Re: Tagging traffic (Was: CPE equipments and stateful filters)

[Fred Baker <fred@cisco.com>]

On Jul 23, 2007, at 3:44 PM, Jun-ichiro itojun Hagino wrote:

> IP address is always locator
> 	and you have to use X.509 certs or ssh host key for IDs.

I would really strongly suggest that you re-read the Nimrod  
architecture:

http://www.ietf.org/rfc/rfc1992.txt
1992 The Nimrod Routing Architecture. I. Castineyra, N. Chiappa, M.
     Steenstrup. August 1996. (Format: TXT=59848 bytes) (Status:
     INFORMATIONAL)

"A locator is a string of binary digits that identifies a location in  
an internetwork.  Nodes and endpoint are assigned locators."

"An endpoint represents a user of the internetwork layer: for  
example, a transport connection. Each endpoint has at least one  
endpoint identifier (EID)."

I would agree that the current id/locator split discussion has some  
real problems; it has adopted nimrod language and hopes to acheive  
GSE results, but uses the terms to mean something different than  
Nimrod defined (as does GSE), and the result of GSE derives from the  
existence and use of equivalence classes among names, not from the id/ 
loc split.

That's another discussion :-)

http://www.ietf.org/rfc/rfc1753.txt
1753 IPng Technical Requirements Of the Nimrod Routing and Addressing
     Architecture. N. Chiappa. December 1994. (Format: TXT=46586 bytes)
     (Status: INFORMATIONAL)

http://www.ietf.org/rfc/rfc2102.txt
2102 Multicast Support for Nimrod : Requirements and Solution
     Approaches. R. Ramanathan. February 1997. (Format: TXT=50963  
bytes)
     (Status: INFORMATIONAL)

http://www.ietf.org/rfc/rfc2103.txt
2103 Mobility Support for Nimrod : Challenges and Solution Approaches.
     R. Ramanathan. February 1997. (Format: TXT=41352 bytes) (Status:
     INFORMATIONAL)