[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ps & req in multi-prefix-env

To: Ruri Hiromi <hiromi@inetcore.com>
Subject: Re: ps & req in multi-prefix-env
From: Fred Baker <fred@cisco.com>
Date: Tue, 3 Apr 2007 11:44:07 -0700
Cc: Alain Durand <alain_durand@cable.comcast.com>, Dave Thaler <dthaler@windows.microsoft.com>, v6ops <v6ops@ops.ietf.org>
In-reply-to: <ECBC8FBA-B15D-4540-89A5-A3F14E9226E8@inetcore.com>
References: <ECBC8FBA-B15D-4540-89A5-A3F14E9226E8@inetcore.com>


On Apr 3, 2007, at 2:26 AM, Ruri Hiromi wrote:

Hello,
For WGLC, I would like to confirm the description about "multi-interface" issue.
In the documents(http://www1.tools.ietf.org/html/draft-ietf-v6ops-addr-select-req-01) at section4(3) and (4), we wrote about commentsgiven at IETF67.
(1) should or must?
In our original requirement, we thought multi-prefixes with singleinterface. Now we inserted the additional description about theproblems(s) to be considered at the situation of multi-prefixeswith multi-interfaces. My question here is; which is better todeclare "the multiple interface issue SHOULD be considered?" and"the multiple interface issue MUST be considered?"? which phraseis suitable?

I'm a little uncomfortable with the distinction in this context. Theway I use the terms, which dates from the development and editing ofwhat we now call RFC 1812, "MUST" implies that something breaks ifyou don't do it, while "SHOULD" implies that there may be cases inwhich it is valid to not do the action - and the implementation thatdoesn't do the "should" is on the hook to make that case.

For example an IP router MUST apply a longest-match-first lookup todetermine what route entry to use - if it doesn't, it will sendpackets the wrong way. On the other hand, while it is legal andsensible to configure IP prefixes in terms of a prefix length, at thetime that RFC 1812 was written it was common practice to use subnetmasks and to not require that they be contiguous (eg expressible as alength). In the context of the era, the statement


   The <Subnet-number> bits SHOULD be contiguous and fall between the
   <Network-number> and the <Host-number> fields.  More up to date
   protocols do not refer to a subnet mask, but to a prefix length; the
   "prefix" portion of an address is that which would be selected by a

subnet mask whose most significant bits are all ones and the restare

   zeroes.  The length of the prefix equals the number of ones in the
   subnet mask.  This document assumes that all subnet masks are
   expressible as prefix lengths.

made sense. There were other ways to do things that we were in facttrying to stamp out, and have a decade later succeeded in stamping out.

In this context, the authors have argued that they are dealing with aspecial case network and system rather than the general case. In thegeneral case, multi-LAN servers are pretty common, and multihomednetworks with multiple DMZs are pretty common among the Fortune 1000list of companies. In the specific case of a home or a cube farm,single-interfaced hosts predominate by a huge percentage, and amongnon-fortune-1000 companies single homing and single-DMZ multihomingare pretty common. So I struggle with the question "who is yourtarget audience". The people most likely to use your solution soundto me like the parties that you say you're not addressing.

In that context, what breaks if you don't address the multi-LANserver case? I think what "breaks" is that the administrators ofthose systems won't find your solution adequate, something you havealready said you are perhaps OK with.

(2) how? any ideas? references?
 If you already have an idea to solve this, could you feed us details?

Goodness. To my admittedly small mind, the multiple-prefixes-on-one-interface case is a special case of multiple-prefixes-on-many-interfaces. Solve the latter and the former should fall out.

This is why I urged that you consider asking the network aboutdestination address choice in some way. Since the host doesn't knowthe details of routing, it has two choices: to ask the network, whichdoes, or to perform its own measurements and maintain some degree ofmemory in cache form.

====
(current description)
3) Issues that need big RFC 3484 change.
    - Multiple Interfaces Issues

      Dave Thaler gave us comments that multiple-interface hosts may
      face policy collision and distribution of dst address selection
      policy and src address selection policy should be separated.
      Also, per-interface policy table was proposed.

      After all, this is a policy collision problem.  To make a host
      have one policy table per network interface doesn't solve policy
      collision issue.  Source address selection is performed after

output interface is selected, but destination addressselection is

      before output interface selection.  In this case, destination
      address selection uses all the policy tables a host has, so here
      collision can happen.
      Separating destination address selection and source address
      selection will have a big change on RFC3484 policy table

definition. Though it may be a good idea to avoid sourceaddress

      selection policy collision.
====

Thanks in advance,
-------------------------------
Ruri Hiromi
hiromi@inetcore.com

Follow-Ups:
- Re: ps & req in multi-prefix-env
  - From: Ruri Hiromi <hiromi@inetcore.com>
- Re: ps & req in multi-prefix-env
  - From: "haofeng Zhang" <hfzhang.cn@gmail.com>

References:
- ps & req in multi-prefix-env
  - From: Ruri Hiromi <hiromi@inetcore.com>

Prev by Date: RE: draft-ietf-v6ops-addcon WGLC
Next by Date: RE: draft-ietf-v6ops-addcon WGLC
Previous by thread: ps & req in multi-prefix-env
Next by thread: Re: ps & req in multi-prefix-env
Index(es):
- Date
- Thread