[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Rewriting/ingress filtering/NAT/proxy, was: Re: Shim6 Agenda for IETF 71



Hi,

Iljitsch van Beijnum schreef:
When packets return, routers don't rewrite the destination address. Then, two things can happen: the packets end up at the host itself, which recognizes the rewriting and from then on, sources packets with the source address that was written in the first packet by the router. Or hosts on the subnet are legacy and won't recognize the rewriting, so a middlebox rewrites the destination address to the unique site local prefix.
This means that it is a requirement to have one of these three options (for packet return) :
- All hosts are legacy (and the middlebox always rewrites)
- All hosts recognize the rewriting (and the middlebox never rewrites)
- some hosts are legacy, other not, but the middlebox must be aware of the state of each host, so that it can selectively rewrite.

Is it right ?
The host or middlebox can now start shim6 so that if there is a path failure, the session/context can move to a different address.
Isn't there a possibility that a Shim6 context is established by both the middlebox and the host ? Or maybe this can be avoided by synchronizing the heuristics for Shim6 negotiation between the host and the middlebox ?

regards,

Sébastien.