Re: GSE

[Eliot Lear <lear@cisco.com>]

Iljitsch,

> Yes, it does that. But it doesn't give the multihomer transparent
> failover (or even failover of any kind). I'm sure that once we agree on
> the requirements GSE can't meet them.  :-)
The draft was short on specifics for failover, as I recall, but so long 
as you had some connectivity between gateways it should have been 
possible to failover in a stateless way.  As to TCP I personally would 
have only used the lower 64 for the pseudo-header, just as with HIP you 
would use the HIT.  The big deal is that the host implementation would 
need to understand that the upper half and lower half would have to be 
processed quite differently.

> > > - how can we make the lower 64 bits of the address globally unique
>
> > The same way we do with 32 bits.
>
> Exit stateless autoconfig... I'm not even mentioning security.
I suspect we differ substantially on where we think requirements should 
go.  Stateless autoconfig isn't my top feature requirement.  Scaling to 
more robust connectivity is.  There was an "analysis" of GSE security. 
However, Steve Bellovin didn't agree with it.  I do not recall the 
specifics.

This is not to say that GSE had all the answers.  It needed work.  For 
instance, route selection and failover did need some amount of fleshing 
out.  But I believe it suffered a premature death.

Eliot