[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: draft-wbeebee-ipv6-cpe-router-04 comments
James and Mark,
Did you see the security liaison sent to v6ops from the DSL Broadband
Forums folks? Fred Baker sent it out to the v6ops mailer this week.
DSL is precisely discussing a fact that modems will have to go thru a
default router rather than communicating directly to each other which is
what you two are proposing. I think we have to let the Broadband forum
complete their IPv6 standards and then depending upon what they do, we
can revisit this RFC 4191 question.
At this point I would like you all to see this text below that I and Wes
wrote in an expired draft of
draft-wbeebee-on-link-and-off-link-determination-01.txt.
Hemant
[3. Router Models
The Redirect Clarifications section clarifies RFC 4861 [ND] host and
router behavior for an aggregation router deployment.
The Aggregation Router Deployment Model section presents a possible
aggregation router deployment model for IPv6 and discusses its
properties with respect to ND. Aggregation routers can service more
than 100,000 subscribers. Due to scaling considerations, any NS for
global address resolution from any host to any other host should not
reach the aggregation router.
3.1. Aggregation Router Deployment Model
A property of routed aggregation networks is that hosts cannot
directly communicate with each other even if they share the same
prefix. Physical connectivity between the aggregation router and the
modems prevents hosts behind modems to communicate directly with each
other. Hosts send their traffic to aggregation router. This design
is motivated by scaling and security considerations. If every host
could receive all traffic from every other host, then the
subscriber's privacy would be violated and the amount of bandwidth
available for each subscriber would be very small. That is why hosts
communicate between each other through the aggregation router, which
is also the IPv6 first-hop router.
For scaling reasons, any NS to resolve any address other than that of
the default router should not reach the aggregation router.
+-----+
| |
|Aggre+----(Rtr CPE)----Host1
Core----WAN----+gator|
| Rtr |
| +----(Br CPE)----(Cust Rtr)----Host2
+-----+
Figure 1.
In the figure above, the customer premises equipment (CPE) is managed
by the ISP and is deployed behind an aggregation router that is an
IPv6 first-hop router and also a DHCPv6 relay agent. IPv6 CPEs are
either IPv6 routers (Rtr CPE) or IPv6 bridges (Br CPE). If the
customer premises uses a bridge CPE, then a router (Cust Rtr) is
needed. All hosts reside behind a router CPE or a customer router.
No NS to resolve any address other than that of the default router
Singh & Beebee Expires July 4, 2008 [Page 7]
Internet-Draft ND On-link Determination January 2008
will reach the aggregation router from any device on the customer
side of the aggregator. CPEs do not communicate with each other in
this deployment model since a CPE does not run any applications that
need to communicate with other CPEs. Hosts do communicate with each
other, but every host is off-link to any other host on the
aggregation router.]
-----Original Message-----
From: james woodyatt [mailto:jhw@apple.com]
Sent: Wednesday, March 25, 2009 7:17 PM
To: IPv6 Operations
Cc: Hemant Singh (shemant); Wes Beebee (wbeebee)
Subject: Re: draft-wbeebee-ipv6-cpe-router-04 comments
On Mar 25, 2009, at 16:06, james woodyatt wrote:
>
> Please let me clarify my remarks and narrow my request somewhat, now
> that I've had a chance to review more of the CPE Router draft. I am
> only interested in such RFC 4191 messages when a valid PIO has been
> received on the WAN link with L=1. No other cases are interesting.
I take it back. It's interesting in the other cases as well. Two CPE
routers attached to the same link will exchange their prefixes with
MSR advertisements regardless of whether the RAs from the service
provider have PIO options in them. As they should.
--
james woodyatt <jhw@apple.com>
member of technical staff, communications engineering