[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: GSE IDs [Re: IETF multihoming powder: just add IPv6 and stir]



Dave,

> On Thursday, May 8, 2003, at 06:47  AM, Bound, Jim wrote:
> > I am also not clear on rewrite of headers in transit is 
> going to fly 
> > in some cases I can think of as use case and one example is the 
> > military tactical operations case, which for me is one area 
> I work on 
> > and care about as one of my roles working with users.
> 
> I'd be interested in understanding these cases better.  From my 
> perspective, what happens to my packet headers after they leave my 
> machine is completely irrelevant as long as they get put back 
> together 
> into something that will pass the checksum on the destination host.

If I am communicating with two command centers for mission critical
operation I want a knob that says I trust NO ONE and NO ONE is to
rewrite my headers but only forward operations.  Having a routing header
type would at least track that operation within the context of the
datagram.  Also cases where the entire IP datagram is compressed.  Cases
where all below the Header and DST/HOP-BY-HOP operations is ecrypted and
I do not want to trust any path to rewrite incorrectly where the end
result of that error are dead people.

> > I believe if we rewrite headers we need to swap them into 
> new routing 
> > header type for IPv6 too, which will remove going to the 
> DNS, LDAP, or 
> > MPLS database to get back to the end node.  I view this feature as 
> > keeping a history of location that is important.
> 
If I save the orgininal loc+id in route header I can pass it along and
likewise use it to pass it back.  MHAP could use this feature too.

/jim
> 
> > Probably also need to think about identity changing from say system 
> > crash, neighbor discovery DAD collision (after the fact of 
> solicited 
> > node multicast which I have seen in the real world).
> 
> The appoach I've been thinking about does not touch the 
> identity of the 
> end system as determined via DAD or any other mechanism -- a 
> packet has 
> a site identity value in the top 48 bits of the destination address 
> that maps into an aggregatable locator when the packet leaves the 
> source site and gets remapped from the locator back into the site 
> identity when it arrives at the destination site.
> 
> > I know I am going far to down in details sorry :--)
> 
> I like details when trying to figure out if a particular (arguably 
> radical) approach will fly.
> 
> Rgds,
> -drc
> 
>