[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [DNA] Route vs Advertise

To: James Kempf <kempf@docomolabs-usa.com>
Subject: Re: [DNA] Route vs Advertise
From: Sathya Narayanan <sathya@research.panasonic.com>
Date: Fri, 03 Jun 2005 10:59:30 -0400
Cc: greg.daley@eng.monash.edu.au, Erik Nordmark <erik.nordmark@sun.com>, Dna <dna@eng.monash.edu.au>
In-reply-to: <024201c56841$a9491870$5e6015ac@dcml.docomolabsusa.com>
Organization: Panasonic Technologies Company
References: <429F4329.1040807@Research.Panasonic.COM><429FBC9E.1070507@eng.monash.edu.au><024201c56841$a9491870$5e6015ac@dcml.docomolabsusa.com>
Sender: owner-dna@ecselists.eng.monash.edu.au
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)

Jim -

>That is right, however, this is an optional feature of SEND, 
>
From 3971,

"nodes SHOULD verify that the prefix specified"
and
" Nodes SHOULD use one of the certified subnet prefixes for stateless autoconfiguration"

These conditions are SHOULDs to leave these features optional, is it?

>because many
>ISPs may not have the ability to add the special attributes to the router
>certs.
>  
>
Can you please point me to the place where these special attributes may
not be added to the certificates?

thanks,
Sathya

>----- Original Message ----- 
>From: "Greg Daley" <greg.daley@eng.monash.edu.au>
>To: "Sathya Narayanan" <sathya@research.panasonic.com>
>Cc: "Erik Nordmark" <erik.nordmark@sun.com>; "Dna" <dna@eng.monash.edu.au>
>Sent: Thursday, June 02, 2005 7:12 PM
>Subject: Re: [DNA] Route vs Advertise
>
>
>  
>
>>Hi Sathya,
>>
>>Sathya Narayanan wrote:
>>    
>>
>>>Erik -
>>>
>>>It was my understanding that, a host can choose a prefix advertised by
>>>R1 for its address configuration and use R2 as the default router
>>>through which it sends is packets; i.e. advertising a prefix doesn't
>>>mean the router is the only one that can route it.
>>>
>>>In SEND, 3971, section 7.3:
>>>
>>>Constrained
>>>
>>>      If the network operator wants to constrain which routers are
>>>      allowed to route particular subnet prefixes, routers should be
>>>      configured with certificates having subnet prefixes listed in the
>>>      prefix extension.  These routers SHOULD advertise the subnet
>>>      prefixes that they are certified to route, or a subset thereof.
>>>
>>>....
>>>
>>>   Nodes SHOULD use one of the certified subnet prefixes for stateless
>>>   autoconfiguration.  If none of the advertised subnet prefixes match,
>>>   the host SHOULD use a different advertising router as its default
>>>   router, if one is available.
>>>
>>>
>>>This text seems to imply that routers advertising a prefix means they
>>>are the ones allowed to route it.
>>>Am I missing something?
>>>      
>>>
>>I remember this issue from SEND.
>>
>>Someone else may remember better though.
>>
>>The issue in SEND is essentially that in some circumstances we want to
>>guarantee that a router is actually delegated authority to route for
>>that prefix.   This is in the Certificate, not the PIO.
>>
>>I'd guess that the origin of the prefix doesn't matter (which RA the
>>PIO arrives in), although the certificate would indicate that only
>>those prefixes which are similarly authorized should be used as next
>>hops for packets with that source address.
>>
>>Greg
>>    
>>

Follow-Ups:
- Re: [DNA] Route vs Advertise
  - From: James Kempf <kempf@docomolabs-usa.com>

References:
- [DNA] Route vs Advertise
  - From: Sathya Narayanan <sathya@research.panasonic.com>
- Re: [DNA] Route vs Advertise
  - From: Greg Daley <greg.daley@eng.monash.edu.au>
- Re: [DNA] Route vs Advertise
  - From: James Kempf <kempf@docomolabs-usa.com>

Prev by Date: Re: [DNA] comments on draft-ietf-dna-hosts-00
Next by Date: Re: [DNA] Route vs Advertise
Prev by thread: Re: [DNA] Route vs Advertise
Next by thread: Re: [DNA] Route vs Advertise
Index(es):
- Date
- Thread