[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Shim6 proxies

To: Brian E Carpenter <brc@zurich.ibm.com>
Subject: Re: Shim6 proxies
From: Erik Nordmark <erik.nordmark@sun.com>
Date: Mon, 17 Apr 2006 17:25:01 -0700
Cc: marcelo bagnulo braun <marcelo@it.uc3m.es>, Scott Leibrand <sleibrand@internap.com>, shim6@psg.com
In-reply-to: <4433BB29.4060000@zurich.ibm.com>
References: <Pine.LNX.4.58.0603271434050.29315@sleibrand-ibm.acs.internap.com> <be3431f1f15b52f98dc22e4edeba3aa2@it.uc3m.es> <Pine.LNX.4.58.0603301131490.15884@sleibrand-ibm.acs.internap.com> <a110d04eac40c6353cf2d927c4ab5bdc@it.uc3m.es> <Pine.LNX.4.58.0604041128340.15884@sleibrand-ibm.acs.internap.com> <c291b445835f4eaae8c3efda7961dcf3@it.uc3m.es> <4433BB29.4060000@zurich.ibm.com>
User-agent: Thunderbird 1.5 (X11/20060113)

Brian E Carpenter wrote:

Excuse front posting but these comments are quite general.

What Scott is describing is essentially full offload of the
shim and the bottom part of the stack. We'd actually end
up with two IP stacks - one in the host which just sends
packets to the offload device, and a second one in the
offload device which has a shim on top of it. I'd want to
see a complete architecture for that including a demonstration
that the security architecture of shim6 isn't damaged,
and analysis of the trust model and threat model
between the host and the offload device. But if it can be
done, it has a very nice property - it actually offers
a practical way to implement something that works much like
8+8. The offload device will be state-heavy though; it will
need to carry state per session for every host it's supporting.

FWIW I think draft-nordmark-shim6-esd is more in the spirit of a 8+8implementation (as 16+16); 8+8/GSE has the property that the host thatinitiates communication has multiple destination addresses to choosebetween. Once packets start flowing in 8+8/GSE/16+16, the routers havethe opportunity to influence the addresses by rewriting the source locator.


   Erik

References:
- Shim6 proxies
  - From: Scott Leibrand <sleibrand@internap.com>
- Re: Shim6 proxies
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: Shim6 proxies
  - From: Scott Leibrand <sleibrand@internap.com>
- Re: Shim6 proxies
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: Shim6 proxies
  - From: Scott Leibrand <sleibrand@internap.com>
- Re: Shim6 proxies
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: Shim6 proxies
  - From: Brian E Carpenter <brc@zurich.ibm.com>

Prev by Date: Re: Shim6 proxies
Next by Date: Re: Shim6 failure recovery after garbage collection
Previous by thread: Re: Shim6 proxies
Next by thread: Re: Shim6 proxies
Index(es):
- Date
- Thread