[RAM] Thoughts about context-dependency of id/loc semantics (long)
Brian E Carpenter <brc@zurich.ibm.com> Tue, 09 January 2007 15:06 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1H4IYp-00012L-AL; Tue, 09 Jan 2007 10:06:47 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H4IYo-00012G-GF for ram@iab.org; Tue, 09 Jan 2007 10:06:46 -0500
Received: from mtagate6.uk.ibm.com ([195.212.29.139]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1H4IYm-0005nq-Kh for ram@iab.org; Tue, 09 Jan 2007 10:06:46 -0500
Received: from d06nrmr1407.portsmouth.uk.ibm.com (d06nrmr1407.portsmouth.uk.ibm.com [9.149.38.185]) by mtagate6.uk.ibm.com (8.13.8/8.13.8) with ESMTP id l09F6fGv157420 for <ram@iab.org>; Tue, 9 Jan 2007 15:06:41 GMT
Received: from d06av03.portsmouth.uk.ibm.com (d06av03.portsmouth.uk.ibm.com [9.149.37.213]) by d06nrmr1407.portsmouth.uk.ibm.com (8.13.6/8.13.6/NCO v8.1.1) with ESMTP id l09F6gJd1724492 for <ram@iab.org>; Tue, 9 Jan 2007 15:06:42 GMT
Received: from d06av03.portsmouth.uk.ibm.com (loopback [127.0.0.1]) by d06av03.portsmouth.uk.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id l09F6f6l025428 for <ram@iab.org>; Tue, 9 Jan 2007 15:06:41 GMT
Received: from sihl.zurich.ibm.com (sihl.zurich.ibm.com [9.4.16.232]) by d06av03.portsmouth.uk.ibm.com (8.12.11.20060308/8.12.11) with ESMTP id l09F6fVj025416 for <ram@iab.org>; Tue, 9 Jan 2007 15:06:41 GMT
Received: from [9.4.210.68] ([9.4.210.68]) by sihl.zurich.ibm.com (AIX4.3/8.9.3p2/8.9.3) with ESMTP id QAA232696 for <ram@iab.org>; Tue, 9 Jan 2007 16:06:40 +0100
Message-ID: <45A3AF7F.5000104@zurich.ibm.com>
Date: Tue, 09 Jan 2007 16:06:39 +0100
From: Brian E Carpenter <brc@zurich.ibm.com>
Organization: IBM
User-Agent: Thunderbird 1.5.0.9 (Windows/20061207)
MIME-Version: 1.0
To: ram@iab.org
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9a2be21919e71dc6faef12b370c4ecf5
Subject: [RAM] Thoughts about context-dependency of id/loc semantics (long)
X-BeenThere: ram@iab.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Routing and Addressing Mailing List <ram.iab.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/ram>
List-Post: <mailto:ram@iab.org>
List-Help: <mailto:ram-request@iab.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=subscribe>
Errors-To: ram-bounces@iab.org
It is well established that naming, addressing and routing are conceptually separate (or should be!) [IEN19, IEN48, RFC1498] are formative in this regard. For a long time, the view in the the IETF community was that DNS took care of naming, IP took care of addressing, and routing protocols took care of routing. As growth in the Internet accelerated, cracks appeared in this simplistic view [RFC2101, RFC2775]. Emerging issues such as multihoming, the need for sites to change ISPs, mobility, and end to end security have led to increasing perception that the "addressing" concept has two very distinct aspects: - identifying something - locating something It might be thought that "identifying something" is what a name does. But it turns out that 'example.com' (which in the original concept of DNS would have identified a specific interface on a specific computer) is in fact a virtual name that generally identifies a company called 'Example' and typically leads to a server pool (i.e. multiple computers). Here, we are not talking about that. We are talking about identifying network level entities - put simply, they could be individual TCP/IP stacks or they could be conglomerates generally known as "sites". The word "stack" was defined as the entity to be identified by the IRTF Namespace Research Group in an unpublished document (draft-irtf-nsrg-report) thus: " Today, a host may represent multiple entities. This happens when a service provider hosts many web sites on one server. Similarly, a single entity may be represented by multiple hosts. Replicated web servers are just such an example. These entities are "protocol stacks" or simply "stacks", instantiations of the TCP/IP model, be they across one or many hosts. A stack is defined as one participant or the process on one side of an end-to-end communication. That participant may move and may be represented by multiple hosts... Each instance of a stack has a name, a "stack name". At an architectural level the Name Space Research Group debated the value of such names, and their associated costs. Forms of this name are used in numerous places today. SSH uses public/private key pairs to identify end points. An HTTP cookie anonymously identifies one end of a communication, in such a manner that both the connection and the IP address of the other end point may change many times. Stack names are intended to identify mobile nodes, devices behind NATs, and participants in a content delivery or overlay network." To send a packet to a stack, we need its identity and we need to know where that identity is currently located. Today stack identity and stack location are both somehow combined in an IP address (whether it's IPv4 or IPv6 doesn't matter.) If a stack is identified as 10.1.2.3 we expect the routing system to treat this as a stack locator. Similarly, if a site is identified as 10/8, we expect the routing system to treat this as a site locator. But this example is deliberately a broken one - we know that address and that prefix are ambiguous, and have no global value either as identifiers or as locators. Yet within a given network using private addresses, 10.1.2.3 is a perfectly good stack identifier and locator, and 10.1.2/24 is a pefectly good subnet locator. What is going on here is an illustration of a much more general observation: an IP address, or an IP prefix (the high order bits of an address) can be a stack (or site) identifier, a locator, neither, or both simultaneously *depending on context*. To be specific: - inside a NATted site, 10.1.2.3 is a good stack ID and a good stack locator. outside the site, it becomes simply meaningless garbage bits. - if the site's NAT box has public address 192.0.2.1, then the stack identified internally could be identified externally as 192.0.2.1:<some port number> and its locator would be 192.0.2.1. The mess here is that an IP address is no longer sufficient as a stack identifier, and of course the port number is only borrowed until the NAT decides to take it away. - if a site has a tunnelled connection to another site, it could be (for example) that 10.1.2.3 is a good identifier on both sites (because they have agreed administratively to divide 10/8 between them) but the locator, as far as site B is concerned, is 192.0.2.77 (because that happens to be the tunnel address in the B to A direction). But for anyone else on the Internet, 192.0.2.77 is meaningless. We could give more examples, and give IPv6 examples. But the conclusion is inescapable: whether an IP address is an identifier, a locator, both, or neither depends on context, and not on the syntax or semantics of the address itself. Exactly the same applies to prefixes. The question that this leads to is whether the simple notion of "locator/identifier split" is actually meaningful. Is this context-dependence of the semantics of an IP address an accident due to slow drift in the Internet's architecture, or is it actually a desirable property of the namespace for IP stacks? To answer this, we need to identify the properties required for a stack identifier namespace and those for a stack locator namespace. If the required properties turn out to be orthogonal, a simple split may be possible; if they turn out to be inseparable, a simple split may be impossible, and the context-dependency mentioned above may be inevitable. Brian _______________________________________________ RAM mailing list RAM@iab.org https://www1.ietf.org/mailman/listinfo/ram
- [RAM] Thoughts about context-dependency of id/loc… Brian E Carpenter
- RE: [RAM] Thoughts about context-dependency of id… Bound, Jim
- RE: [RAM] Thoughts about context-dependency of id… Peter Sherbin
- RE: [RAM] Thoughts about context-dependency of id… Don Fedyk
- Re: [RAM] Thoughts about context-dependency of id… JUAN-JOSE.ADAN