[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Multihoming by IP Layer Address Rewriting (MILAR)



On Wed, 5 Sep 2001, Peter Tattam wrote:

> For the case where you only have a single starting address but there exists
> several alternative addresses and there is no way to find the alternatives (no
> DNS entries), you can only rely on routing infrastructure to tell you the rest
> of the addresses if the peer can't tell you.  This case would force routers to
> get involved which I hoped one could avoid.

We can't use the routers for this, since this information can't be
aggregated so we'd lose the "small DFZ" we're trying to work towards.

> It doesn't have to be a router that tells you this, just some third party
> service like DNS or a reachability cache or somehing.

> I agree with the comments mad by Christian about DNS not being the best vehicle
> for this kind of information.

> Is it worth pursuing the reachability cache idea?

I love the idea of a reachability cache where a group of hosts and routers
shares reachability information. However, I don't see how this could be
used to find out alternative addresses for a site for which there is not
yet any information in the cache. Also, it is much more important to
protect the cache against falsified alternative addresses than to
falsified (un)reachability information, since the former can lead to data
interception and DDoS attacks, and the latter only to a slight performance
degradation while the host discovers the cached information is incorrect.

The alternative would be some sort of address registration server, but
this would have to be both redundant and safe.