Home page logo
/

nanog logo nanog mailing list archives

Re: shim6 @ NANOG (forwarded note from John Payne)
From: Joe Abley <jabley () isc org>
Date: Wed, 1 Mar 2006 01:47:45 -0500



On 1-Mar-2006, at 01:09, Randy Bush wrote:

How about some actual technical complaints about shim6?

good question.  to give such discussion a base, could you
point us to the documents which describe how to deploy it in
the two most common situation operators see
  o a large multi-homed enterprise customer

There are no documents describing deployment. Probably there should be.

The general approach is presumably well-known (for those for whom it is not, go browse around <http://www.ietf.org/html.charters/shim6- charter.html>, and perhaps in particular <http://www.ietf.org/ internet-drafts/draft-ietf-shim6-proto-03.txt>.

Deployment in an enterprise is a matter of:

 (a) deploying hosts with shim6-capable stacks within the enterprise;

(b) arranging for those hosts to receive addresses in each PA assignment made by each transit provider (multiple PA addresses per interface), e.g. using dhcp6;

(c) optionally, perhaps, installing shim6 middleware at some suitable place between host and border in order to impose site policy or modulate locator selection by the hosts.

In the event that one provider goes away, the internal address assignment infrastructure doesn't need to participate in the traditional handwave magic IPv6 renumbering protocol; shim6-capable hosts talking to other shim6-capable hosts will switch locators based on observed failure of the dead transit provider's addresses to work; transport-layer sessions are hence preserved.

You will note I have glossed over several hundred minor details (and several hundred more not-so-minor ones). The protocols are not yet published; there is no known implementation.

  o a small to medium multi-homed tier-n isp

A small-to-medium, multi-homed, tier-n ISP can get PI space from their RIR, and don't need to worry about shim6 at all. Ditto larger ISPs, up to and including the largest.

Individual ISP customers (e.g. residential users, small/home office users) can multi-home in the same way as hosts within an enterprise network. For residential users, for example, step (b) above might be achieved by installing two NICs, and attaching one to the cable modem and the other to the DSL modem; step (c) would be unnecessary.

Content providers have a different set of problems, since a server with N simultaneously-active clients, each with an average of M available locators needs to deal with N*M worth of state, which is presumably M times worse than the situation today.

For very large content providers, aggregating very large numbers of simultaneous clients through load balancers or other middleboxes, this is quite possibly not something that is going to be a simple matter of upgrading to a shim6-capable firmware release.


Joe


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]