[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: F1000 requirements?

To: "Fleischman, Eric" <eric.fleischman@boeing.com>
Subject: Re: F1000 requirements?
From: Brian E Carpenter <brc@zurich.ibm.com>
Date: Tue, 04 May 2004 11:24:04 +0200
Cc: multi6@ops.ietf.org
In-reply-to: <5B58696DB20B9140AD20E0685C573A6404FDD450@xch-nw-09.nw.nos.boeing.com>
Organization: IBM
References: <5B58696DB20B9140AD20E0685C573A6404FDD450@xch-nw-09.nw.nos.boeing.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6) Gecko/20040113

Eric,

I don't think we can answer your question with respect to multi6
yet. And in fact it's quite complicated, because it depends on
whether your concern is about internal clients of external servers,
external clients of internal servers, or multiparty sessions (aka P2P).

And I don't think that discussion really belongs here. If you think
there are specific enterprise multihoming needs that are not covered
in RFC 3582 or draft-lear-multi6-things-to-think-about-02.txt, now
(before the interim meeting) would be a really good time to send
suggested text for that draft.

Brian

Fleischman, Eric wrote:

Noel,

You have stated our intention well. The intention is indeed to provide an address to authorized outsiders that does not reveal internal network information.

Currently (with IPv4) the "translation overhead" you allude to is a NAT. Can Multi6 provide for an alternative mechanism or will NATs remain for IPv6?

--Eric

-----Original Message-----
From: Noel Chiappa [mailto:jnc@mercury.lcs.mit.edu]
Sent: Monday, May 03, 2004 1:26 PM
To: multi6@ops.ietf.org
Cc: jnc@mercury.lcs.mit.edu
Subject: RE: F1000 requirements?

> From: "Fleischman, Eric" <eric.fleischman@boeing.com>

    > The desire (requirement) is to have international addressability /
    > routing without revealing the existence of internal nodes or network
    > topology except to a select (controlled) group of outsiders

Let me understand this more fully. Are there a set of entities outside with
whom which you wish to communicate, but whom you *do not* want to have
knowledge of your network topology?

If so, that would imply that the information that those parties would have to
have about the local host at your site they were talking to would have to
come in two parts: i) a location as to where your whole site is (relative to
the topology of the network as a whole), and ii) an opaque token of some sort
which would have to be translated to give the location of the local host
within your network.

If there are no such entities, I'm not sure what the problem is: you don't
give anyone outside the address (which would reveal your network topology) of
the local host unless they are in the set which is authorized to know about
your network - but in that case there's no problem. From which I conclude
that probably there are such entities.

If so, are you willing to pay the translation overhead (which I don't see how
to avoid - you don't want to give them detailed information about the
location of the local host, ergo that information [which you have to have, to
get the packets to the local host] has to be added after it leaves the
source) on each packet?

Noel

Follow-Ups:
- possible additional issues for Elliot's draft (was RE: F1000 requirements?)
  - From: "marcelo bagnulo" <mbagnulo@ing.uc3m.es>

References:
- RE: F1000 requirements?
  - From: "Fleischman, Eric" <eric.fleischman@boeing.com>

Prev by Date: [Fwd: I-D ACTION:draft-huston-multi6-architectures-00.txt]
Next by Date: architecture draft
Previous by thread: RE: F1000 requirements?
Next by thread: possible additional issues for Elliot's draft (was RE: F1000 requirements?)
Index(es):
- Date
- Thread