[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Distributing site-wide RFC 3484 policy



On 2007-07-27 21:28, YOSHIFUJI Hideaki / 吉藤英明 wrote:
Hello.


First of all, I would agree the PS itself.
And, I would agree the distributing address selection "hints",
but I am not in favor having the "policy" itself get distributed.

The end-node clients may have their own "policy" and/or implementation
details (e.g., an implementation may have special tunnel or
special (and useful) policy for the implementation), and they must be
taken into account.

This is a standard issue in any policy distribution mechanism -
if there are two sources for policy (e.g. local and central),
which one wins? That needs to be defined in the mechanism.
Sometimes, the site-wide policy will win, because the IT Management
has authority.


And, only the "end-node" can know the full view of reachability.
Routers or other entity may suggest end-node to use another source address(es)
(or prefix(es)), but it can not be ultimate (or god's) order.

Correct. Reachability will always win.

In that sense, we might need to solve this issue in conjunction with
rrg work.

Well, LISP reachability is interesting, but still not as certain
as a successful SYN/ACK.

    Brian


Anyway, the draft contains a horrible error, at least.
We CAN NEVER specify zone-index from outside the box.  It MUST be removed.
And, I would say, we must make it clear that the information is
"relative" or "virtual" and the end-node retain having final decision.


Regards,

In article <46A609C5.1050109@gmail.com> (at Tue, 24 Jul 2007 16:16:37 +0200), Brian E Carpenter <brian.e.carpenter@gmail.com> says:

Thanks. So does v6ops have an opinion about
draft-fujisaki-dhc-addr-select-04.txt? It seems
nothing will happen unless it's discussed here or
in ipv6.

    Brian

On 2007-07-23 21:18, Ruri Hiromi wrote:
Hi,

The latest version of this draft is today Arifumi mentioned in his solution document, "draft-fujisaki-dhc-addr-select-04.txt" and "draft-v6ops-addr-select-ps-01.txt". We divided previous draft into 2 part, one for distribution protocol and the other for problem statement.

At first, we wrote that draft and presented in DHC-wg. DHC-wg chairs suggested us that we need support from other wg such as v6ops. Then we are here.


On 2007/07/24, at 3:56, Brian E Carpenter wrote:

What happened to
http://tools.ietf.org/id/draft-hirotaka-dhc-source-address-selection-opt-01.txt
and is there any other proposal for site-wide distribution of
address selection policy?

As I said at the mike today, I really think we can't avoid
such a mechanism. There *will* be sites running multiple prefixes
(those too small to insist on PI space, but big enough to
need multiple ISPs).

    Brian

-------------------------------
Ruri Hiromi
hiromi@inetcore.com