[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] Fwd: I-D ACTION:draft-irtf-rrg-design-goals-00.txt




Hi Pekka,

Thank you very much for your comments.

On May 30, 2007, at 1:12 AM, Pekka Savola wrote:

As a meta-issue I didn't see many requirements on operations and management aspects, but some of those are implictly lurking beneath the "deployability" subsection. But I couldn't think of anything right now that would need to be added...


When you do think of some, please feel free to propose text.


substantial
-----------

   RFC 1958 [RFC1958] provides an excellent list of the original
   architectural principles of the Internet.  We incorporate them here
   by reference, as part of our desired design goals.

==> I do not think this is sufficient. RFC1958 seems include two kinds of material; general principles and discussion and specific guidelines. Are you referring to the both or just the latter? However, even the specific guidelines use a different encoding for 'Priorities' so a) it's not clear what the RFC1958's design goals are wrt this document, and b) it's not clear what their priorities are.

If we want to include design goals from RFC1958 I believe it's necessary to at least mention them one by one as bullet points and assign them priorities or specify a prioprity mapping function.


A fair point.  Care to propose a mapping?

(Aside: I'm trying to ensure that this document is a collaborative effort, not just an objection-neutralized version of my inputs. Towards that end, I'm trying to follow the excellent example of Phil Almquist when working on RFC 1812. Thus, your contributions are strongly encouraged and preferred over my inputs.)


3.6.  Decoupling location and identification
...
Solutions to both problems, i.e. (1) the decoupling of
   host location and identification information and (2) a scalable
global routing system (whose solution may, or may not, depend on the second decoupling) are needed and it is required that their solutions
   are compatible with each other.

==> the only requirement (using the language described in section 1.2) I see in this subsection that that the solutions are compatible with each other. Is that the intent? In particular was 'are needed' above meant to be some priority? What does solution compatibility requirement even mean (in practice)?


Good catch, thanks. Yes, that should probably read "are required" rather than "are needed". Change accepted.

Informally, I would say that the solutions are compatible if we can do both at the same time and not have complexity blow up in our faces. If you feel we need to say something formal here, please propose text.


3.7.  First-class elements

   If a solution makes use of a mechanism, it is strongly desired that
   the mechanism be a first-class element in the architecture
[FirstClass]. More specifically, if a tunneling mechanism is used to
   provide network layering, connectivity virtualization, or a
   connection-oriented mode, then it is strongly desired that the
   tunneling mechanism be a first-class element in the architecture.

==> I don't disagree with this, yet I wonder why this is listed as a goal. Some justification should be added. This seems written like an implementation detail. Maybe what you actually have as a goal is something else, e.g., that mechanisms of the architecture should be usable by other pieces of the architecture.


I've added this because over the years, tunneling has been a "cobbler's son" portion of the architecture: it's been absolutely necessary, used frequently, and gotten short shrift in the architecture. Consider, for example, the lack of traceroute and other management tools for MPLS LSPs at the onset. (This isn't meant to be throwing stones, I was on the wrong side of that one.)

Yes, being a first-class element means that it can be reused by other pieces of the architecture. Moreover, it should not need reinvention or modification for each application. It should come complete with management tools, MTU mechanisms, layering and recursion prevention.

In short, if we're going to tunnel, let's do it right.

Care to propose textual changes?


3.9.  Routing security

   Currently, the routing subsystem is secured through a number of
   protocol specific mechanisms of varying strength and applicability.
   Any new architecture is required to provide at least the current
   level of security.

==> is the 'current level of security' intended to be a punt? As we've seen on RAM/arch-d lists, some people feel that RFC4218 described the current level, yet others seemed to disagree with that. Should this be stated more clearly, or do we want to defer the debates on what the 'current level of
security' is until later?


It's not intended to be a punt, but it is meant to be one level of indirection. We recognize that the state of security will evolve over time and hopefully progress beyond where it is today while we conduct our work. We would like to see a new architecture "keep up", while not requiring it to break new ground.

Proposed rewording of the last sentence:

Any new architecture is required to provide at least the same level of security as is deployed
	as of when the new architecture is deployed.


3.10.  Deployability

   Since solutions that are not deployable are simply academic
   exercises, solutions are required to be deployable.  Furthermore,
given the extensive deployed base of today's Internet, a solution is
   required to be incrementally deployable.

==> I don't think this is quite explicit enough.  'Required to be
deployable' -- deployable by whom? That's a very critical question. All
sorts of solutions can be proposed which are deployable by some
organizations involved in the network, but whether those have any incentive to deploy it is another question altogether. Did you mean to include the latter
(incentives and actual deployments) in your requirement?
The same applies to incremental deployments.

I don't think there is much use in designing solutions that are deployable, even incrementally deployable, if those people who would need to deploy them are not interested in doing so. Rather I'd like to require that those people who feel the pain will also need to take responsibility of mitigating it, not try to push it around to someone else.


Dave Thaler and I have already had that discussion on the RAM list. If one perceives the issue as a 'routing' problem, then the only acceptable solutions are going to be changes to the routing infrastructure. However, if you take the real issue to be one of addressing, then it is a broader problem. Getting consensus on the appropriate viewpoint seems to be challenging.

From my perspective, it's an Internet problem, and doing what's best for the overall architecture of the Internet is the only reasonable approach. Anything else is simply silo politics and is not in the best interests of the user community.

As far as the intent of section is concerned, the gist was more technical than political or economic. Please recall that our goal, as a group, is to perform research and make a recommendation to the IETF. While a result that is acceptable to a broad audience is the preferred outcome, a result that does not equally serve all parties (especially in the short term) is not out of the question. In fact, perfect equality is very unlikely to be achievable. Our primary goal must be to do what's best for the Internet as a whole and it really is the province of the IETF leadership to encourage all parties to step up for the greater good.

That said, let me propose the following rewording:

	Since solutions that are not deployable are simply academic
	exercises, solutions are required to be deployable from a technical
	perspective. Furthermore, given the extensive deployed base of
	today's Internet, a solution is required to be incrementally
	deployable.

Does that work for you?

Regards,
Tony

--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg