[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Next question...

To: "Iljitsch van Beijnum" <iljitsch@muada.com>
Subject: RE: Next question...
From: "Tony Li" <Tony.Li@procket.com>
Date: Sun, 8 Dec 2002 02:02:34 -0800
Cc: <multi6@ops.ietf.org>


|   > 2) Put the locators in the border router.  This frees the host
|   >    of the management burden, but makes it somewhat harder for the
|   >    host administrator to implement host specific policies without
|   >    the assistance of the administrator of the border router.  Host
|   >    specific policies can still be implemented, they just need to
|   >    be managed by the border router.  The number of unique host
|   >    policies can be a scalability issue for the border router.
|   
|   I would still like some hint from the host to the border 
|   router that the
|   current connection isn't working.


Not an unreasonable request.

   
|   If a host needs specific policies, would it be possible to "move the
|   border" for that host to that host? Then the real border 
|   routers only
|   have to pass the traffic without touching it and the host is in full
|   control, the border routers only get to say yes or no, 
|   which should be
|   enough to keep rogue sysadmins in check.


I think that this puts us firmly behind the dromedary.  Putting control
functionality in both places is more complicated than is truly 
necessary, IMHO, and thus is a fine candidate for Occam's Razor.

Tony

Follow-Ups:
- Re: Next question...
  - From: Eliot Lear <lear@cisco.com>

Prev by Date: RE: Next question...
Next by Date: RE: network controls are necessary
Previous by thread: RE: Next question...
Next by thread: Re: Next question...
Index(es):
- Date
- Thread