> Thus spake "Keith Moore" <moore@cs.utk.edu> > > > And you're conflating ambiguous addressing with scoping. > > > > nope. the property that I'm concerned about is not that an address > > may only be usable within a particular portion of the network, it's > > that the address is ambiguous. > > As Mr. Hain pointed out, last week your argument was about scoping and > apps picking addresses, not about private addresses. indeed, there are several arguments. ambiguity is the biggest problem, but there are others. nor are they independent of one another - the problems interrlate. having ambiguous addresses makes the address selection problem more difficult, but the need to employ address selection is a problem even if all addresses are global. also, when I've been using the word "scoping" I've been talking about the scope in which an address is defined (has a well-defined meaning) rather than the scope in which an address could be used- I argue that we need globally scoped addresses even if they can only be used within a limited portion of the network. > > so given an address there's no way to know whether or not it is > > valid, or why it doesn't seem to work to let you connect with the > > host/peer/server you think it's associated with. > > You have no way of knowing if any address is reachable from any > particular location. That is not a property specific to private > addresses. they're different. if you have a globally scoped address you can try to send to it, and the network will make a best effort to get it there, modulo policy. if it doesn't know how to get the packet there, and the network "should" send an ICMP that explains the reason it can't get there. and that address will reach the same location/host from any point in the network. if you have an ambiguous address you can try to send to it, but the network can't tell where it's intended to go. to the extent that the network tries to route it somewhere, it may not end up at the location/host the sender intended, and there's no way for anyone to know that the packet is being misrouted. if an error is returned it is pretty much useless - either the host is down or the network interpreted the address in a different scope that was intended or the sending host picked the wrong interface. note that if you had a globally unique address that only works within a limited scope, it acts like any other globally scoped address. > > > Perhaps. There is no functional difference unless multiple > > > instances of the same address are actually _reachable_ by a third > > > party; the mere existence of duplicates does not change the > > > architecture. > > > > wrong. it's useful to have unique names for hosts (or points on the > > network) even if they're not directly reachable by everyone who > > might possess those names. > > Useful, yes; a fundamental part of the architecture, no. disagree. the internet protocol fundamentally depends on addresses being global - routing between arbitrarily connected IP networks cannot work without this property. furthermore there are several deep assumptions that IP addresses are uniquely assigned to hosts - for instance, IP addresses are used as TCP endpoint identifiers, and round-trip estimates are made on a per-host basis. > Removing private addresses from the IPv6 architecture is a fundamental > change from IPv4: site-locals are not a new addition, just a different > name. False. IPv4 only had private addresses for use in isolated networks, and this was a late addition, and we've learned from experience that this was a mistake. > If site-locals are deprecated, the NAT/stable address/whatever crowd > will just pick a different prefix to use. and the boogey man will come, and we'll all be attacked by terrorists flying cessna 172s. sorry, but I'm sort of fed up with living in a country that does its best to control its citizens through irrational and ungrounded fear, all the while pretending that it's good for you and ignoring the real problems that exist. I've got a pretty low tolerance for such tactics these days. yes, we have to give people good ways to solve real problems that they have. no, we don't have to legitimize every bad idea that people have put into practice merely because somebody is doing it. Keith