[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: stable addressing

To: <mbagnulo@ing.uc3m.es>
Subject: Re: stable addressing
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Tue, 20 Apr 2004 19:18:53 +0200
Cc: "Multi6 List" <multi6@ops.ietf.org>
In-reply-to: <LIEEJBCNFDJHFFKJJDPAGEIIDPAA.mbagnulo@ing.uc3m.es>
References: <LIEEJBCNFDJHFFKJJDPAGEIIDPAA.mbagnulo@ing.uc3m.es>

On 20-apr-04, at 13:11, marcelo bagnulo wrote:

If the IPv6 multihoming solution doesn't provide provider independence, it will be less attractive.

Exactly. And if multihoming in IPv6 is significantly less attractive people may opt to stay with IPv4.

there are different renumbering scenarios here: - Renumbering in current IPv4 networks, The experience here says that it is expensive and sites will try to avoid it.

Going through some renumbering right now... It's never any fun.

- Renumbering in current IPv6 networks, considering stateless autoconfigurations, a fixed /48 etc. Perhaps it is still expensive but it will be cheaper. Perhaps it is still too expensive.

Very much depends on the way things are deployed. When using stateless address configuration the actual renumbering is MUCH easier but editing all those text files where addresses show up isn't any better than with IPv4.

Note that renumbering gets worse as more systems are involved. In IPv4, it is common to start out with few addresses, then renumber once or twice and finally end up with a (somewhat) portable address block. Also, NAT limits the number of systems that receive a new address. With IPv6, it's entirely possible that netwoorks that are already very big need to renumber. This could be fairly traumatic.

- Renumbering when there is a loc/id split solution available. I guess we don't have much idea how this would be, but we guess that it will be even cheaper.

This will depend on whether people will still find in necessary to filter on (locator) IP addresses. If people find it hard to leave NAT behind I'm afraid that address filtering won't disappear overnight either.

As i understand this thread, perhaps it would be possible to design the solution to provide some sort of stable internal addressing for multihomed sites, sort of GSE or MHAP like.

Yes.

About the particular approach that you are considering below, imho a very valuable feature of a solution would be that middle boxes are stateless, so that packets belonging of a certain communication can flow through different middle boxes. I don't really think that a solution with a per flow state is a good approach.

Hm, we talked about the security issues with rehoming all sessions towards an IP address, our conclusion being that this is too dangerous without relatively strong authentication. However, this doesn't necessarily imply that the alternative must be working per session. That also applies here. I think it would be entirely possible to group sessions as per a creation/refresh date.

Also, there is still the option of having cryptographic hashes in the addresses. This would especially make sense with stable addresses. If we can find enough bits the hash can be in the higher part of the address so there is no need to make hosts aware of the existence of the hash.

Follow-Ups:
- RE: stable addressing
  - From: "marcelo bagnulo" <mbagnulo@ing.uc3m.es>

References:
- RE: stable addressing
  - From: "marcelo bagnulo" <mbagnulo@ing.uc3m.es>

Prev by Date: Re: stable addressing
Next by Date: RE: stable addressing
Previous by thread: RE: stable addressing
Next by thread: RE: stable addressing
Index(es):
- Date
- Thread