[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Distributing site-wide RFC 3484 policy

To: v6ops@ops.ietf.org
Subject: Re: Distributing site-wide RFC 3484 policy
From: Jun-ichiro itojun Hagino <itojun@itojun.org>
Date: Fri, 27 Jul 2007 06:17:09 +0900
In-reply-to: iljitsch's message of Thu, 26 Jul 2007 15:59:02 EST. <0465373E-CBFD-4778-975F-2B5D0ED5DA3E@muada.com>

>> 	what i've said is, it MAY NOT best to use ADDR-A to go out from
>> 	ISP-A!
>
>Well, then make a policy entry that tells the host what is the best  
>combination.

	but again, you have no idea what is *the best* combination.

>(Ignoring the obvious ingress filtering problem for a moment.)

	i have responded to issues with uRPF in a separate paragraph in one of
	the previous emails.

>>         you cannot see the EGP routing table of ISP-A (unless you are
>> 	insider) so you have no (or very little) idea!
>
>What's your point?

	you (as a customer of ISP-A and ISP-B) cannot guess what is the
	best combination of src/dst address pair to go out from RT-A/B,
	or how to choose one of the ISPs/routers to go out.

>> 	as long as you use RT-A consistenly, there's no issue with multipath
>> 	TCP packet reordering.
>
>There is no rule against reordering IP or TCP packets.

	there is none, but there's performance implication.
	see RFC2991 section 2.

>> 	so you cannot rewrite your IP stack but you are saying you can  rewrite
>> 	all of your application to use something next to getaddrinfo(3).
>> 	i see some contradiction.
>
>No, you're being difficult, and I'm starting to think it's on purpose.

	no, i'm just trying to understand what you are saying.

>The vendors have to make the software do what's right. I can  
>rearrange the hardware in my network if that makes everything work  
>better.

	so what is the reason behind (1) you can rewrite all of your
	applications and (2) you cannot rewrite your IP stack?  you'd better
	describe.

>> 	well, if you say "so?" or "nonsense", that is total denial from making
>> 	a constructive argument.  it isn't an argument clinic ala monty python.
>
>Saying that a global address is better than a private address for a  
>function that doesn't need the functionality of a global address  
>WITHOUT EXPLAINING WHY THAT WOULD BE SO is even worse. Are we still  
>having a useful discussion?
>
>I'm getting pretty tired of these based-on-nothing arguments against  
>ULAs. Come up with a reason why they're so bad or shut up about them.  
>That goes for all ULA haters, btw.

	you are, again, missing my point.  i have been against of the idea of
	- having addresses with different reachability, including site-local
	  and ULA (which is zombie of site-local)
	- having to control selection of those addresses in the end node,
	  i.e. source address selection policy table
	- and to make it worse, the need of deploying policy table into the
	  organization nodes
	got an idea?


itojun
PS: i'm in chicago until tomorrow morning so catch me whenever you are
available.  email is a terrible media to communicate.

Follow-Ups:
- Re: Distributing site-wide RFC 3484 policy
  - From: Gert Doering <gert@space.net>
- Re: Distributing site-wide RFC 3484 policy
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- Re: Distributing site-wide RFC 3484 policy
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: Distributing site-wide RFC 3484 policy
  - From: Arifumi Matsumoto <arifumi@nttv6.net>

References:
- Re: Distributing site-wide RFC 3484 policy
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Re: Distributing site-wide RFC 3484 policy
Next by Date: Re: CPE equipments and stateful filters
Previous by thread: Re: Distributing site-wide RFC 3484 policy
Next by thread: Re: Distributing site-wide RFC 3484 policy
Index(es):
- Date
- Thread