On Thu, Apr 07, 2016 at 04:55:06PM +0200, David Lamparter wrote: > Now, the installation instructions for the product says "this is the > prefix your cloud service has, put a route for it in your domain". > > So, now the User's netadmin is essentially screwed since that's a > D!=default S!=default route. More correct, it's in fact 2 routes: > - D=cloud, S=ISP-A-PA => via installed cloud termination device > - D=cloud, S=::/0 => unreachable > Which goes to represent that the cloud service is only reachable from > ISP-A's PA prefix assigned to the User.
And it's not too far away from cases where private (e.g. RFC 1918) type addresses are only reachable or differently reachable via a given provider; e.g. company VPN. The general presumption for default is "you can reach the whole of the Internet". There's lots of circumstances where IP space really isn't "the whole of the Internet". While some of these issues can be addressed by having the host just try access via its available networks, many of them probably shouldn't be done this way. -- Jeff _______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
