IETF Logo Mail Archive

Re: [Anima] Is this how BRSKI/IPIP works?

Michael Richardson <mcr+ietf@sandelman.ca> Thu, 13 July 2017 13:53 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22ACE131A7A for <anima@ietfa.amsl.com>; Thu, 13 Jul 2017 06:53:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.308
X-Spam-Level:
X-Spam-Status: No, score=-0.308 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_03_06=1.592, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CkhDXAyw7JdE for <anima@ietfa.amsl.com>; Thu, 13 Jul 2017 06:53:13 -0700 (PDT)
Received: from relay.sandelman.ca (relay.cooperix.net [IPv6:2a01:7e00::f03c:91ff:feae:de77]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2D760131A86 for <anima@ietf.org>; Thu, 13 Jul 2017 06:53:12 -0700 (PDT)
Received: from dooku.sandelman.ca (ip-94-113-76-12.net.upcbroadband.cz [94.113.76.12]) by relay.sandelman.ca (Postfix) with ESMTPS id 6E12C1F906; Thu, 13 Jul 2017 13:53:10 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 805F31626; Thu, 13 Jul 2017 05:40:11 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
cc: Anima WG <anima@ietf.org>
In-reply-to: <81be3d6c-d5b6-92a6-da3d-b10365e53964@gmail.com>
References: <467b3a9b-6fe0-c01f-6165-18e6e290a28c@gmail.com> <14885.1499820271@dooku.sandelman.ca> <3a2a138d-df80-8231-918e-b7dd33ff4fd6@gmail.com> <25643.1499875039@dooku.sandelman.ca> <81be3d6c-d5b6-92a6-da3d-b10365e53964@gmail.com>
Comments: In-reply-to Brian E Carpenter <brian.e.carpenter@gmail.com> message dated "Thu, 13 Jul 2017 08:55:02 +1200."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Thu, 13 Jul 2017 11:40:11 +0200
Message-ID: <17795.1499938811@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/FHabnIS6_gn7PrpQZzcOd-FRlBA>
Subject: Re: [Anima] Is this how BRSKI/IPIP works?
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jul 2017 13:53:15 -0000

Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
    > OK, I'm getting there. More in line:

    >> 1) Registrar accepts any Lx1 as local.  There is no precedent in v6
    >> APIs to open such a socket, but this actually supported on many
    >> platforms.  It's used for nasty stuff like transparent application
    >> layer proxies, forced HTTP proxying, and the like.

    > I think there's a more subtle way to look at it. When the registrar
    > receives a protocol 41 packet from a new ACP address, it conceptually
    > synthesises a new virtual interface and assigns Lx1 as its link local
    > address. On that interface, things would look normal. Thus RFC2473:

I can buy this.
It argues that the Proxy should send a gratuitous packet to the Registrar to
prime that virtual interface.  An ICMP echo request perhaps.

How can we document this well?

    >> 3) We have the Registrar tell the proxy an Lx value to use.  I chose
    >> to put this option into the protocol, because we can always set Lx=
    >> Lanycast in the future, and perhaps we can set it to :: if we want
    >> case (1).

    > I like this least of all. What happens if there are multiple
    > registrars?  And when a proxy node comes up as a pledge, it must give
    > itself a LL address on each interface before it even tries to perform
    > its own BRSKI, and before it looks for its own proxy and joins the

Yeah, you are right, this doesn't work if there are multiple registrars.

-- 
]               Never tell me the odds!                 | ipv6 mesh networks [ 
]   Michael Richardson, Sandelman Software Works        | network architect  [ 
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

v2.23.0 | Report a Bug | By Email