[rrg] Remote ACLs [Proposals which match rrg architectures.html pls check the page]
Brian E Carpenter
brian.e.carpenter at gmail.com
Sun Jan 4 12:08:07 PST 2009
On 2009-01-05 02:54, MARCELO BAGNULO BRAUN wrote:
>
>> 3 - Problems with maintaining ACLs in other networks for hosts
>> using SHIM6.
>>
>
> I don't understand this one
Isn't this in fact a (perceived) problem with the multi-prefix
model? If an endpoint has multiple locators, then any site that
puts one of those locators in an ACL needs to put all of them
in the ACL. So if you want to put somehost.example.net in an
ACL, you need to look up all its A/AAAA records and put all the
results in the ACL. I don't think this has anything to do with
shim6.
Brian
More information about the rrg
mailing list