[89259] in North American Network Operators' Group
Re: shim6 @ NANOG
daemon@ATHENA.MIT.EDU (Iljitsch van Beijnum)
Mon Mar 6 06:57:19 2006
In-Reply-To: <20060305203409.6e1fb437.smb@cs.columbia.edu>
Cc: Tony Li <tony.li@tony.li>, stephen@sprunk.org, nanog@merit.edu
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Mon, 6 Mar 2006 12:56:35 +0100
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Errors-To: owner-nanog@merit.edu
On 6-mrt-2006, at 2:34, Steven M. Bellovin wrote:
> What Tony said, especially about what happened to 8+8. A lot of the
> grounds for rejection were security, but there wasn't a single
> security
> person on the committee. In my opinion, most of the arguments just
> didn't hold up.
[RB = routing bits, IB = identity bits]
So when I send you an 8+8 packet where [RB=me+IB=www.paypal.com] how
do you know that this is bad while if Paypal sends you a packet with
[RB=paypal+IB=www.paypal.com] that's good?
Also, how does 8+8 accomplish failover?
Original 8+8/GSE is incomplete. If you add the necessary extra stuff
and think about backward compatibility for a while, you end up with
something that's extremely close to shim6. If we add source address
rewriting to shim6 (which is certainly doable) the family resemblence
becomes even clearer.
