Re: [v6tc] Re: Tunneling and Transition Drafts
Jeroen Massar <jeroen@unfix.org> Tue, 12 April 2005 20:26 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA06513; Tue, 12 Apr 2005 16:26:15 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DLS7K-0005xL-NL; Tue, 12 Apr 2005 16:36:15 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DLRx3-0002o2-3T; Tue, 12 Apr 2005 16:25:37 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DLRx1-0002eN-Ef for v6tc@megatron.ietf.org; Tue, 12 Apr 2005 16:25:35 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA06197 for <v6tc@ietf.org>; Tue, 12 Apr 2005 16:25:25 -0400 (EDT)
Received: from 213-136-24-43.adsl.bit.nl ([213.136.24.43] helo=purgatory.unfix.org ident=postfix) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DLS6U-0005qR-7f for v6tc@ietf.org; Tue, 12 Apr 2005 16:35:25 -0400
Received: from firenze.zurich.ibm.com (pat.zurich.ibm.com [195.176.20.45]) (using SSLv3 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by purgatory.unfix.org (Postfix) with ESMTP id 1B6CC8687; Tue, 12 Apr 2005 22:25:08 +0200 (CEST)
Subject: Re: [v6tc] Re: Tunneling and Transition Drafts
From: Jeroen Massar <jeroen@unfix.org>
To: Fred Baker <fred@cisco.com>
In-Reply-To: <23ec6165fdb2ab7b2f3946e45caef796@cisco.com>
References: <BE78FA5D.F1CA3%jordi.palet@consulintel.es> <425395F8.50501@renater.fr> <Pine.LNX.4.61.0504061057570.11494@netcore.fi> <4253EBCF.8030800@renater.fr> <20050412143053.GQ22380@login.ecs.soton.ac.uk> <23ec6165fdb2ab7b2f3946e45caef796@cisco.com>
Organization: Unfix
Date: Tue, 12 Apr 2005 22:25:03 +0200
Message-Id: <1113337503.25395.80.camel@firenze.zurich.ibm.com>
Mime-Version: 1.0
X-Mailer: Evolution 2.2.1.1
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7fa173a723009a6ca8ce575a65a5d813
Cc: "'v6ops@ops.ietf.org '" <v6ops@ops.ietf.org>, v6tc@ietf.org
X-BeenThere: v6tc@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: v6tc.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/v6tc>, <mailto:v6tc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/v6tc>
List-Post: <mailto:v6tc@ietf.org>
List-Help: <mailto:v6tc-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/v6tc>, <mailto:v6tc-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0404484946=="
Sender: v6tc-bounces@ietf.org
Errors-To: v6tc-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: a1852b4f554b02e7e4548cc7928acc1f
On Wed, 2005-04-13 at 02:44 +0800, Fred Baker wrote: > I'm perfectly happy to standardize on existing types of tunnels - > IPsec, GRE, IPv4/IPv6, IPv4/IPv4, IPv6/IPv4, IPv6/IPv6, L2TP, or > whatever. If we don't solve the rendezvous problem (and btw communicate > to the peer what kind of tunnel a given gateway is willing to support) > we have not *touched* the transition problem. L2TP seems to cover the hole quite well. Except for the fact that there is no discovery and the datastream of L2TPv2, as LTPv3 has some magic stuff to fix it, can easily be spoofed, just like proto-41. IPSec can solve this, but requires authentication and external setup again. L2TP covers imho 90% of the cases. But... if you don't have a PPP infra it will be (harder) to setup. And it doesn't allow for quick mobility like in AYIYA or proto41+heartbeat. Thus when switching IP addresses (walking to another floor with your wireless) the tunnel needs to notice (L2TP StopCCN) that it is failing and renegotiate, which takes a few secs, not more, but might give a different IP etc as it will do RA's again or DHCPv6, which might take a bit longer and most likely will break your SSH session if you like this. But we are not standardizing Mobile IP here ;) It might be, according to some that L2TP+PPP is heavy code, including definitions about 2k lines of code for a minimal implementation that works. Overhead of a L2TP tunnel including PPP is minimal. At least it won't be noticed much when you are streaming video's over your neato G3's or whatever cellphone. Btw, anonymous tunnels in L2TP can be solved by not letting the server request authentication and letting it reject auth attempts from the client. Though I have not been able to verify how many servers support this. TSP or a similar protocol is IMHO a must, because L2TP simply can't be deployed everywhere and better, not everybody wants it: Market::Decide() TSP is handy in all cases, it can also have a template pointing to a L2TP server etc. Next to that there is a client available for all platforms. As for the point made in the minutes that there is only one implementation, AICCU will support TSP too as an option in the near future. > And what I would like to see happen is for someone, somewhere - and > note that I am very willing to do this in v6ops if people want and also > willing to send it to v6tc or wherever else - to solve that rendezvous > problem. As a result, I would like to see the various competing > transition strategies all rendered OBE and get everyone to converge on > a single transition approach. I've finally submitted my "_service" draft to the secretariat, it should appear shortly in dnsop. I'll forward it to v6ops + v6tc when it is there. In "short": Anycast prefix 1.2.3.0/24, on which on 1.2.3.53 there is a DNS server listening. This is a (caching) recursive server which can be used for looking up anything (www.google.com www.ietf.org etc). It is also authoritive for the "_service." domain, in which we stick SRV records. Usually _service is a DNAME to _service.example.net. Which fulfills the searchpath, if the user does not have this special DNS server configured, but does have it's ISP's domain in the searchpath, then the resolver will come to _service.example.net because of the searchpath. Thus, client gets turned on, it gets connectivity, it needs to lookup something, resolver is default configured to 1.2.3.53, resolving thus works. The prefix is anycasted by it's or another ISP, who can filter on wish etc. If user needs a service, eg SMTP, it resolves the SMTP SRV records, which can specify load balancing and other stuff. Same for POP3, IMAP, or lookup eg help.www._service which returns a TXT record to the URL of the servicedesk of the ISP you are using. For the v6ops/v6tc case a client can first try l2tp.ipv6._service if that exists, use it, then try tsp.ipv6._service, if that exists, use that one. Discovery solved in the most generic way. It does indeed take a couple of resolves, but hey people want it automatically. As for the ones screaming "but I don't want a default thing" then configure the client you are using for doing this. Of course a similar prefix for IPv6 so that this also solves dns configuration. Another good thing is that, assuming you have connectivity you will always have the closest dns server, also ISP's can then nicely block all the RFC1918 registrations in those, but that is most likely just a good hope from me, most don't even filter... Greets, Jeroen
_______________________________________________ v6tc mailing list v6tc@ietf.org https://www1.ietf.org/mailman/listinfo/v6tc
- [v6tc] Re: Tunneling and Transition Drafts (fwd) Pekka Savola
- Re: l2tp support on OS's Re: [v6tc] Re: Tunneling… JORDI PALET MARTINEZ
- [v6tc] Re: Tunneling and Transition Drafts JORDI PALET MARTINEZ
- [v6tc] Re: Tunneling and Transition Drafts Fred Baker
- Re: [v6tc] Re: Tunneling and Transition Drafts Jerome Durand
- Re: [v6tc] Re: Tunneling and Transition Drafts Pekka Savola
- Re: [v6tc] Re: Tunneling and Transition Drafts Soininen Jonne (Nokia-NET/Helsinki)
- Re: [v6tc] Re: Tunneling and Transition Drafts Jerome Durand
- RE: [v6tc] Re: Tunneling and Transition Drafts Bound, Jim
- RE: [v6tc] Re: Tunneling and Transition Drafts Bound, Jim
- Re: [v6tc] Re: Tunneling and Transition Drafts Thomas Narten
- Re: Fwd: [v6tc] Re: Tunneling and Transition Draf… Thomas Narten
- Re: [v6tc] Re: Tunneling and Transition Drafts JORDI PALET MARTINEZ
- Fwd: [v6tc] Re: Tunneling and Transition Drafts Fred Baker
- Re: [v6tc] Re: Tunneling and Transition Drafts Fred Baker
- RE: [v6tc] Re: Tunneling and Transition Drafts Soohong Daniel Park
- Re: [v6tc] Re: Tunneling and Transition Drafts Radhakrishnan Suryanarayanan
- Re: [v6tc] Re: Tunneling and Transition Drafts Jerome Durand
- Re: [v6tc] Re: Tunneling and Transition Drafts Jeroen Massar
- Re: [v6tc] Re: Tunneling and Transition Drafts Pekka Savola
- Re: [v6tc] Re: Tunneling and Transition Drafts JORDI PALET MARTINEZ
- Re: [v6tc] Re: Tunneling and Transition Drafts Thomas Narten
- Re: [v6tc] Re: Tunneling and Transition Drafts Jeroen Massar
- Re: [v6tc] Re: Tunneling and Transition Drafts JORDI PALET MARTINEZ
- Re: [v6tc] Re: Tunneling and Transition Drafts Pekka Savola
- Re: [v6tc] Re: Tunneling and Transition Drafts JORDI PALET MARTINEZ
- Re: [v6tc] Re: Tunneling and Transition Drafts Jeroen Massar
- Re: [v6tc] Re: Tunneling and Transition Drafts Vladimir Kotal
- Re: [v6tc] Re: Tunneling and Transition Drafts Jerome Durand
- Re: [v6tc] Re: Tunneling and Transition Drafts Jeroen Massar
- Re: [v6tc] Re: Tunneling and Transition Drafts JORDI PALET MARTINEZ
- Re: [v6tc] Re: Tunneling and Transition Drafts Jeroen Massar
- Re: [v6tc] Re: Tunneling and Transition Drafts JORDI PALET MARTINEZ
- Re: [v6tc] Re: Tunneling and Transition Drafts W. Mark Townsley
- Re: [v6tc] Re: Tunneling and Transition Drafts Jeroen Massar
- Re: [v6tc] Re: Tunneling and Transition Drafts W. Mark Townsley
- Re: [v6tc] Re: Tunneling and Transition Drafts Francis Dupont
- Re: [v6tc] Re: Tunneling and Transition Drafts Francis Dupont
- Re: [v6tc] Re: Tunneling and Transition Drafts Francis Dupont
- Re: [v6tc] Re: Tunneling and Transition Drafts Jeroen Massar
- [v6tc] Let the market decide or not: L2TP and/or … Alain Durand
- Re: [v6tc] Re: Tunneling and Transition Drafts W. Mark Townsley
- Re: [v6tc] Let the market decide or not: L2TP and… JORDI PALET MARTINEZ
- Re: [v6tc] Re: Tunneling and Transition Drafts JORDI PALET MARTINEZ
- Re: [v6tc] Let the market decide or not: L2TP and… W. Mark Townsley
- l2tp support on OS's Re: [v6tc] Re: Tunneling and… Jeroen Massar
- Re: [v6tc] Let the market decide or not: L2TP and… Alain Durand
- Re: [v6tc] Let the market decide or not: L2TP and… Pekka Savola
- Re: [v6tc] Let the market decide or not: L2TP and… Francis Dupont
- Re: l2tp support on OS's Re: [v6tc] Re: Tunneling… JORDI PALET MARTINEZ
- Re: l2tp support on OS's Re: [v6tc] Re: Tunneling… Jeroen Massar
- Re: l2tp support on OS's Re: [v6tc] Re: Tunneling… W. Mark Townsley
- Re: l2tp support on OS's Re: [v6tc] Re: Tunneling… Francis Dupont
- Re: [v6tc] Let the market decide or not: L2TP and… Jerome Durand
- Re: [v6tc] Let the market decide or not: L2TP and… Jerome Durand
- Re: [v6tc] Re: Tunneling and Transition Drafts Tim Chown
- Re: [v6tc] Let the market decide or not: L2TP and… Pekka Savola
- Re: [v6tc] Re: Tunneling and Transition Drafts Fred Baker
- Re: [v6tc] Re: Tunneling and Transition Drafts Jeroen Massar
- Re: [v6tc] Re: Tunneling and Transition Drafts Fred Baker
- Re: [v6tc] Re: Tunneling and Transition Drafts Jeroen Massar
- Re: [v6tc] Re: Tunneling and Transition Drafts Jeroen Massar
- Re: [v6tc] Re: Tunneling and Transition Drafts Tim Chown
- Re: [v6tc] Re: Tunneling and Transition Drafts Fred Baker
- Re: [v6tc] Re: Tunneling and Transition Drafts Ronald.vanderPol
- Re: [v6tc] Re: Tunneling and Transition Drafts Ronald.vanderPol