[prev in list] [next in list] [prev in thread] [next in thread]
List: ipng
Subject: RE: addrsel: privacy addresses within/out of a site
From: Suresh Krishnan <suresh.krishnan () ericsson ! com>
Date: 2011-01-05 10:20:43
Message-ID: 4FD1E7CD248BF84F86BD4814EDDDBCC150E9C64860 () EUSAACMS0703 ! eamcs ! ericsson ! se
[Download RAW message or body]
Hi Pekka,
> Operational input: when discussing the use of RFC4941
> (privacy) addresses with our LAN/workstation admins, it
> seemed as if there would be great benefit from being able to
> specify an RFC3484 rule which would in essence say:
>
> "do not use privacy addresses when communicating inside the
> site [a set of designated destination prefixes], use it by
> default otherwise"
>
> I don't think this is possible today because rfc3484 policy
> table only allows matching by prefixes, not by address type.
I agree with you that this would be useful.
>
> Has this come up in discussions / has anyone else thought about this?
Not exactly this point, but the ability to add specific prefixes into the policy \
table dynamically has been discussed several times before (e.g. in ULA scenarios) and \
will hopefully be solved soon.
On a side note, if you control the application you could use the \
IPV6_PREFER_SRC_PUBLIC flag defined in RFC5014 to effect such behavior.
Thanks
Suresh
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic