[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Shim-header in every re-located packet [Re: Design decisions made at the interim SHIM6 WG meeting]



On Fri, 28 Oct 2005, marcelo bagnulo braun wrote:
ok, let's first be very concise of what is being considered here:
- in general data packets won't carry any shim extension header, because in general, they will use the ulids as locators, so no need to demux. - the case where they carry the extension header if after an outage when the locators carried differ from the ulids used in this shim context

Yes, this is clear.

Otherwise the firewalls, packet filters etc. will just discard all of these packets with the extension header because they don't have the logic to skip over them or parse them.

but remember that the extension header included in data packets that need it, it is the same used for shim control signaling, in particular, for establishing the shim context. So if firewalls were to discard data packets carrying the shim ext header, they would have discarded the shim context establishment packets, so no shim context at all, so those data packets with the shim ext header will never be generated anyway, right?

I assume that the method of establishing the shim context is still open:

 - if it's done by adding an extension header to data packets, or

- if it would be done by sending separate "shim control packets" (e.g., with TCP, UDP, or whatever, or even plain extension headers without any data), then my concern still applies.

I do NOT want that shim6 would require piggybacking on data packets either to establish the context or rehome. Logically separate functionality is what the base spec should target -- piggybacking as an optimization can be described however.

Piggybacking is not a trivial operation for many reasons, and it's problems have been considered in the past as well (e.g., with MIPv6 design). Tying it too strongly to the shim6 spec would seem unwise as we don't know how well it'd _really_ work.

--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings