[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] On "jack-down" models




On Mar 16, 2008, at 5:15 AM, Tony Li wrote:


Hi all,

Here's a few thoughts on segmenting the solution space a bit more.

As part of our original charter, we accepted as axiomatic that the
overloading between the locator and identifier namespaces was harmful. We ended up in this difficulty because the address was used by the transport protocols as part of a host's identification, as well as the topological locator that was used by the routing subsystem to forward packets. We've also accepted as axiomatic that we would like to separate this functionality
into two independent namespaces.  I want to stress here that for the
architectural result to be in any way clean, independence is mandatory. Any
linkage whatsoever would be a clearly suboptimal result.

In what Noel has characterized as the "jack-up" model, we would lift up the operating Internet today, let what we think of as addresses continue to be
used, but demote them to the role of pure identifiers.  We would then
install a new namespace of locators underneath it, provide a mapping between identifiers and locators, and work out a forwarding plane adaptation so that
we only dealt with locators in the core.

The logical alternative to this is to continue to use addresses, but instead of as identifiers, to retain them as locators. This would imply that we would introduce a new namespace to function as identifiers. In effect, this is part of what Handley's proposal does: by shifting the transport to stop using addresses as part of the identification of a transport connection, it creates the need for another level of identification. Handley posits the use of multiple parallel connections between hosts, striping data across these connections to instantiate a single, address-agile transport layer. Implicit in this structure is a mechanism for the host to recognize that these individual connections are part of a greater aggregated connection. This has obvious security implications which will, in effect, require a security association between hosts. That security association effectively
requires some security token (e.g., a public-private key pair used to
compute a session key) so that the correspondent host can be assured that the component connections are indeed related. This security token is, for
all intents and purposes, a host identifier.  Accordingly, it seems
appropriate to christen this the "jack-down" model, as it jacks the network layer down a notch and inserts a layer of host identification above the
network layer, leaving it firmly embedded in the transport layer.

Assuming that we retain our axioms from the start of this discussion, this pretty clearly divides the solution space in two, and would seem to present
a full cover of the space, which I, for one, find somewhat satisfying.

Comments?  Thoughts?

For proposals that involve host protocol stacks as a mandatory part of the solution space, it certainly would help me to have an objective, comprehensive comparison of:
a) HIP
b) multi-address transports, including both SCTP machinery and Handley's proposal
c) six-one
d) 32+16 (Rosenberg's IPv4+NAT solution).

I agree with a couple of the posts that understanding the incremental deployment dynamics of thee proposals is very important, especially if the penetration never gets near 100%.

DaveO.

Regards,
Tony


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg