguments, and stop insisting that private addressing == NAT.
again, you want you cake or want to eat it?
Is it SO hard to understand that some people actually wanted site local addressing? I guess it is. That's how at least some folks used RFC 1918...
On 8 Nov 2004, at 22:53, Daniel Senie wrote:
Is it SO hard for people to understand that it's possible today to use private address space and public address space in a network WITHOUT using NAT?
I think the hard thing to understand is why you would bother using 1918 space if you didn't have to.
In today's networks, printers do NOT need global addresses.
If they did have globally-unique addresses, I bet they would still work just fine, though. Joe
In today's networks, printers do NOT need global addresses.
let me make sure i understand this. in order not to have to pay for the address space for a my enterprise's printers, they are supposed to make separate ether runs to them parallel to all the workgroup runs, so they can route them funny. then they are supposed to maintain all that routing cruft, port(s) on the routers, ... gimme a break randy
In today's networks, printers do NOT need global addresses.
So I'm not allowed to send stuff to my printers at home or in the office, to be picked up by my wife, or a colleague, wherever I am on the Internet? You should be careful not to try and apply local policies to a global network. Simon -- Simon Lockhart | Tel: +44 (0)1628 407720 (x(01)37720) | Si fractum Technology Manager | Fax: +44 (0)1628 407701 (x(01)37701) | non sit, noli Internet Operations | WWW: http://www.siemens.co.uk/sbs/ | id reficere Siemens Business Services, Maiden House, Vanwall Road, Maidenhead. SL6 4UB. UK This email contains confidential information and is for the exclusive use of the addressee(s). If you are not the addressee, then any distribution, copying or use of this email is prohibited. If received in error, please advise the sender and delete/destroy it immediately. We accept no liability for any loss or damage suffered by any person arising from use of this email. Siemens Business Services Media Holdings Ltd. Registered No: 04128934 England Registered Office: Siemens House, Oldbury, Bracknell, Berkshire, RG12 8FZ
:-> "Simon" == Simon Lockhart <simon.lockhart@bbc.co.uk> writes: >> > In today's networks, printers do NOT need global addresses. > So I'm not allowed to send stuff to my printers at home or in the office, to > be picked up by my wife, or a colleague, wherever I am on the Internet? > You should be careful not to try and apply local policies to a > global network. In this case, wouldn't you rather send your print job to a print server with proper access lists ? Pf -- ------------------------------------------------------------------------------- Pierfrancesco Caci | Network & System Administrator - INOC-DBA: 6762*PFC p.caci@seabone.net | Telecom Italia Sparkle - http://etabeta.noc.seabone.net/ Linux paperino 2.4.20 #1 Mon Dec 2 17:02:14 CET 2002 i686 GNU/Linux
At 11:17 AM 11/9/2004, Simon Lockhart wrote:
In today's networks, printers do NOT need global addresses.
So I'm not allowed to send stuff to my printers at home or in the office, to be picked up by my wife, or a colleague, wherever I am on the Internet?
That's fine, if that's what network policy on your global enterprise network permits.
You should be careful not to try and apply local policies to a global network
Or apply global policies to a local network. The printers that are not going to be accessible from elsewhere in the world are going to precluded by firewall from talking beyond the administrative boundary. That being the case why is it the concern of the global internet community whether the address for that printer comes from a block of addresses from an upstream ISP, an address that may change over time, or comes from a locally administered scope? This is the concern of the owner of the network, not those trying to impose their view of how IPv6 should be deployed. Lack of suitable private space allocated for that purpose will result in a repeat of what happened with IPv4: people will pick random address blocks to use. This is really outside the purview of NANOG, since what we're talking about is NOT on the public networks. About the only impact on NANOG is how much backbone networks can charge for blocks of address space to companies who are not going to route those blocks over the public networks. The message likely to be learned by enterprises from reading this discussion is rather different than many of you would hope: Stay with IPv4, and use private address space from RFC 1918 for disjoint networks. Preaching to enterprises about how they should run their networks is a sure fire way to get ignored. Backbone networks and operating enterprise networks may use much of the same gear, but the policies, procedures and goals are quite different.
On Tue, 9 Nov 2004, Randy Bush wrote:
In today's networks, printers do NOT need global addresses.
let me make sure i understand this. in order not to have to pay for the address space for a my enterprise's printers, they are supposed to make separate ether runs to them parallel to all the workgroup runs, so they can route them funny. then they are supposed to maintain all that routing cruft, port(s) on the routers, ...
not that it's a great plan, and excepting the popular router vendor 'features' with respect to multiple ip addresses per interface... you CAN put more than on broadcast domain on a single ethernet LAN. this does make for some 'fun' in configuration management and in deconflicting address space usages across larger enterprises as well. In general each ip device really ought to have a globally unique ip address, even if you never plan on connecting a network (something that would live more than a testing cycle) to the global internet. business plans change, partners come and go and technology is always making it easier to do things 'on the network' than off.
On Thu, Nov 11, 2004 at 03:00:04AM +0000, Christopher L. Morrow wrote:
On Tue, 9 Nov 2004, Randy Bush wrote:
In today's networks, printers do NOT need global addresses. let me make sure i understand this. in order not to have to pay for the address space for a my enterprise's printers, they are supposed to make separate ether runs to them parallel to all the workgroup runs, so they can route them funny. then they are supposed to maintain all that routing cruft, port(s) on the routers, ...
not that it's a great plan, and excepting the popular router vendor 'features' with respect to multiple ip addresses per interface... you CAN put more than on broadcast domain on a single ethernet LAN.
As this is about IPv6: IPv6 devices MUST be able to handle multiple Addresses on one interface. As this is a requirement anyway it is reasonably safe to assume all devices on an IPv6 network are able to do that. As long as you do not assume Vendors will build non-standard. If you start thinking into that direction, anything is possible, so it would be unplannable anyway.
this does make for some 'fun' in configuration management and in deconflicting address space usages across larger enterprises as well. In general each ip device really ought to have a globally unique ip address, even if you never plan on connecting a network (something that would live more than a testing cycle) to the global internet. business plans change, partners come and go and technology is always making it easier to do things 'on the network' than off.
With IPv6 and autoconfiguration, you will at least have a link local address. So even with your setup, you will have a link-local and a globally unique address on each network interface. Nils
participants (7)
-
Christopher L. Morrow
-
Daniel Senie
-
Joe Abley
-
Nils Ketelsen
-
Pierfrancesco Caci
-
Randy Bush
-
Simon Lockhart