[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-shim6-reach-detect-00.txt



Erik Nordmark wrote:

Jari Arkko wrote:

This makes sense, but I worry that the argument
"one ULP works => others should work too" may not
hold in all cases. What if one ULP is TCP:xxxx->80, which
happens to work over this crappy firewalled network that
you are using, but it doesn't let through, say, TCP:xxxx->23?
The shim could be making the wrong decision here.


And this supposedly works today without a shim?
If the routing system has two routes to a given IP address, and there are firewalls on those paths that let some port/protocols through but not others, then things will not work today.

I guess today's configuration would be that you have just one default route
from the host's point of view, and multihoming, if any, would be on/off. That
is, if your primary interface fails, switch to the other.


This would of course still have the same problem when you move to the
crappy interface that only lets http through.

However, the shim solution has potential to make this problem worse.
Suppose you have to switch to the crappy interface for a moment.
Now, if the definition of "address pair works" is that one ULP says
its OK, then the shim will never switch back to the primary, better
interface.

--Jari