David W. Hankins wrote:
On Mon, Apr 20, 2009 at 06:08:40PM -0400, Sam Hartman wrote:
I'd actually appreciate focus on the multiple interfaces (or multiple
network providers) problem. I think that attacking this in full
generality is well beyond what we can manage. I think even a focused
problem may prove challenging.
I'm not sure if this agrees or disagrees with your view;
I think the problem being skirted, and the one that needs resolution,
is any situation where a host receives configuration from two
different administrative domains it straddles, regardless of
While I certainly admit that this is part of the problem, I don't know
why this is _the_ distinguished problem that needs resolution. I can
certainly identify several others.
A single administrative domain that wishes to present inconsistent
configuration seems like a problem that can be solved by having the
domain present itself as two (or more).
How does this actually solve the problem? To me it seems like it
glosses over it. It certainly doesn't make the application writer's
task any easier.
At present, and core to the problem of IPv6 casual interconnection
security, there are no mechanisms for network related configuration
to identify its source domain. This suggests interim solutions that
attempt to divine a unique source domain, and the algorithm(s) to
digest configuration across domains, as well as long-term experiments
(?) to seek concise advertisements of a given configuration's source
Certainly agree that network configuration information received from one
domain should not be applied to another domain. And a host should not
be expected, as an architectural matter, to be bound by the
configuration information received from one of its interfaces, except
with respect to traffic sent over that interface.
But I thought this was obvious, so maybe I don't see what you're getting at.
Ietf mailing list