[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Re:loc/id vs HIP (was: tunneling [Was: Agenda for Vienna])
Pekka,
On Thu, 22 May 2003, Pekka Savola wrote:
> On 22 May 2003, marcelo bagnulo wrote:
> > > Again: this doesn't solve the whole problem. Consider e.g. Craig's
> > > traffic engineering requirements, or (to a lesser degree) requirements
> > > that the nodes should not have to renumbered ("deploying/retiring
> > > locators") when the ISP's are changing.
> >
> > A comment about the renumbering issue.
> > First i do not think this is part of the multi-homing issue, so if we
> > find a solution that does not solve this i would say it is ok.
>
> Well, I think it is, practically, to an extent. If Site is multihomed
> using two prefixes to two providers, and wishes to switch the second one
> to a better one, this should not be an overwhelming task (otherwise folks
> might not want a multi-address solution in the first place).
How is the scenario you describe (switching one of two prefixes)
different - in its effect on renumbering - from switching a site's only
prefix?
Multi-homing might make renumbering *easier* - providing one reliable
address while renumbering the second...
>
> > However, i do think that it is a related problem and it would be
> > interesting to find a solution that also support this (just as it would
> > be nice that the split loc/id provides support for mobility)
>
> Yep.
>
> > In the particular case of HIP, i think that it does facilitates
> > renumbering. Renumbering involves changing addresses in hosts but it
> > also involves changing ACLs and other configurations that involve IP
> > address as identifier.
>
> Yes, HIP makes it much easier. However, the backward
> interoperability might require checking for locators anyway, or
> a way to ensure that bad guys don't spoof identifiers.
>
> > Since HIP provides a stable identifier, those configurations could use
> > the stable identifier instead of the address. I agree that this does not
> > completely solve the issue. The cost of this is that the identifier has
> > to be carried in every packet, i guess.
>
> Of course, many of those ACL's could be obsolete by then, right..
>
> Or one could have locator-to-identifier and identifier-to-locator mapping
> functions.
>
> --
> Pekka Savola "You each name yourselves king, yet the
> Netcore Oy kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
>
>
>
>
>