[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GSE



On Mon, 17 Feb 2003, J. Noel Chiappa wrote:

>     > No failover. If a host as A::1 and B::1 and I select A::1 but then this
>     > path goes down, GSE doesn't tell me what I should do.

> Right, this was one of the "unfinished" pieces.

> But it's pretty easy to fix this one: at some point early on (either when you
> do the DNS lookup, or in the ICP) you get the other viable addresses for the
> host. So when one stops responding you can try others.

Of course. Unfortunately, this is hard to get right unless you have
access to the full transport layer state.

>     > Doing it the MHAP way and replace the addresses in transit makes more
>     > sense as it doesn't require changes to higher layers

> Umm, how does this differ from NAT? I guess the difference is that by the
> time the packet gets to the other end, the original source and destination
> addresses are back in it? So it's kind of invisble wrapping/unwrapping?

Yes.

> My concern about doing that is that now you've got state (those mappings) out
> in the network - more complex and less robust. Let the hosts manage it.

This state is easy to manage as it can be done at the /48 level.
However, discovering the right mapping in the first place is harder,
especially the way it is currently written down in the MHAP draft.

>     > Or use implicit rather than explicit identifiers so you only have to
>     > negotiate some stuff at the start of the session.

> If you crypto-secure binding changes, you get basically the same thing - you
> only have to do anything extra when the prefix changes.

This is what's needed for mobility, but in multihoming we have the
advantage that we know all the possible addresses at session start.
Doing it then is much cleaner: no double jump problems and so on.

Iljitsch