El 07/05/2005, a las 1:35, Erik Nordmark escribió:
Jeroen Massar wrote:
IMHO shim6 being able to be done in middleboxes is actually a
requirement if you really think this will every be deployed at all. With
shim6 in the 'middleboxes' one can let the egress/ingress routers or the
firewalls on the boundaries of the site do the shim6. This allows you to
not touch the hosts at all and you will only have to configure those
boxes and not all the boxes in your network. Which gives all the
advantages of NAT, at least the ones that people perceive to have now.
I've thought of shim6 middleboxes on and off, and it seems like the best we can do is that they become a 1-1 IPv6 NAT (which speaks non-shim6 to the host, and shim6 on the other side).
It seems hard to do much better.
One of the issues is that in order to do better the host needs to know its HBA/CGA address sets. Autoconfiguring the addresses using existing mechanisms will not produce a HBA/CGA address set. So either the host has to be modified to implement that address generation (in which case it can presumably implement all of shim6), or the host has to be manually configured with the HBA/CGA address set,
Regards, marcelo
and the middlebox takes care of doing the shim6 signaling on the host's behalf.
Does anybody think we can do better?
Erik
Of course, exactly if you put this in the endhost itself or in some middlebox should be left open to the person configuring the network. Greets, Jeroen