[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Draft: PI addressing derived from AS numbers



I feel that the challenge is actually not in the Internet Protocol
address at all. IPv6 *unmodified* is entirely capable of supporting
a namespace independent of topology; that needs a relatively simple
IANA action plus a rather boring registry to run. The architectural
issue is elsewhere - in routing, DNS, or as Christian says in transport.

I also suspect that several of the alternatives can perfectly coexist
with RFC 2460 (current IPv6) so I don't think that we are facing such
a steep cliff as Noel implies. But that is a very detailed question.

   Brian

Christian Huitema wrote:
> 
> >    > If an architecture without a namespace which is independent of topology
> >    > is unacceptable, then people have to either i) radically modify IPv6,
> >    > or ii) junk it.
> >
> > Ah, to make it quite plain what I meant here: by "IPv6" I meant the entire
> > stack, not just the internetwork level protocol; and by "radically modify
> > IPv6" I mean to include schemes like 8+8, 16+16, HIP, etc - a system using
> > one of these is not going to interoperate with one which does not have it
> > (although I dunno about 16+16).
> 
> You are quite right to point out that this is a global stack issue, not necessarily an IP layer issue. A number of the locality independence attributes could be achieved by having a name service independent of the IP layer. Indeed, a number of these attributes are achieved today with the DNS, and more could be obtained if we had a system that was "faster, better" than DNS.
> 
> A big problem with solutions like 16+16 is that they place the name resolution service in the IP layer, and thus make it practically impossible to change later. The current architecture allows cooperating nodes or sites to pick a different name resolution system, which may have different trade-offs than the DNS. Indeed, the DNS was only introduced in 1988, and there are currently many experiments with various peer-to-peer schemes.
> 
> Many of what we call addressing issue are really transport level issues, using an address to identify a transport association, or management issues, using an address rather than a name in access control lists. I would argue that if we wanted to resolve these issues, we could: Mobile IP technology can be used to solve the transport issue; IP security can be used to associate actual credentials to addresses and then perform access control based on these credentials.
> 
> -- Christian Huitema