RE: [BEHAVE] Lack of need for 66nat : Long term impactto applicationdevelopers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Christian Huitema wrote:
> > I'm not sure I believe in the need for topology hiding.  But if I
> did,
> > on v6 I'd just allocate a separate subnet or group of subnets for
> > external access.  If really necessary, have such hosts set up IP over
> > IP or L2TP tunnels to a concentrator; that will make this external
> > access net look flat.
> 
> That idea has been advanced quite a few times, but there is not a whole
> lot of code written or products deployed. There are a few interesting
> issues, e.g. the cost of tunneling versus in terms of overhead or
> management, or the deployment of adequate source address selection
> policies.

This approach is discussed in 4864 using mIPv6 as the automated tunneling
mechanism to the home agent at the network border. The entire point of
topology hiding is to make all end systems look like they exist at the
network border, and a mIPv6 home agent makes all associated end systems look
like they are hosted from it, and as long as route optimization is blocked
at the firewall the remote system will never see that tunneling is happening
within the corporate network. There is shipping code for home agents and
some for mIPv6 clients. If we could just get a major vendor to ship their
implementation.....

> 
> Actually, rather than tunneling, have we seriously consider flat host
> based routing in a corporate network? A combination of DHT and caching
> technologies ought to make that quite scalable.

4864 does suggest host routes as an alternative, but the 66nat fanatics
refuse to read that section.


Tony






_______________________________________________

Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]