Paul Vixie wrote:
i realized in that moment, that ULA-G (and therefore ULA-C) is not an
end run around PI space, it's an end run around the DFZ. some day, the
people who are then responsible for global address policy and global
internet operations, will end the "tyranny of the core" by which we
cripple all network owners in their available choices of address
space, based solely on the tempermental fragility of the internet's
core routing system. but we appear not to be the generation who will
make that leap.
Mumble. It's hard for me to buy the idea of there not being a "core"
portion of the Internet from which all public addresses are reachable.
But I can imagine a world in which there are industry-specific cores,
"mini-cores" if you will, that aren't part of the public Internet (in
that they are not reachable in general from networks that aren't
connected to that mini-core) but which provide reachability between
parties within a particular industry. For instance, I could imagine the
banking industry having a mini-core that facilitated transactions
between banks, and there being another mini-core to facilitate
transactions between automobile manufacturers and their parts suppliers,
and another mini-core that served to connect retail chains with their
product suppliers. A business could connect to multiple mini-cores.
And part of the purpose of these mini-cores would be to let businesses
with mutual interest in connecting, connect without having to arrange
bilateral private interconnection, and still have their b2b machines
isolated from the public network.
All of those mini-cores could, in principle, exchange advertisements of
reachability to ULA prefixes, or for that matter other kinds of prefixes.
Most of the businesses that had presence on those mini-core networks
would also have presence on the public Internet for public web access,
email, etc., and they would need public prefixes for that. And it
might even be the case that those applications that offered services to
the public would be tolerant of renumbering.
What bugs me is that I think that the existence of mini-cores (or more
generally, a large number of private interconnections between networks
using ULA prefixes) leads to a world where it becomes important to have
a particular kind of source address to talk to a particular kind of
destination address, and in which applications are expected to choose
the right source address in order to talk to a particular kind of
destination address. So the sources addresses available to a particular
host end up being like a keyring. I don't think that's a good burden to
put on apps, and I don't think that using addresses like authentication
tokens is a good way to go.
Keith
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf