[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A possible solution for source-based site-exit routing
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Aldrin" == Aldrin Isaac <aisaac@bloomberg.com> writes:
Aldrin> (1) If a multi-address host were connected such that each PA addressed
Aldrin> interface was directly connected to the network of the ISP who
Aldrin> assigned that interface's address, then we've reduced the problem down
Aldrin> to the similar level of simplicity as the home-pc that is connected to
Aldrin> a dsl ISP and a cable ISP. This is the optimum environment for
Aldrin> host-based multi-homing solutions.
I think that this is an important problem, but I'm going to ignore your
points (2) and (3), because they get into a specific solution too quickly.
The best mapping is the home-pc with both DSL and cable on a single NIC
card, using aliases for each side. Yes, having both DSL and cable modem on
a single hub is asking for trouble, but let's ignore this for a moment.
The important part is that the host can directly see both networks of
each ISP, as you point out. The question is now:
Q: what protocol does the host use to find out reacheability via each ISP?
If the answer to above is not "the X variant of BGP/OSPF/RIPvX", but a new
protocol, then that is significant. There is a whole set of requirements that
we can write down here. When we can solve this problem, then we can move
onto:
The enterprise situation is just the above protocol in a multihop
configuration, likely with layer(s) of "proxies" to distribute the load.
You may been various kinds of virtual topologies to get the packets to
where they need to be, but that may in fact be specific to the kind of
technologies used inside the enterprise.
] At IETF55 in Atlanta, GA | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] printk("Just another Debian GNU/Linux using, kernel hacking, security guy");[
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBPeJlToqHRg3pndX9AQFIQQP+M55yfBWBCEqf7XYRO/sKdkR9ulF+ZQ0j
TK/AP7MHLoHVWvmEDuXieLPp/uUWyjEEhz0EtmgsWNGyWEuGQtpnJ81A4EP6XmIY
ylUgyWP9S8X7jYX+mRqNaAt43f5DCjS/Jc+QuiOEyn/NyHjDoKpLc1vcqUF9uEol
7hXI7sugShg=
=+O+9
-----END PGP SIGNATURE-----