[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt

To: Iljitsch van Beijnum <iljitsch@muada.com>
Subject: Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
From: Erik Nordmark <erik.nordmark@sun.com>
Date: Tue, 20 Jun 2006 06:43:07 -0700
Cc: shim6@psg.com
In-reply-to: <8EECFB09-9D94-437C-9147-2C58C78B3C8D@muada.com>
References: <6.2.0.14.2.20060608092748.02d4d078@kahuna.telstra.net> <20060612195354.GA10386@srv01.cluenet.de> <EDF1AD0E-25CF-4021-86AE-745429F1482A@ca.afilias.info> <20060613123535.GA22866@srv01.cluenet.de> <16ee481b0389c12f56c94e6ed29f917e@it.uc3m.es> <20060614124502.GB14651@srv01.cluenet.de> <60e88818efc29ac3cbd080d79ff90a8c@it.uc3m.es> <20060614132504.GA15473@srv01.cluenet.de> <4492DC0E.9000800@sun.com> <8EECFB09-9D94-437C-9147-2C58C78B3C8D@muada.com>
User-agent: Thunderbird 1.5 (X11/20060113)

Iljitsch van Beijnum wrote:

Hm, maybe it makes sense to build in address rewriting by routers (ormiddleboxes) after all?
That way, the hosts handle the security, but routers can easilyoverwrite source addresses and middleboxes that carry more state couldeven overwrite destination addresses, as soon as the shim negotiationshave completed.


Agreed.

Actually, the rerwriting can happen during the shim contextestablishment as well.

Can we do better with respect to traffic engineering without throwingout security? draft-nordmark-shim6-esd outlines ways in which we canget the same feedback loop from routers as in GSE.
This depends largely on whether we accept the proposed requirement thathosts are unable to make any decisions of their own. Do we?

For the initial contact with some degree of id/locator separation wedon't have much choice but *allow* hosts to make a choice.The destination identifier will need to map to multiple locators, andsomebody needs to choose. One could externalize that choice from thehost (e.g., in some yet-to-be invented scalable policy lookup system)but from a deployment perspective it seems we can get more milage out ofthe hosts picking an initial destination locator and then get feedbackfrom the routers (e.g., using locator rewriting by the routers).


   Erik

References:
- I-D ACTION:draft-ietf-shim6-applicability-01.txt
  - From: Geoff Huston <gih@apnic.net>
- Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
  - From: Daniel Roesen <dr@cluenet.de>
- Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
  - From: Joe Abley <jabley@ca.afilias.info>
- Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
  - From: Daniel Roesen <dr@cluenet.de>
- Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
  - From: Daniel Roesen <dr@cluenet.de>
- Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
  - From: Daniel Roesen <dr@cluenet.de>
- Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
  - From: Erik Nordmark <erik.nordmark@sun.com>
- Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Fw: I-D ACTION:draft-sugimoto-multihome-shim-api-00.txt
Next by Date: Re: review of draft-ietf-shim6-failure-detection-03.txt
Previous by thread: Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
Next by thread: Re: I-D ACTION:draft-ietf-shim6-applicability-01.txt
Index(es):
- Date
- Thread