> > GSE/8+8 gives us the ability to manage the addresses we exchange in > > routing down to a number of prefixes on the order of (eg equivalent > > to a small multiple of) the number of autonomous systems. > > Not really. Or rather, it will, at the following costs: > > - all IPv6 implementations must be rewritten > - need an IPv6->GSE transition strategy but unlike v4->v6 addresses > look the same > - still renumbering necessary when switching ISPs > - identity theft trivial unless we implement id<->locator security > protocols > - no multihoming without extra protocols to detect and repair failures GSE/8+8 also does not achieve topology hiding, not if the mapping between internal and external /64 is a one-one. Of course, you could smash multiple internal subnets to a single /64 external view, but then you would probably need a new duplicate address detection algorithm to avoid conflicts, not to mention recognize cases of a single host using the same host ID on multiple subnets. Of course, Iljitsch points an interesting issue. If NAT66 behaves exactly like, say, NAT 64, then why would the organization bother to use IPv6 rather than sticking with net 10? -- Christian Huitema _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf