[120633] in North American Network Operators' Group
Re: ip-precedence for management traffic
daemon@ATHENA.MIT.EDU (David Conrad)
Tue Dec 29 14:01:49 2009
From: David Conrad <drc@virtualized.org>
In-Reply-To: <74DF6987-7398-4CAF-AF05-9942677F00A6@cs.columbia.edu>
Date: Tue, 29 Dec 2009 11:00:56 -0800
To: Steven Bellovin <smb@cs.columbia.edu>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 29, 2009, at 7:08 AM, Steven Bellovin wrote:
> On Dec 29, 2009, at 9:29 AM, Sachs, Marcus Hans (Marc) wrote:
>> Totally out of the box, but here goes: why don't we run the entire =
Internet management plane "out of band" so that customers have minimal =
ability to interact with routing updates, layer 3/4 protocols, DNS, =
etc.? =20
> I hope you're joking. If not, I have two questions: how can this be =
done, and what will the side-effects be?
Actually...
Some of the models proposed in the IRTF Routing Research Group separate =
the "access network" from the "transport network". That is, end devices =
would be numbered from a different "namespace" than the nodes in the =
transport network. This would allow for the separation of identity from =
network topology allowing much greater scalability of the routing system =
(at the cost of requiring a mapping system that maps end point =
identifiers to/from network topology locators). Think of it as an =
automated ubiquitous end-to-end tunneling system that tunnels traffic =
to/from identifiers. A side effect of this approach would be along the =
lines what Marc is suggesting.
> Take BGP, for example. The average residential consumer doesn't need =
BGP, doesn't speak it, and has no real ability to interfere with it, so =
there's no problem. But a multihomed customer *must* speak it. =20
Multihoming in the above model would simply mean the output of the =
mapping service of an identifier would result in two (or more) locators. =
Changing ISPs means simply changing the identifier to locator mapping. =
Ah, the joys of indirection...
Of course, I'm a bit doubtful any of the models discussed in RRG or even =
LISP will gain much traction.
> As for side-effects -- how can you proxy everything? Do you know =
every application your customers are running? Must someone who invents =
a new app first develop a proxy and persuade every ISP that it's safe, =
secure, high-enough performance, and worth their while to run? It's =
worth remembering that most of the innovative applications have come =
from folks whom no one had ever heard of.
I dunno. Seems the vast majority of Internet users are happy with this =
model, given they are sitting behind a NAT box....
Regards,
-drc
