Gert Doering <[email protected]> writes: > s I said before, this insistence on "IPv6 prefixes must never change!!
I never said that. What I say is that renumbering is painful, and we should therefore minimize the number of changes. We avoid all the pain if we avoid renumbering. > So if they change, we do not care about the consequences, but complain > about the change itself!!" is foolish to start with. People want to > change ISPs, want to multihome, if they have two ISPs, one or the other > might fail at times - so, getting our standards and implementations in > order to actually *deal with reality* (= prefixes change) would result > in a much nicer overall experience. I agree that we must deal with changing prefixes. Dealing with with is just not the best solution to the self imposed problem of forced changes. Mulithoming is a different problem. Using more than one stable prefix is not much harder than using one. The problem is prefix instability, not the number of prefixes involved. The main problem with renumbering is the large number of configuration files, or nvram variables on id^H^Hiot devices, containing prefixes in some form. This is mostly services using ACLs to differentiate between internal and external sources. Examples from one of my hosts: /etc/mail/access /etc/dkimkeys/internal-hosts /etc/spamassassin/local.cf /etc/bind/named.conf.options /etc/milter-greylist/greylist.conf /etc/ntp.conf /etc/squid/squid.conf In addition to that, I also have a few more self-imposed prefix hard coding: /etc/init.d/firewall6 /etc/systemd/system/transmission-daemon.service /etc/network/interfaces /etc/dhcp/dhcpd6.conf I left all DNS entries out. Automating updates of all this is semi-trivial. But it is scripts that has to be written, tested and maintained. And that will fail. Or be incomplete. You may want to note that most of the files I list above use an ACL syntax unique to that file. Not much standardization found here... Renumbering will never be completely painless. We can and should strive to make it better. But forcing renumbering on end users is harmful and should be avoided. Bjørn
