[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC 3484 update

To: Pierre Baume <pierre@baume.org>
Subject: Re: RFC 3484 update
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
Date: Tue, 8 Nov 2005 09:56:01 +0100
Cc: shim6-wg <shim6@psg.com>
In-reply-to: <364433c70511071328o7ccc80dex15b09d3c3ad4051b@mail.gmail.com>
References: <0303b39b4a605cf9aee47ed038f177de@it.uc3m.es> <364433c70511060710g40a03d60p65cee9b970992477@mail.gmail.com> <281b0aff542059b7ac29cac4469830de@it.uc3m.es> <364433c70511071328o7ccc80dex15b09d3c3ad4051b@mail.gmail.com>


El 07/11/2005, a las 22:28, Pierre Baume escribió:

Marcelo,

On 11/7/05, marcelo bagnulo braun <marcelo@it.uc3m.es> wrote:
[...]

  Would it be a good idea to update section 8 (Implementation
Considerations) of RFC 3484 as well?


In general, I guess that retrying with different source addresses
(whether it is performed by the application or by the transport) does

indeed deserves some comments in the implementation considerations,but

i didn't had in mind some specific issue to include there. Do you have
anything particular in mind?


  Sorry for being vague, I was thinking that paragraphs 2, 3 and 4 of
section 3.1.3 of your draft could be used to update section 8 of RFC
3484. But this is just an editorial comment. :-)

ok

  Here are some specific comments.

3.1.2.  Retrying with different source addresses

[...]

   Rule 0: Avoid unreachable source addresses.
If the address pair with source address SA and destinationaddress
D
   is known to be not working, then prefer SB


  I think that we need a way to control this iteration.


Do you mean a way to limit the number of source addresses that are
retried?

I asume that this will be up to the application in most of thecases...

I mean in case that is the application the one making the retrial, the
clearly is up to the app the number of retrials.
In the case that is TCP the one retrying, i guess that the application
will decide when to give up and try with another destiantion address.
I mean, i am not sure whether the source address selection mechanisms
should define the maximum number of retrials, since i guess it depends
on the local policy, which i guess is aligned to your idea, of using
the policy table for this, right?

[...]

Regards, marcelo


  I was thinking about limiting the scope of the retries.

  For instance, if a host has 3 addresses, 2 used to run a public
service and 1 for remote administration.

  If you have trouble with a public service address, you don't want to
send any front-end traffic through your administrative interface, even
if it would work. This way, you give yourself a chance to connect to
the machine and troubleshoot. It can also be that the administrative
address is on a slower interface and practically useless for the
public service.

  Hopefully, this clarifies some of my other comments as well.


right, i see what you mean

With current policy table, what you could do is to allow that forcertain destiantions, the source addresses for public service are triedfirst and for other destiantions the remote admin address is triedfirst.


However, you cannot:

- do it per service/application using the policy table (since itsgranularity is per address/prefix and does not takes into account theservice/application). In this case, i guess that the remote adminapplication will select the proper source address, forcing the sourceaddress selection mechanism- prevent that the remote admin address is used by the public serviceif the other two addresses are not working (i.e. the policy tableallows you to provide an ordering but not to prevent some of theaddresses to be tried)

I guess that this is probably not enough for supporting this case,however, it should be noted that the proposed policy table is just aminimum functionality that needs to be provided, and extended featurescan be supported


rfc 3484 states that:

   IPv6 implementations SHOULD support configurable address selection
   via a mechanism at least as powerful as the policy tables defined
   here.

So improved mechanisms can be provided... I am not sure if you considerthat the default mechanisms should be able to deal with the scenariothat you describe?

I guess that in the case described, a possible approach would be tocosnider that are two virtual hosts, one which is the server, with the2 public service addresses and other that is the admin, which has asingle address, which is the remote admin address. In this case, therewould be two address selection mechanisms running, one with the twopublic service addresses and the other with a single address, theremote admin address.

  I see that you already updated the draft. That's quick. :-)


Yes, i was ashamed for the number of errors :-(

Regards, marcelo

Pierre.

References:
- RFC 3484 update
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: RFC 3484 update
  - From: Pierre Baume <pierre@baume.org>
- Re: RFC 3484 update
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: RFC 3484 update
  - From: Pierre Baume <pierre@baume.org>

Prev by Date: Re: RFC3484bis (was Re: Design decisions made at the interim SHIM6 WG meeting
Next by Date: about R1bis
Previous by thread: Re: RFC 3484 update
Next by thread: Fwd: RFC 4219 on Things Multihoming in IPv6 (MULTI6) Developers Should Think About
Index(es):
- Date
- Thread