Test Route

From: David R Conrad <davidc@iij.ad.jp>

Yeah, there are 2^32 bits of address space, after all.

There are? I always thought there were 32 bits of address space, not 2^32,
and the code that I wrote even worked... :slight_smile:

>After all, if we all do our jobs right, maybe someday we can make
>the firewalls go away....

If we all do our jobs right, it won't matter if someone uses 1597
space. Firewalls will never go away -- they're too useful.

Firewalls are a kludge; they're necessitated only by the lack of strong
authentication in the stack. I daresay that if the current level of threat
continues to escalate (to quote a friend, "it's a bad neighborhood out
there"), I foresee that the need for Joe Everyman to run a firewall will
diminish or disappear, and sooner - not later.

Now, I won't dispute that there will be some places where either because of
legacy systems in house or paranoia they continue to run a firewall. But the
95% solution will be in place, and if they previously chose to use 1597-style
addresses, the 95% of the world who decided they didn't need firewalls
anymore because of strong authentication will be forced to renumber.

I am more than willing to admit that 1597 has its uses, and people who find
rfcs 1597 and 1627 on their own, read them, and figure out whether they want
to bear the risks and consequences should feel free to use the addresses.
That *doesn't* mean, however, that it should be promoted or upgraded from
"informational" to "recommended", and I no longer recommend it to "casual" IP

The concept of globally unique addressing is simply far too powerful and far
too useful for us to summarily and without further thought assert that
firewalls are a fact of life that will be with us forever.