[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Distributed reachability information



On Wed, 12 Sep 2001, Erik Nordmark wrote:

> > This could be accomplished by using some kind of reachability cache,
> > storing information about whether an address or prefix is reachable (or
> > even how well, using RTT, bandwidth and packet loss statistics). As the
> > session is initiated, the possible addresses for the remote host are
> > checked against the reachability cache and the "best" address is selected.

> What is the trust model associated with the notion of a reachability cache?

> Would you trust one shared in the IETF terminal room or any other
> public or semi-public 802.11 infrastructure?

For yes/no reachability information: sure, why not. Either the information
is correct, and I benefit, or the information is wrong and I'm no worse
off then if I had picked the wrong address to try first myself.
Obvioulsy, when the cache says something is not reachable, we only take
this to mean we should try other addresses first, not that we shouldn't
try to contact the "unreachable" address at all. The address might have
become reachable again in the mean time.

For the more detailed RTT, bandwidth and packet loss information this
could be more of a problem: skillful manipulation of this information
might do more damage. And I'm not sure I'm willing to trust all
implementations to calculate these values correctly. So this part is
problematic.

> Would you trust one shared by all the customers of one of your ISPs?

If we make sure one single host can't flood the network with unlimited
amounts of false messages, the number of "good" messages will outnumber
the "bad" ones so there should still be some benefit.

> If you can't trust "random" hosts in a fairly large network
> (larger or a lot larger than a single home or personal area network) to
> contribute unverified information to the cache then the idea doesn't seem
> to be that useful since the probability of finding recent information
> in the cache about a particular destination is likely to be rather small.

I think even in relatively small networks the correlation between remote
hosts accessed is large enough to be helpful. Especially if the DNS is in
on it, since in many situations prior to communication the local name
server will have to contact a remote name server that is close to the
destination host.

Iljitsch