Re: ISP customer assignments

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Re: ISP customer assignments

From: Dan White
Date: Mon Oct 05 17:13:38 2009

List-archive: <http://mailman.nanog.org/mailman/nanog>
List-help: <mailto:nanog-request@nanog.org?subject=help>
List-id: North American Network Operators Group <nanog.nanog.org>
List-post: <mailto:nanog@nanog.org>
List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>,<mailto:nanog-request@nanog.org?subject=subscribe>
List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>,<mailto:nanog-request@nanog.org?subject=unsubscribe>

On 05/10/09 16:43 -0400, Ricky Beam wrote:

[here we go again]

On Mon, 05 Oct 2009 14:37:49 -0400, William Herrin <herrin-nanog@dirtside.com> wrote:
Some clever guy figured out that ... why not
add an extra 64 bits for that very convenient improvement? This is
called "stateless autoconfiguration."
Except that "clever guy" was in fact an idiot blinded by idealism. Not only did he fail to see the security implications of having a fixed address, but he'd apparently spent his entire life under a rock, on an

a publicly routeable stateless auto configured address is no less
secure than a publicly routeable address assigned by DHCP. Security is, and
should be, handled by other means.

island, on another planet... he completely ignored the fact that people were using DHCP [formerly known as BOOTP] (and have been now for over a decade) to provide machines with FAR MORE than just an address. A

That's what stateless DHCP does.

Some even more clever guy figured out that if the first clever guy's
strategy is used, it becomes a trivial matter to track someone
online... ...
stateless autoconfiguration will probably end up being a waste.
It's ALWAYS been a waste. All these supposed "clever guys" failed to learn from the mistakes that preceded them and have doomed us to repeat them... ICMP router discovery (technology abandoned so long ago, I'd forgotten about it), RARP, bootp, dhcp. SLAAC loops us back around to the beginning. Only this time, it's inescapable: I still have to have something on the network spewing RAs for the sole purpose of telling everything to use DHCP instead; there's a hard "class" boundary smack in the middle of a "classless network" because these "clever guys" were lazy and didn't want to figure out ways to avoid address collisions.

I don't understand. You're saying you have overlapping class boundaries in
your network?

(something modern IPv6 stacks do by default for privacy -- randomly generated addresses have to be tested for uniqueness.)

--
Dan White
BTC Broadband

Follow-Ups:
- Re: ISP customer assignments Valdis.Kletnieks

References:
- ISP customer assignments Brian Johnson
- Re: ISP customer assignments William Herrin
- RE: ISP customer assignments Brian Johnson
- Re: ISP customer assignments William Herrin
- Re: ISP customer assignments Ricky Beam

Prev by Date: Re: ISP customer assignments
Next by Date: Re: ISP customer assignments
Date Index
Thread Index
Author Index
Historical