Re: [rrg] RANGI questions

[Robin Whittle <rw@firstpr.com.au>]

Hi Xiaohu,

Thanks for your response, in which you wrote:

>> Discussion and questions
>> ------------------------
>>
>> RANGI is a Core-Edge Elimination (CEE) architecture which requires
>> as-yet undocumented changes to host stacks and applications, starting
>> from the base of IPv6.  Since many applications today are written solely
>> for IPv4, the requirement for IPv6 compatibility and then changing
>> applications substantially to presents an enormous hurdle to the
>> widespread adoption of a solution such as RANGI.  Since benefits only
>> arise when two RANGI applications (on hosts with RANGI stacks) are
>> communicating, substantial benefits to adopters only occur when most or
>> all of the hosts in the world have been upgraded and given IPv6 access.
> 
> With the site proxy or transit proxy mechanisms
> (http://tools.ietf.org/html/draft-xu-rangi-proxy-01), legacy IPv6 hosts can
> initiate communications to RANGI hosts, and vice versa. In this way, the
> early adopters of RANGI could gain substantial benefits before most or all
> of the hosts in the world have been upgraded.

I don't understand how this could be an advantage for them over
leaving their host as an ordinary IPv6 host.  Someone has to install
and run the proxies.


>> RANGI is intended to interwork with IPv4 - but there are insufficient
>> details to conclude that this would be practical.  One problem is Path
>> MTU Discovery (PMTUD) difficulties due to the changing packet size - due
>> to the IPv4 and RANGI header formats being different lengths.  The proxy
>> servers for this interworking would need to translate PTB packets in
>> both directions with suitable caching of the initially sent packets in
>> order to be able to construct valid PTBs, and with suitable adjustment
>> of MTU values to account for differing header overheads in the two
> 
> I believe the PMTU issue is not specific to RANGI. Once this issue is solved
> during the IPv4/IPv6 transition period, it will disappear involuntarily when
> adopting RANGI.

There are other problems, such as IPv4 hosts sending fragmentable
packets, and the tunnel ingress router being required to fragment
them - but perhaps not knowing yet what the PMTU is to the egress
router.  The tunnel involves IPv6 routers, which can't handle
fragmentable packets.

>> systems.  The necessary IPv4 - RANGI proxies cannot support multihoming
> 
> RANGI proxy CAN support multi-homing since the multi-homed proxy can use
> either locator when translating from IPv4 to RANGI. 

OK - but overall I find it difficult to imagine what applications
will do running on an IPv6 machine while communicating with an IPv4
host or vice-versa.  It might be OK for HTTP and some other
protocols, I guess.

>> and are required to alter the information contained in DNS replies,
>> which is likely to disrupt some applications.
>>
>> Proxies can also be used for interworking between IPv6 hosts and RANGI
>> hosts, but these do not support multihoming.
> 
> RANGI proxy CAN support multi-homing since the multi-homed proxy can use
> either locator when translating from IPv6 to RANGI.

This is multihoming of the RANGI end.  The proxy itself isn't
multihomed - nor is the IPv6 host unless it is on PI space.


>> RANGI packets are like IPv6 packets, but have a Destination Option
>> Header to carry the source and destination Identifiers, both of which
>> are 16 bytes.  So RANGI packets would have headers of at least:
>>
>>    40 bytes IPv6
>>    36 bytes Destination Option Header
>>
>>  = 76 bytes
>>
>> This is significant extra overhead.  In addition these packets may be
>> encapsulated in IPv4 in some settings, making 96 bytes of headers, not
>> counting TCP or UDP headers.
>>
>> The VoIP packet size for RANGI would be:
>>
>>     40 bytes IPv6
>>     36 bytes Destination Option Header
>>      8 bytes UDP
>>     12 bytes RTP
>>     20 bytes payload
>>
>>  = 116 bytes total, compared to 60 bytes for IPv4 or 80 bytes for IPv6.
> 
> Yes, your observation is correct. However, do you think this extra bit
> overhead will bring any serious burden on the high-speed Internet? 

The overhead is not going to stop things working, but I think we
should avoid, as much as possible, adopting architectural
enhancements which bloat all headers.  Most of the Internet may be
high-speed, but in the near future, there are going to be billions of
hosts - probably the majority of hosts - relying on slow, potentially
flaky, potentially expensive, wireless links.


>> Without more detail of the mapping systems - both the global DNS system
>> and the Identifier -> Locator mapping systems, it is impossible to
>> estimate the actual performance of a RANGI system.  The ID->Loc mapping
>> system will frequently be used, since it is the only way of ensuring
>> that a given Locator is valid for any particular Identifier.  The
>> caching time is set to zero (page 7) so all queries must go to the
>> authoritative servers, which may involve traversing multiple
>> intermediate servers - all of which could be anywhere in the world.
> 
> It is said as "...To prevent DNS recursive servers caching antique
> ID->Locator mapping information, the TTL of a RANGI RR for a _mobile host_
> should be set to 0 or a very small value." In normal cases, there wouldn't
> be too many correspondence nodes for a mobile node simultaneously, IMHO. For
> those hot-spot servers which are usually fixed hosts, the TTL for their
> RANGI RRs can be set to a large value.

OK - sorry, I misunderstood the sentence:

   To prevent DNS recursive servers caching antique ID->Locator
   mapping information, the TTL of a RANGI RR for a mobile host
   should be set to 0 or a very small value.

as applying to all map replies, not just for mobile hosts.


>> Likewise, it is impossible to estimate how RANGI would handle
>> multihoming service restoration without details of how each host HA can
>> reliably probe the reachability of another host HB via:
>>
>>         HA's two or more ISPs, assuming it is multihomed,
>> and/or  HB's two or more ISPs, assuming it is multihomed.
>>
>> There are serious scaling problems with large numbers of hosts probing a
>> single host - and there are currently no details of what algorithms
>> would be used to decide when to switch to an alternative near or far
>> ISP, and when to switch back after some (unspecified) probing has
>> revealed that the preferred path is working again.  The current proposal
>> provides no details of how hosts would find out about from the ID->Loc
>> mapping system how to probe and make these decisions.  Nor are there any
>> details about how the ID->Loc map reply could specify load sharing or
>> any other inbound TE preferences for when two or more ISP paths are
>> working.
> 
> These details will be considered in the further version.

OK.


>> On page 5, the local host IDs are required to be unique within an AD.
>> This would require an AD-wide registration system whereby each new local
>> host was required to choose another key-pair if its current key pair
>> resulted in a clash - its local host ID being identical to that of
>> another host.
> 
> Not necessary for a host to choose another key-pair in case of ID collision.
> We borrow the ideas from CGA for handling the ID collision issue.

OK - I haven't looked at CGA.


>> I think the use of the term "IPv4" addresses in section 2.2 (Host
>> Locators) is confusing, because readers will typically assume this means
>> existing IPv4 addresses.  Yet, if RANGI is to use the full addressing
>> range of IPv6, it clearly can't be using IPv4 addresses in the global
>> unicast sense, with each one being only used by a single host in the
>> world.
> 
> The intention that IPv4-embeded IPv6 addresses are used as locators in RANGI
> is to reduce the deployment cost of such a new architecture and avoid
> renumbering the site internal routers when changing ISPs. For those site
> networks where private or public IPv4 addresses are used, it is only
> required to upgrade the hosts and the site border routers in order to
> support RANGI. In other words, there is no need to touch the site internal
> routers.

OK - I wasn't questioning the techniques, just that the term "IPv4"
to me indicated addressing compatible with the global IPv4 network.
In fact, as I understand it, these 32 bits could be used in this way,
as you suggest - but they could also be used with addresses which
duplicate those in the IPv4 Internet without any problems.  So I
think a more open term than "IPv4" would be better.


>> Perhaps it would be better to specify that the right-most 32 bits of the
>> Host Locator may involve globally unique global unicast IPv4 addresses,
>> but that these 32 bits need not be associated with the IPv4 Internet at
>> all.  My understanding is that if the networks being converted to RANGI
>> already have their hosts on IPv4 addresses, and have an IPv4 routing
>> system, then this can be used to tunnel packets to these hosts without
>> them having IPv6 stacks or using IPv6 routers.  I don't understand the
>> various scenarios here in a way which makes any practical sense.
>>
>> I understand that when these hosts in a RANGI LD don't have IPv4
>> addresses, then they are basically IPv6 hosts or IPv6-RANGI hosts.
>> Then, the 32 bit values need have nothing to do with IPv4 at all.
>> Although they are still called "IPv4" bits, the text (page 5):
>>
>>    LD IDs are used to globally identify each site network which
>>    is allowed to adopt independent IPv4 address space (either
>>    public or private IPv4 addresses).
>>
>> indicates the values of these 32 bits need only be unique within a given
>> LD.
> 
> If a site network is already IPv6 only, locators of the hosts within that
> network are just ordinary IPv6 PA addresses.

Yes, this is what I understood - so I think referring to these 32
bits primarily as "IPv4" is confusing.


>> RANGI has an advantage over GLI-Split (msg06056) in that a host
>> Identifier can be used on any host in the world - in any LD.  Each LD -
>> each physical routing system of a "site" - is a completely independent
>> concept from the AD-based structure of the Identifier system.
> 
> Correct.

OK - I am yet to hear from Michael Menth and colleagues about my
attempt to understand GLI-Split.  I started by assuming the
Identifiers could be used anywhere, but then I thought - incorrectly
according to Michael - that they could only be used within a given LD
"site".


>> CEE architectures such as RANGI implement Locator/Identifier Separation,
>> which involves hosts in extra routing and addressing management work
>> compared to today's IPv4 and IPv6 naming models, in which the IP address
>> plays both the Identifier and Locator roles.  In today's naming model, a
>> respondent host can reply to a packet it receives without any any
>> further work, because the routing system ensures that the packet will
>> not be delivered to any host other than the one whose Identity is that
>> of the destination address.
> 
> Each model has its pros and cons.

Some CEE architectures avoid encapsulation, which is a big benefit
over CES.   Still, I think this extra work for hosts in CEE is a
really strong reason not to adopt CEE.


>> Compared to the simplicity and speed of today's arrangements, CEE
>> architectures in general require two additional global mapping lookups
>> before a basic two-packet initial exchange can take place.  In addition
>> to any initial DNS lookup which may be involved, the first lookup is by
>> the initiating host, looking up the respondent host's Identifier.  This
>> returns the one or more Locators by which the respondent host can
>> currently be reached.
> 
> This host-initiated lookup eliminate the mapping work done by ITR in CES. As
> for host mobility, this lookup also eliminates the route optimization work
> in Mobile IP since the route is already optimal.

Yes, but the ITR is usually better connected than the host, and won't
be doing lookups over a wireless link.  Also, the CES ITR will
generally do less lookups than the hosts it serves would with CEE,
because the ITR will more frequently already have the mapping cached
due to another host having also sent a packet which required the same
mapping.

In the TTR Mobility architecture, all the MN needs to do is establish
a two-way tunnel to one or more (typically, but not necessarily)
nearby TTRs, and that's it.  The MN doesn't need to do any mapping
lookups, tell correspondent hosts it has a new Locator / CoA IP
address etc.


>> When the resulting packet arrives at the respondent host, a second
>> lookup is typically required - though this is not documented in the
>> current RANGI IDs.  In some cases, the respondent host does not need to
>> be sure of the Identity of the host to which it sends the response
>> packet.  For instance a DNS server may not need to know this - so the
>> second mapping lookup is not required.
>>
>> Assuming the respondent needs to be sure the packet it sends goes to the
>> host whose Identity was in the source field of the initial packet, it
>> cannot trust the Locator which was in the source field of the initial
>> packet - since this packet could have been generated by an attacker.
>> Therefore, a second lookup is required, by the respondent host, querying
>> the presumed initiator's Identifier (at least, the Identifier found in
>> the source field of the initial packet).  Only if the initial packet's
>> source Locator matches the one or more Locators returned by the mapping
>> system can the respondent proceed to send a reply packet.
> 
> I believe the CES model will also face this issue. For example, the ITR of
> the responder's site will also need an ID->Locator lookup when it can't
> trust the RLOC of the incoming packets.

Yes, but this assumes that both hosts are using "edge" space.

In CEE - all hosts adopt the new system.  In CES, only those hosts in
networks which want or need portability, multihoming and inbound TE
adopt it.  So it will frequently be the case that one host is on PA
space, and so the ITR either never gets the packet, or if it does
(being implemented in an on-path router) then it simply forwards the
packet by the usual conventional algorithm, rather than doing a
mapping lookup and tunneling it to an ETR.


>> These are lookups of a global mapping system, with the answers coming
>> from authoritative query servers, due to the zero caching time
>> preventing the results being cached in any resolvers which might be
>> involved in the query.
>>
>> These mapping lookups, and the original DNS lookup, are likely to
>> involve further mapping lookups due to the need to gain Locators for
>> each Identifier of a server which needs to be queried, as part of
>> finding the Identifier and then the Locator of the authoritative server
>> which can actually provide the reply.
>>
>> If the DNS can be enhanced to return not just one or more Identifiers
>> for a given FQDN, but one or more Locators specific to each Identifier,
>> then this would remove the need for the initiating server to perform the
>> first ID->Loc lookup mentioned above.  Sometimes the second can be
> 
> Assuming that not all hosts possess their own FQDNs, the ID->Locator mapping
> system is a must. Hence, the hosts should update its locator in the
> ID->Locator mapping system in the event of mobility or re-homing. If you
> want the DNS to store the locator information, the host would have to update
> its locator information in DNS besides updating the ID->Locator mapping
> system. Do you believe it is still worthwhile?

I think the idea of mobile hosts updating their own mapping is
complex and unnecessary.  In the TTR Mobility approach, the MN only
needs to tunnel from its new address to its one or more TTRs,
authenticating itself with each.  There is no need for mapping
changes, since the mapping is to one of the TTRs.  Mapping only needs
to be changed when a new TTR is used - which is typically only the
case if the MN's new point of access is more than 1000km or so away
from the current TTR.  Even then, the change is not urgent, since the
old TTR can be used perfectly well.  The change is to use a closer
TTR to minimise path lengths.  The 1000km figure is a rough guide -
the system will still work with the MN in London and the TTR in New
Zealand - its just that there will be greater delays and risk of
packet loss.


>> As with GLI-Split at least (ILNP too), there is no mention of how RANGI
>> would work with private address ranges.  For instance, two hosts which
>> share access to a private address range should communicate via the LAN
>> or WAN which supports that range, rather than use RANGI's globally
>> scoped Locators.
> 
> The site network could use private IPv4 addresses. As said in the RANGI
> draft,    "If the communication parties share a same LD ID, they can
> exchange packets directly over an IPv4 tunnel (between them). Otherwise, the
> traffic will be relayed by LDBRs through IPv4 tunnels."

I was thinking of IPv6 private addresses - I should have used the
term "Unique Local Addresses (ULA)" RFC 4193.


>> While RANGI is described as involving a mixed IPv6 and IPv4 deployment,
>> this can be hard to understand - it would be good to have a description
>> of the system being deployed on IPv6 without any reference to IPv4 at all.
> 
> OK, I will add some statement about such case.

OK.


>> RANGI, like (apparently) all other CEE architectures only provides the
>> benefits of (Identifier) portability, multihoming and inbound TE for
>> communication sessions between two upgraded hosts.
> 
> This statement is not true once we take the RANGI proxy mechanisms into
> account. 

What I was trying to say is that if you have two hosts, and one or
both of them is multihomed, then if the requirement is for
multihoming to work when either of the hosts initiates
communications, then both hosts need to be upgraded.

I think this is true of all CEE architectures.

CES architectures are different.

  HA is on conventional space - multihomed with PI or not multihomed
  on PA space.

  HB is on "edge" space and is multihomed via two ISPs, two ETRs etc.
  via the CES architecture.

Full multihoming of HB is supported no matter whether HA or HB
initiates the communication.

As far as I know, if HX is ordinary IPv6, and (via a RANGI proxy)
initiates a communication with HY which is a multihomed RANGI host,
then HY's multihoming will be supported.  However, as far as I know,
if HY initiates the communication with HX, this does not go through
the proxy, and HY behaves like an ordinary IPv6 host.  HX sees it as
such and has no way of sending packets to an alternative address if
the one HY chose to use becomes unreachable.


>> While some CEE architectures can use existing IPv6 applications (GSE and
>> GLI-Split) RANGI is like ILNP and Name Based Sockets in requiring IPv6
>> applications to be rewritten to use Identifiers and Locators.  This may
>> be relatively easy for some applications.  It may be very difficult for
>> others, since the current protocols may rely strongly on the currently
>> valid assumptions that sending a packet to a given IP address will not
>> result in it being delivered to a host other than the one whose identity
>> is specified by that IP address.  (Most applications are written for
>> IPv4 only - though some of the most popular applications such as major
>> Web browsers are able to use IPv6.)
>>
>> RANGI requires the installation of a new router, or an upgrade to an
>> existing one, to perform the "source-based policy routing" described in
> 
> Note that the source-based policy routing is not a new feature. Only the
> source address rewriting requires an upgrade.
> 
> Again, thank you for these detailed comments.

OK - thanks.  Perhaps you can confirm or correct what I wrote about
multihoming.  My initial statement was too terse.

  - Robin