IETF Logo Mail Archive

[RAM] Re: proxy shim with hash in upper address bits?

marcelo bagnulo braun <marcelo@it.uc3m.es> Fri, 13 July 2007 09:04 UTC

Return-path: <ram-bounces@iab.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I9H4G-0002R2-1A; Fri, 13 Jul 2007 05:04:04 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I9H4F-0002Qw-3s for ram@iab.org; Fri, 13 Jul 2007 05:04:03 -0400
Received: from smtp03.uc3m.es ([163.117.176.133] helo=smtp.uc3m.es) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I9H4B-0007zD-KW for ram@iab.org; Fri, 13 Jul 2007 05:04:03 -0400
Received: from [163.117.82.80] (wifi-82-80.uc3m.es [163.117.82.80])by smtp.uc3m.es (Postfix) with ESMTP id A85145E9C3; Fri, 13 Jul 2007 11:03:58 +0200 (CEST)
In-Reply-To: <5544034C-9139-4E6B-A6A7-DBE087BCF37A@muada.com>
References: <2D647210-AF54-4B24-9FBA-A7865B4F4325@muada.com> <3DB9629A-0C1D-4D8E-B779-5D6686DC9F69@it.uc3m.es> <5544034C-9139-4E6B-A6A7-DBE087BCF37A@muada.com>
Mime-Version: 1.0 (Apple Message framework v752.3)
Content-Type: text/plain; charset=ISO-8859-1; delsp=yes; format=flowed
Message-Id: <3EE630C1-49E1-4DFD-A7AD-77357C0C17CA@it.uc3m.es>
Content-Transfer-Encoding: quoted-printable
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
Date: Fri, 13 Jul 2007 11:03:55 +0200
To: Iljitsch van Beijnum <iljitsch@muada.com>
X-Mailer: Apple Mail (2.752.3)
X-imss-version: 2.047
X-imss-result: Passed
X-imss-scanInfo: M:B L:E SM:2
X-imss-tmaseResult: TT:1 TS:-14.3866 TC:1F TRN:49 TV:3.6.1039(15294.003)
X-imss-scores: Clean:100.00000 C:0 M:0 S:0 R:0
X-imss-settings: Baseline:1 C:1 M:1 S:1 R:1 (0.0000 0.0000)
X-Spam-Score: 0.1 (/)
X-Scan-Signature: d8ae4fd88fcaf47c1a71c804d04f413d
Cc: shim6-wg <shim6@psg.com>, RAM Mailing List <ram@iab.org>
Subject: [RAM] Re: proxy shim with hash in upper address bits?
X-BeenThere: ram@iab.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Routing and Addressing Mailing List <ram.iab.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/ram>
List-Post: <mailto:ram@iab.org>
List-Help: <mailto:ram-request@iab.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=subscribe>
Errors-To: ram-bounces@iab.org

El 12/07/2007, a las 23:04, Iljitsch van Beijnum escribió:

> [crossposted, please prune as required. RAM people, please look at  
> the bottom of the message]
>
> On 11-jul-2007, at 15:23, marcelo bagnulo braun wrote:
>
>>> After reading Marcelo's draft about a proxy implementation of  
>>> shim6 a while ago I was somewhat disheartened: this is extremely  
>>> hard to do, mostly because an unsuspecting host would need to  
>>> receive an HBA-compatible address.
>
>> why do you think so?... you can deal with this doing dhcp  
>> delegation of the HBAs/CGAs? (you would be breaking stateless  
>> address autoconf, but i guess the same would happen if you need a  
>> reasonable amount of bits in the prefix to carry crypto  
>> information...)
>
> You're right, if you can get the hosts to create only HBA addresses  
> by use of DHCPv6 or some other mechanism, that would work. Note  
> thought that most of today's IPv6 hosts don't support DHCPv6  
> address assignment so this may not be a suitable solution for true  
> legacy IPv6 support.
>
> Obviously stateless autoconf would have to work with the bits in  
> the upper part of the address or this would be an exercise in  
> futility.
>
>> Yes, creating a crypto prefix for the identifier namespace would  
>> bean option for dealing with this, but i guess it would break SAA
>
> SAA?
>

stateless address auto configuration

> Another, possibly even harder to solve, problem with proxy shim is  
> what happens when a host behind the proxy want to talk to a non- 
> shim host.

it depends what type of idetifiers are you using

if you are using routable identifiers, then you don't have problem

if you are not using routble ids, then you are in trouble and  
backward compatibility woudl require either configuring routable  
address to hosts (in addition of the non routable ids) or some form  
of nat

> But quite possibly, we can solve this if we can make proxy shim  
> interoperable with a LISP-like approach. So the user of the  
> portable space would implement a shim proxy cq ETR/ITR which would  
> obviously be able to talk to other shim proxy/ETR/ITR devices as  
> well as to any host that supports shim6. Hosts that don't implement  
> shim6 would have to reach hosts behind a proxy through ETRs that  
> are deployed by their ISPs or possibly by the sellers of the  
> portable address space.


how does this solve the backward compatibility problem? I mean you  
still need to deploy ETR/ITR in the remote site, so if you do that,  
you may well deploy any other box i.e a pproxy shim

Bottom line: proxy shim, shim6, lisp, you-name-it, they all require  
support from both ends involved in the communication (either host or  
a box next to the host (proxy, TR)) (and the multihoming benefits  
only apply to the path between the two multihoming aware boxes)

Regards, marcelo




_______________________________________________
RAM mailing list
RAM@iab.org
https://www1.ietf.org/mailman/listinfo/ram

v2.8.7 | Report a Bug | By Email