Re: draft-ietf-v6ops-cpe-simple-security-12.txt feedback

[Fred Baker <fred@cisco.com>]

On Aug 6, 2010, at 8:31 PM, james woodyatt wrote:

> On Jul 28, 2010, at 01:00, Toerless Eckert wrote:
>> 
>> Not quite sure what you mean. I would like application meant to be written
>> for home/SMB networks to be written to use at most site-local IPv6 multicast
>> group address scopes.
> 
> That's not in the ambit of the draft.
> 
> The draft recommends a DEFAULT multicast scope boundary of organization-local because we think it will be very rare for a subscriber and their service provider to be separate sites within the *same* organization, and moreover, we do not think that the DEFAULT should be set so that subscribers are all expected to be within the same organization unless they actively take steps to separate themselves by reconfiguring the multicast scope boundary.
> 
> Setting the DEFAULT multicast scope boundary to site-local, instead of organization-local, would be profoundly wrong-headed.  I would object vigorously to making the change to the draft you propose.


Dumb question, chair hat off...

In the absence of a deployed multicast routing protocol, I would be surprised at the use use of anything beyond link-local multicast. We don't have an algorithm that will correctly route a multicast in a wider scope (eg, deliver exactly once barring random loss), and we don't have an algorithm besides route filtering in a routing protocol that will contain a multi-subnet multicast within any specific boundary.

As a result, in a SMB/SOHO/Residential environment and for that matter any environment, I would expect multicasts to be *link-local* in scope apart from configuration - at minimum configuration of a multicast routing protocol and appropriate route filters.

Why are site-local or organization-local even on the table?