[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Multihoming by IP Layer Address Rewriting (MILAR)



On Tue, 4 Sep 2001, Iljitsch van Beijnum wrote:

> On Tue, 4 Sep 2001, Peter Tattam wrote:
>
> > The discovery of the alternative destination address is the crux of the problem
> > and needs to be handled in such a manner as to prevent spoofing attacks.  IPsec
> > is too heavy to deal with the issue - my lightwieght proposal of a SYN/ACK
> > exchange like TCP works but is subject to address list explosion issues which I
> > hope to resolve through sending compressed address trees instead of lists or
> > sets.
>
> Doing this in the SYN/ACK handshake has the disadvantage that you have to
> do it over and over again for each TCP session. One popular application
> comes to mind that uses many short lived TCP sessions...

Intestingly enough SCTP addresses these applications (such as HTTP) rather
well without overhead of assoication communication for every stream.