[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rewriting



Iljitsch van Beijnum wrote:
About the rewriting: why again are we making life difficult for ourselves? The obvious place to put an indication that the address may be rewritten is... in the address. Is there any reason why we can't have one or more special prefixes that indicate that a router should fill in the source address?

I think this is an excellent (but by no means new :-) idea.


In general, I think that we need a generic way of expressing
that the site border routers may rewrite the source address
in the packet.  There are cases where that would work already
now.  For example, the revised IPsec specifications allow IPsec
SAs to be set up so that the source address is ignored when the
packet is received.

If I understand correctly, the main reason why this idea was
rejected earlier was that it breaks upper layer pseudo header
checksums.  However, in the cases that we are dealing with now,
that isn't true any more (IPsec tunnel mode, the proposed IPsec
BEET mode, HIP, NOID, SIM, and probably others).

Hence, I really think that we should go for standardizing
a prefix that asks the first capable/so configured router
to fill it in.

--Pekka Nikander