ietf
[Top] [All Lists]

Re: [address-policy-wg] Re: IPv6 addresses really are scarce after all

2007-08-31 09:22:26
One of the things that I find myself wondering is whether "home" users
will need to establish VPNs to allow remote devices to access things in
their "homes".  And especially whether those remote devices will be
single devices or whether they will be on remote subnets.  This would
imply a need for more delegation levels within a "home" network.

Architecturally speaking, I don't like VPNs. I'd much rather that hosts
and apps be able to have addresses that are anywhere in the network and
be able to access hosts and networks elsewhere using authentication not
tied to source address.  But until we find better ways of protecting
networks and hosts, I don't think we should throw away use of the VPN as
a tool for authenticating remote devices to home networks.  Which again,
means not overly constraining the number of delegation levels available
to home networks.

It still leaves open the question of whether a /48 is too much, i.e. too
many subnets and/or too many levels of aggregation. If a /48 is not too
much, then the IETF should issue guidance that states that. If some
prefix length between /48 and /64 is OK under certain circumstances then
the IETF should issue guidance which states that. I still have not seen
any clear indication that there is a negative technical impact of
assigning a /56 per home. 
I think that's the wrong way to ask the question.  Rather than asking
"is there any reason that we know of today to not restrict the
flexibility of a home network?" ask "is there any reason why this
flexibility might be needed?"

Keith


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>