[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] Six/One Router Design Clarifications



Dino -

based on what you write below, I suggest you read the Six/One Router
design paper [1] before you speculate more on how to implement it.

[1] http://users.piuha.net/chvogt/pub/2008/vogt-2008-six-one-router-design.pdf


|With enough thrust anything can fly, but it's easier to do a
|decapsulator than a translator.

Why?

Well for one, you have to do a 5-tuple lookup because most NATs have
both ports as part of the lookup key.

A Six/One router does not use ports.  And lookups are based on only a
64-bit address prefix extracted from an IP header; NOT on a 5-tuple.

Furthermore, for local addresses (i.e., addresses belonging to a
Six/One router's own edge network), there is no lookup at all.  Because
the address prefix mapping is static in that case.

Again:  Six/One routers rewrite only address prefixes, no ports, no
checksums.  And lookups, where needed, are based on only a single
address prefix, but no ports.  This is the reason Six/One routers can
be stateless -- much different from NATs.


And for two, it's usually another data structure that has the
translation table. And typically in hardware implementations that is
not the same DRAM. So there is an extra cost there.

This is the case for a NAT; it can be different for a Six/One router.

The reason is that NATs are stateful, whereas Six/One routers are not.
Hence NATs have different implementation requirements than Six/One
routers.


Third, you have to fix the pseudo-header checksum.

Nope.  Six/One routers don't have to fix checksums.

This is quite clear for packet exchanges between two upgraded edge
networks, because the inverse address rewriting at the receiving
Six/One router then re-establishes the original packet.

How the original checksum can be maintained for packet exchanges with
legacy edge networks is described in section 2.4.4 of the Six/One
Router design paper.


Fourth, you have to fix payload like the all important ICMP unreachable
so traceroute works.

You have to do the same with encapsulation.

- Christian



--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg