[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ND-proxy applicability in Unmanaged [Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt]

To: Erik Nordmark <Erik.Nordmark@sun.com>
Subject: Re: ND-proxy applicability in Unmanaged [Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt]
From: Pekka Savola <pekkas@netcore.fi>
Date: Sat, 20 Mar 2004 17:11:29 +0200 (EET)
Cc: v6ops@ops.ietf.org, <jonne.soininen@nokia.com>, <huitema@microsoft.com>
In-reply-to: <Roam.SIMC.2.0.6.1079748533.8270.nordmark@bebop.france>

On Fri, 19 Mar 2004, Erik Nordmark wrote:
> > SEND + CGA helps a bit in the local link, between the nodes; 
> > ND-proxy does not prevent that.  
> 
> AFAIK ND-proxy is incompatible with using SEND. full stop.
> You can't do any proxy advertisements transparently to the hosts and
> still have SEND work.

SEND nodes are still capable to use SEND when they're (all) behind the
same ND-proxy.  Obviously, when they work in the "transition" mode,
they will also process non-SEND messages, such as those that originate
beyond ND proxy.  So, you can actually use a degree of SEND with
ND-proxy, but I think it does not work *through* the ND proxy.  
Depending on where you deploy it (and where you deploy the SEND
nodes), this may be relevant.

> > > Could you specify the problem statement that covers "simpler setups"
> > > but where  loops are somehow impossible to create by the consumer?
> > 
> > We are not preventing the customer from shooting him/herself in the
> > foot in many other specifications either -- why is this relevant here?  
> 
> Could you please point me at an IETF standard related to routing which
> can create persistent routing loops where ttl is not decremented?
> I never recall seeing such a beast. Folks in the routing area seem
> to have a aversion to creating persistent routing loops; even though
> temporary loops occur at L3 and the damanage is limited due to
> the ttl decrement.
> But ndproxy explicitly doesn't decrement the ttl/hop limit!
> That is why I am extremely concerned here.

Luckily enough ND-proxy is not going to be IETF standard, but
Informational :).  Nobody has bothered to document (different flavors
of) proxy-ARP, but that's there in the similar way as well -- without
spanning tree, and seems to be working whereever it's used.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

Follow-Ups:
- Re: ND-proxy applicability in Unmanaged [Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt]
  - From: Erik Nordmark <Erik.Nordmark@sun.com>
- Re: ND-proxy applicability in Unmanaged [Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt]
  - From: Erik Nordmark <Erik.Nordmark@sun.com>

References:
- Re: ND-proxy applicability in Unmanaged [Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt]
  - From: Erik Nordmark <Erik.Nordmark@sun.com>

Prev by Date: Re: stable vs address-derived v6 prefix [Re: v6 deployment in general [Re: tunnel broker deployment [RE: Tunneling scenarios and mechanisms evaluation]]]
Next by Date: Re: Recent navel gazing - we need to stop wasting cycles on FUD
Previous by thread: Re: ND-proxy applicability in Unmanaged [Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt]
Next by thread: Re: ND-proxy applicability in Unmanaged [Re: WG Last Call: draft-ietf-v6ops-unmaneval-01.txt]
Index(es):
- Date
- Thread