RE: [mobile-ip] Re: FW: I-D ACTION:draft-tsirtsis-dsmip-problem-0 0.txt

[Pekka Savola <pekkas@netcore.fi>]

On Sun, 24 Aug 2003, Soliman Hesham wrote:
>  > So, it seems pretty reasonable to expect many (most?) 
> 
> => More like "none" than "most". Even if they implement
> it, the encapsulation is normally done in the FA otherwise
> the local domain's ingress filter will drop the packets.

Have you even ever deployed MIPv4?  MN would encapsulate packets using its
care-of address, and local domain's ingress filter would certainly NOT
drop those packets.  Or what are you referring to?

>    MN's implement 
>  > tunneling back to HA .. if not for any other reason than 
>  > being able to 
>  > operate in networks where there are no foreign agents.
> 
> => It's not required for operating in such networks. Please
> see RFC 3220

If ingress filters are in place in the visited network (i.e., you have to
always plan for it even if sometimes that's not the case), it surely is,
unless there is something I've missed (if so, please give a specific
pointer to what in RFC3220).

>  > > => what makes the MN reverse tunnel a packet sent to an 
>  > > IPv6 address to an IPv4 address?
>  > 
>  > The enabling of 6to4 pseudo-interface, for example? (i.e., 
>  > enabling the 
>  > pseudo-interface, resulting in the 2002::/16 route).
> 
> => see above...

I do not see how the above is relevant to this part of the discussion.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings