[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[RRG] Consensus? End-user networks need their own portable address space

Can we form rough consensus on this?

Short version:

  End-user networks need their own portable address space.

Long version:

  A primary requirement of any solution to the routing scaling
  problem is to provide a new mechanism by which end-user networks
  (however defined, potentially those of corporations and
  universities, but also down to home-office networks or perhaps
  a single mobile host's network) can change their ISP without
  significant impediment, including especially the current barrier
  formed by the need to renumber their entire network, if their
  current address space is PA (Provider Assigned).

  There are two solutions to this:

  1 - They use non-portable PA address space, including perhaps
      two or more prefixes of PA space for the purposes of
      multihoming.  In order to achieve this in a way which
      sufficiently minimises costs and disruption, the following
      would need to be true:

      The end-user networks would need to be constructed of
      hardware, software and to use protocols such that the entire
      network and all its hosts, routers etc. can be made to operate
      from a different prefix with minimal disruption.  (Perhaps not
      devices which are only accessed internally, such as printers.)

      In order for this to be the case, a very large number of
      settings inside routers and hosts would need to be changed
      automatically, with great reliability, in response to a single
      securely authenticated, system-wide re-addressing command.

      Despite the provisions within IPv6 for automatic address
      assignment, with continued connectivity while changing from
      one prefix to another, current networks are far from being
      structured along these lines - and there is no prospect of
      this changing in the timeframe within which we need to solve
      the routing scaling problem.

      The first reason is that almost all current networks are
      IPv4 networks - and as I argue in another message, we need to
      directly solve the IPv4 routing scaling problem.

      The second reason is that IPv6 addressing automation does not
      reliably and securely cover all locations where an IP address
      is specified.  For instance, as far as I know, it doesn't
      apply to DNS zone files, or to router ACLs, or to the config
      files of things like IMAP servers about which addresses they
      respond to.  At the very least, any such automation would
      require secure rewriting of parts of text files, and secure
      restarting of the server, application etc. - all under
      centralised control of the system administrator.

      There are no realistic prospects for developing such a
      wide-ranging architecture for finding all such config files
      and securely changing them.

      In summary, this is impossible for both IPv4 and IPv6
      networks at present.  It will remain impossible for the
      foreseeable future - any 5, 10, 15 year timeframe in which the
      RRG  solution needs to work. (I guess we want a fix which
      actually works by 2013 or so.)

  2 - Portability of address space.

      There are changes to the routing and addressing system which
      enable end-users to keep their address space no matter which
      ISP or multiple ISPs they use - in a way which does not
      add to the routing scaling problem.

      Assuming the new arrangements perform well, this is providing
      end-users with exactly what they want and need.

      LISP, APT, Ivip and TRRP all provide this, although there
      remain some dependencies in terms of who the address space
      is obtained from.

   - Robin       http://www.firstpr.com.au/ip/ivip/

to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg