marcelo bagnulo braun wrote:
Thus at a gross level I see two different ways to factor the system: A. An ID->loc lookup system which takes some policy into account.I am not sure what do you have in mind for this.... are you thinking about something like Naros?
If I don't misremember, Naros only allows the handling of the policy of the local site, i.e. doesn't have a mechanism to allow the peer's site (or transits) to express their policy. Approach A) was trying to capture what I thought Jason was suggesting, which I think is the ability to collect policy information from the peer site, so that the choice of the destination locator can be influenced by the peer.
AFAIK we don't actually have a protocol which can do this.
I think i am not completelly following you... I mean i can see two different approaches to shim6 policing:- on one hand, an endpoint based approach where, somehow the policy is pushed to the hosts themselves (e.g. using a DHCP option). In this case, the policy is used by the host at two instances: first, when it starts a communication, it uses the policy information to select the ULIDs and eventually its own locators. Second, the host may try to push the policy to the peer, using the locator preference option. In this option, there is no need to support address rewriting by the exit routers, since policy is pushed from the policy manager to the hosts themselves.
Depends how dynamic the policy is. If we want to handle more dynamic locator policies, the locator rewriting by the routers would be one option.
- OTOH, another option is to use the routing system for policy, in particular, we allow source address rewriting by exit routers and we use the intra site routing to divert the outgoing traffic according to policy and we use the source address rewriting to make the source address compatible with ingress filters and eventually if the peer is willing to reply to the address it received as source locator in incoming packet, this mechanism could be used to influence the locator selection of the other end. In any case, i think that the host may need to be allowed to avoid address rewriting especially due to fault tolerance issues, since the host probably knows better.
There certainly are interactions between the hosts' knowledge of what is working and an implicit or explicit signal from the routers. Did you have specific fault tolerance issues in mind?
Allowing rewriting the shim6 control packets could be useful especially to benefit from the knowleddge available in the routing system of which routes are available to the destiantion and not forcing the usage of the ISP associated to the source address selected by the host, but i am not sure about the complexity of supporting this...
Which is why I was going to try to write it up in a separate I-D - to see how complex it might be and also understand the issues and benefits around it a bit more.
Erik