On 5/4/21 17:34, Saku Ytti wrote:
I don't think you are, I read like an opinion piece so it's inherently
not right or wrong. I don't have the same experience and I consider
forcing LLA a blessing in limiting attack vectors and I personally
don't see downsides as all addresses are gibbering to me, as my
working memory contains very few digits. I wish ND had mandated LLA
too, so many customer tickets due to poorly configured filters due to
misunderstanding how ND works.
I agree - this may be one of those "six-and-half-a-dozen" scenarios.
When I had a smaller network there was meaning in what IPv4 addresses I
assigned, i.e., I could look at them and figure out which port on which
router. As I built larger networks, I suppose I had bigger problems than
that, and relied on other tools to help me with reverse look-up (DNS,
IPAM, an NMS, old notes that were probably half eaten by rats, e.t.c.).
I really haven't bothered to look into the history that brought us here,
but to me, LLA for an IGP makes sense. Would I have minded if it was
GUA... probably not. But I'm pretty okay with where we are at as a
community, in this respect.
Mark.
