[Hipsec-rg] Re: Native HIP API questions in the hipsec-rg meeting

touch@ISI.EDU (Joe Touch) Thu, 19 August 2004 00:04 UTC

From: touch@ISI.EDU (Joe Touch)
Date: Thu Aug 19 00:04:01 2004
Subject: [Hipsec-rg] Re: Native HIP API questions in the hipsec-rg meeting
In-Reply-To: <469BC1CB99DA5BE2AC85D5FB@[192.168.1.248]>
References: <6938661A6EDA8A4EA8D1419BCE46F24C045223EE@xch-nw-27.nw.nos.boeing .com> <Pine.GSO.4.58.0408161501130.1778@kekkonen.cs.hut.fi> <41211AD3.6080306@netlab.nec.de> <Pine.GSO.4.58.0408172316230.3199@kekkonen.cs.hut.fi> <469BC1CB99DA5BE2AC85D5FB@[192.168.1.248]>
Message-ID: <41237FB6.6080403@isi.edu>

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigABAEEE7E50074E68B99A6CC5
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit



Andrew McGregor wrote:

...
>>> Additionally, as Joe pointed out, interfaces can have aliases, and
>>> furthermore, those aliases may move from one interface to another during
>>> the lifetime of a connection. Binding to IP addresses instead of
>>> interfaces avoids all this update mess.
>>
>>
>> I have to admit that I haven't thought about interface aliases. Still, if
>> the interface alias changes, it creates an event that can be detected in
>> the HIP module. The HIP module can sort out the "mess".
>>
>> But is it really a mess? By changing the alias, you could signal that "I
>> want to take all of my HIP connections from wlan0 to eth0 to get faster
>> connectivity". Can you provide a counter example?
> 
> 
> Interfaces can be transient, for instance I have a system that brings up 
> and tears down tunnels on a regular basis.  At least most of the time, 
> the default route is over one of those tunnels.  To which do I bind by 
> default?
> 
> As well, the subnet containing the other endpoint of those tunnels is 
> host routed by AODV and the routes get updated frequently (sometimes 
> route persistence is only a couple of seconds).  The outgoing interface 
> may change.  To which interface do I bind now?
> 
> Binding (either in the bind() sense or in the associate sense) to an 
> interface just does not make sense.  An endpoint descriptor should be 
> associated with either an IP address (in which case we presume that it 
> is short lived, static, being handled by tunneling or MobileIP, or in 
> another way not a problem) or an HI (in which case it is not a problem 
> either).

As I already posted, it is necessary to bind to an interface/IP address 
pair. Neither one alone is sufficient.

Joe



--------------enigABAEEE7E50074E68B99A6CC5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBI3+7E5f5cImnZrsRApCZAKDQJIET3dGjaUTsKNK/rK3EHfj+2gCfRygm
Fd28vxjPvLNNzrXB/suMYZU=
=hFXH
-----END PGP SIGNATURE-----

--------------enigABAEEE7E50074E68B99A6CC5--

[Hipsec-rg] Re: Native HIP API questions in the h… Pekka Nikander
[Hipsec-rg] Re: Native HIP API questions in the h… Joe Touch
[Hipsec-rg] Re: Native HIP API questions in the h… Andrew McGregor
[Hipsec-rg] Re: Native HIP API questions in the h… Joe Touch
[Hipsec-rg] Re: Native HIP API questions in the h… Joe Touch
[Hipsec-rg] Re: Native HIP API questions in the h… Joe Touch
[Hipsec-rg] Re: Native HIP API questions in the h… Miika Komu
[Hipsec-rg] Re: Native HIP API questions in the h… Tim Shepard
[Hipsec-rg] Re: Native HIP API questions in the h… Lars Eggert
[Hipsec-rg] Re: Native HIP API questions in the h… Tim Shepard
[Hipsec-rg] Native HIP API questions in the hipse… Miika Komu
[Hipsec-rg] meeting minutes from HIP-RG meeting Henderson, Thomas R