[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WGLC ent-analysis-03: DSTM

To: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
Subject: Re: WGLC ent-analysis-03: DSTM
From: Pekka Savola <pekkas@netcore.fi>
Date: Fri, 19 Aug 2005 12:51:46 +0300 (EEST)
Cc: v6ops@ops.ietf.org
In-reply-to: <200508170804.j7H84ELS079516@givry.rennes.enst-bretagne.fr>
References: <200508170804.j7H84ELS079516@givry.rennes.enst-bretagne.fr>

First off (after writing the response below), let me clarify the list of v4-in-v6 tunnel functions:

As it is, different people use "DSTM" to mean at least the following things:

 a) (manually configured) v4-in-v6 tunnels [RFC2473]

 b.1) the set-up of the bidirectional v4-in-v6 tunnel with the tunnel
    server(s) which can happen without user intervention, e.g., using
    one of the processes described in draft-palet-v6ops-tun-auto-disc-03.txt.
    This must include a way to auto-configure a v4 address [e.g., DHCPv4].

 b.2)  the automatic set-up of v4-in-v6 tunnels, so that between each
    host, an ad-hoc tunnel can be signalled and set up" [6to4-like
    traffic optimization]

 c) assignment of an address on top of v4-in-v6 tunnel(s), but
    deferred until the application wants to create v4 socket.
    [issues with dual-stack server apps, for example]

 d) automatic monitoring and tear-down of said v4-over-v6 tunnel(s)
    when the host detects it no longer needs the address/connectivity

 e) plus a number of extensions for even more colorful setups (e.g.,
    instead of just assigning an address, assign only certain _ports_
    of an address).

Personally, - I believe there is a need for a) [but that's already specified]; - I think there also is a need (now or in the future) for b.1). - b.2) does not seem to be a good way to go (if traffic optimization is needed, maybe you shouldn't be using tunneling in the first place or you should deploy more tunnel servers and make _them_ interconnected). - c) is something implementations may try to do on their own, but I would recommend against it, and the IETF shouldn't work on that - d) doesn't seem to be worth the effort and is probably difficult to get right -- and for addresses, DHCPv4 and other methods already exist; not sure we want/need to do more work on that.

I have no problem having the enterprise analysis document include this kind of analysis, and describe the need for a) and b.1) -- and I think this is probably a good thing as it might lessen the confusion on the real requirements for v4-in-v6 tunnels -- but if we go further than that, we may have a problem....

More inline..

On Wed, 17 Aug 2005, Francis Dupont wrote:

  DSTM [DSTM, DSTM+] is a useful tunneling mechanism for later in the
  enterprise transition or deployment of IPv6-dominant network links
  is desired. DSTM is to being submitted as an IETF Experimental RFC.

  ==> as it is, DSTM is a way too overloaded a mechanism to be referred to
  without more disclaimers or description.

=> the overload (if any) should be solved by the references...

This is a working group document. I don't think we can just refer to a non-wg, ambiguous document and expect it to clear up the ambiguities and confusion.

   As it is, different people use
  "DSTM" to mean at least the following things:
=> I saw the birth of DSTM: DSTM is Jim Bound's AIIH + Laurent Toutain's DTI.

That may be, but many people since have used the term, and may have zero idea what the goals are or may have been.

    a) v4-in-v6 tunnels
    b) automatically set-up v4-in-v6 tunnels

=> this (b-a) is DTI

Based on later messages, I think you misunderstood what I tried to refer to with b).

What I meant was like,

"b.1) the set-up of the bidirectional v4-in-v6 tunnel with the tunnel server can happen automatically, e.g., using one of the processes described in draft-palet-v6ops-tun-auto-disc-03.txt"

But what I think you took it to mean was,

"b.2) the automatic set-up of v4-in-v6 tunnels, so that between each host (and/or tunnel server), an ad-hoc tunnel can be signalled and set up" [6to4-like traffic optimization]

Is this correct?

I was certainly referring to b.1) only.

    c) automatic set up of v4-in-v6 tunnels when the host
       doesn't have v4 address and an app wants to create a v4 socket

[...]

DTI is exactly the dynamic flavour and is needed in DSTM for scalable
Tunnel End-Points.

  b) can be achieved using a tunnel broker;

=> this is both true and false: how the state is managed can be orthogonal
to the tunnel interface itself.
BTW the point is critical for the interoperability.

Certainly, if you wanted to create ad-hoc tunnels (6to4-like) between each host or the like, a protocol interoperability that goes beyond the plain tunnel broker would be needed. But I wasn't implying that functionality (nor do I think it is needed).

  c) does not require IETF interoperability (a local implementation choice
  when/how to launch the v4-in-v6 activation).

=> I don't understand your comment: the idea (AIIH) is more than useful
when a global IPv4 address is required.
PS: AIIH is the by-need allocation of an IPv4 address.

What I meant is that if you already have a) and b.1), i.e., an ability for the host to set up a tunnel without manual configuration with a tunnel server, all your implementation needs to do is add a hack which triggers this activation when the v4 socket call is being made.

There is no difference between b.1) and c) wrt. bits on the wire, right?

  d) could also be considered in
  the same category (there are no bits in the wire or anything requiring
  interoperability AFAICS on when the host removes the tunnel), though I'm
  skeptical whether even providing that would be a good engineering choice.

=> d is a consequence of the possible allocation of global IPv4 addresses
and is managed exactly as DHCPv4 does. To compare with similar mechanisms,
IKEv2 CFG_REQUEST can allocate home IPv4 addresses with expire/renew/...

But if we can already use exactly DHCPv4 on top of the tunnel, why do we need to do anything? If DHCPv4 supports address dynamicity, the only thing left is whether you need to signal the teardown of the tunnel... and that seems hardly sufficiently useful.

  My point is that I'm having hard time figuring out:
    1) what the document means when it's recommending DSTM, and

=> the references

As said, I don't think a wg doc like this can shrug off these kinds of issues by just referring to non-wg documents and letting them sort things out. Best would probably be summarizing the different requirements or non-requirements (a-d above) in this doc, removing the references altogether, and enhancing the dstm spec (or writing a separate draft describing the scenarios/requirements for v4-in-v6 tunneling) to try to remove any confusion.

--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

Follow-Ups:
- Re: WGLC ent-analysis-03: DSTM
  - From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>

References:
- Re: WGLC ent-analysis-03: DSTM
  - From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>

Prev by Date: Re: RV: I-D ACTION:draft-baker-v6ops-end2end-00.txt
Next by Date: Re: WGLC ent-analysis-03: DSTM
Previous by thread: Re: WGLC ent-analysis-03: DSTM
Next by thread: Re: WGLC ent-analysis-03: DSTM
Index(es):
- Date
- Thread