draft-ietf-opsec-lla-only-09.txt   draft-ietf-opsec-lla-only-10.txt 
OPsec Working Group M. Behringer OPsec Working Group M. Behringer
Internet-Draft E. Vyncke Internet-Draft E. Vyncke
Intended status: Informational Cisco Intended status: Informational Cisco
Expires: January 24, 2015 July 23, 2014 Expires: January 29, 2015 July 28, 2014
Using Only Link-Local Addressing Inside an IPv6 Network Using Only Link-Local Addressing Inside an IPv6 Network
draft-ietf-opsec-lla-only-09 draft-ietf-opsec-lla-only-10
Abstract Abstract
In an IPv6 network it is possible to use only link-local addresses on In an IPv6 network it is possible to use only link-local addresses on
infrastructure links between routers. This document discusses the infrastructure links between routers. This document discusses the
advantages and disadvantages of this approach to help the decision advantages and disadvantages of this approach to help the decision
process for a given network. process for a given network.
Status of This Memo Status of This Memo
skipping to change at page 1, line 33 skipping to change at page 1, line 33
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 24, 2015. This Internet-Draft will expire on January 29, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 38 skipping to change at page 2, line 38
of a router is also not reachable beyond the link boundaries, of a router is also not reachable beyond the link boundaries,
therefore reducing the attack horizon. therefore reducing the attack horizon.
This document discusses the advantages and caveats of this approach. This document discusses the advantages and caveats of this approach.
Note that some traditionally used techniques to operate a network Note that some traditionally used techniques to operate a network
such as pinging interfaces, or seeing interface information in a such as pinging interfaces, or seeing interface information in a
traceroute do not work with this approach. Details are discussed traceroute do not work with this approach. Details are discussed
below. below.
During IESG review the technical correctness and completeness of the During WG and IETF last call the technical correctness of the
document has been fully reviewed and verified, However, IESG noted document has been reviewed, however debate exists as to whether to
that there was no full consensus within the working group on whether recommend this technique. The deployment of this technique is
to recommend this technique. appropriate where it is found to be necessary.
2. Using Link-Local Addressing on Infrastructure Links 2. Using Link-Local Addressing on Infrastructure Links
This document discusses the approach of using only link-local This document discusses the approach of using only link-local
addresses (LLA) on all router interfaces on infrastructure links. addresses (LLA) on all router interfaces on infrastructure links.
Routers don't typically need to receive packets from hosts or nodes Routers don't typically need to receive packets from hosts or nodes
outside the network. For a network operator, there may be reasons to outside the network. For a network operator, there may be reasons to
use greater than link-local scope addresses on infrastructure use greater than link-local scope addresses on infrastructure
interfaces for certain operational tasks, such as pings to an interfaces for certain operational tasks, such as pings to an
interface or traceroutes across the network. This document discusses interface or traceroutes across the network. This document discusses
 End of changes. 4 change blocks. 
7 lines changed or deleted 7 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/