[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: I-D ACTION:draft-ietf-shim6-reach-detect-00.txt

To: <jari.arkko@piuha.net>, <erik.nordmark@sun.com>
Subject: RE: I-D ACTION:draft-ietf-shim6-reach-detect-00.txt
From: <john.loughney@nokia.com>
Date: Mon, 25 Jul 2005 11:03:26 +0300
Cc: <iljitsch@muada.com>, <shim6@psg.com>

Jari,

> >> This makes sense, but I worry that the argument
> >> "one ULP works => others should work too" may not
> >> hold in all cases. What if one ULP is TCP:xxxx->80, which
> >> happens to work over this crappy firewalled network that
> >> you are using, but it doesn't let through, say, TCP:xxxx->23?
> >> The shim could be making the wrong decision here.
> >
> > And this supposedly works today without a shim?
> > If the routing system has two routes to a given IP address, and there 
> > are firewalls on those paths that let some port/protocols through but 
> > not others, then things will not work today.
> 
> I guess today's configuration would be that you have just one default route
> from the host's point of view, and multihoming, if any, would be on/off. 
> That is, if your primary interface fails, switch to the other.
> 
> This would of course still have the same problem when you move to the
> crappy interface that only lets http through.
> 
> However, the shim solution has potential to make this problem worse.
> Suppose you have to switch to the crappy interface for a moment.
> Now, if the definition of "address pair works" is that one ULP says
> its OK, then the shim will never switch back to the primary, better
> interface.

What it seems is that we need to have 3 states for an address pair 
(I'm sure we could come up with better names, but just humor me):

 1) Fully - Working for all ULPs
 2) Partial - Working for one (some) ULPs
 3) Failed - not working for any ULPs

So, in a scenario, you start your browser and a shim context is created
for an interface that's behind a firewall/web proxy. Connecting to the
web succedes and this shim context is marked 'Fully' since 'all' of
the ULPs using this shim context is working.  However, when
you click on a streaming link & your media player starts using this shim 
context, the streaming media fails since its blocked by the firewall,
so the shim context could be marked as 'Parial.'

I guess we could wrap this around some sort of multiple interface scenario
like you started with a GPRS connection, but (corporate) WLAN comes available,
so you re-home because you prefer a speedy connection, but the WLAN connection
is firewalled.  

Still, what I'm wondering is how does the shim layer know that an address
pair failed because of something like this, or because of some other
reason, like a streaming server became unavailable, etc. etc.

John

Follow-Ups:
- Re: I-D ACTION:draft-ietf-shim6-reach-detect-00.txt
  - From: Erik Nordmark <erik.nordmark@sun.com>

Prev by Date: RE: I-D ACTION:draft-ietf-shim6-reach-detect-00.txt
Next by Date: RE: I-D ACTION:draft-ietf-shim6-reach-detect-00.txt
Previous by thread: RE: I-D ACTION:draft-ietf-shim6-reach-detect-00.txt
Next by thread: Re: I-D ACTION:draft-ietf-shim6-reach-detect-00.txt
Index(es):
- Date
- Thread