[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Draft: PI addressing derived from AS numbers
> > If an architecture without a namespace which is independent of topology
> > is unacceptable, then people have to either i) radically modify IPv6,
> > or ii) junk it.
>
> Ah, to make it quite plain what I meant here: by "IPv6" I meant the entire
> stack, not just the internetwork level protocol; and by "radically modify
> IPv6" I mean to include schemes like 8+8, 16+16, HIP, etc - a system using
> one of these is not going to interoperate with one which does not have it
> (although I dunno about 16+16).
You are quite right to point out that this is a global stack issue, not necessarily an IP layer issue. A number of the locality independence attributes could be achieved by having a name service independent of the IP layer. Indeed, a number of these attributes are achieved today with the DNS, and more could be obtained if we had a system that was "faster, better" than DNS.
A big problem with solutions like 16+16 is that they place the name resolution service in the IP layer, and thus make it practically impossible to change later. The current architecture allows cooperating nodes or sites to pick a different name resolution system, which may have different trade-offs than the DNS. Indeed, the DNS was only introduced in 1988, and there are currently many experiments with various peer-to-peer schemes.
Many of what we call addressing issue are really transport level issues, using an address to identify a transport association, or management issues, using an address rather than a name in access control lists. I would argue that if we wanted to resolve these issues, we could: Mobile IP technology can be used to solve the transport issue; IP security can be used to associate actual credentials to addresses and then perform access control based on these credentials.
-- Christian Huitema
-- Christian Huitema