This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/address-policy-wg@ripe.net/
[address-policy-wg] 2005-08 New Policy Proposal
- Previous message (by thread): [address-policy-wg] 2005-08 New Policy Proposal
- Next message (by thread): [address-policy-wg] 2005-08 New Policy Proposal
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jørgen Hovland
jorgen at hovland.cx
Wed Oct 5 12:04:20 CEST 2005
-----Original Message----- From: address-policy-wg-admin at ripe.net [mailto:address-policy-wg-admin at ripe.net] On Behalf Of Gert Doering [Ger Doering] Why should anyone want to give a customer 10 IPv6 addresses, and *not* a full /64? [Jørgen Hovland] I can think of a few reasons that would directly affect us now: * Internal marketing and/or policy reasons. * Limit the amount of abuse. * It isn’t possible with todays ethernet technology to use an entire /64 on the same LAN, MAC addresses are 48bits wide. Private customers only have one LAN link to us. Even if the MAC addresses were to be expanded into 96bit, the probability of MAC address collision most likely still is far too high. * Limitations in the contract making it reasonable to limit the amount of IP addresses you get, like "you are only allowed to connect 10 cameras to the internet". * We might want to sell a "cheaper" version of a better product. * It would result in a DoS if we didn’t limit the DHCP pool per link to something that our hardware is capable of doing. So the full /64 will never be used. * The product isn't capable of more than N links (machines). A thought: Security is about giving access to what you need, not what you can get. [Ger Doering] This would be very much against the spirit of IPv6 - "have enough addresses, and no questions asked". [Jørgen Hovland] I don't quite see the similarity between "having enough addresses" and "allocating the proper amount of addresses for the product you are buying", so I believe the spirit is still there. There will be less technical limitations in the future, but the other reasons will still remain. Cheers, Joergen Hovland
- Previous message (by thread): [address-policy-wg] 2005-08 New Policy Proposal
- Next message (by thread): [address-policy-wg] 2005-08 New Policy Proposal
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]