Brian, I’m out for a couple of weeks but wanted to thank you for this note.
Michael Richardson will likely have good comments but for now I’ve set a
calendar event to catch up when I return and also have created a github issue
to track this.
https://github.com/anima-wg/anima-bootstrap/issues/22
- max
> On Jul 3, 2017, at 11:32 PM, Brian E Carpenter <[email protected]>
> wrote:
>
> Hi,
>
> I am still trying to figure out what you really want to say in sections
> 3.1.1. Proxy Discovery Protocol Details and 3.1.2. Registrar Discovery
> Protocol Details.
>
> 1. Why doesn't section 3.1.1 mention IP-in-IP (protocol 41)? Surely the
> pledge needs to know about it?
>
> 2. The description is wrong anyway; see
> https://tools.ietf.org/html/draft-carpenter-anima-ani-objectives-02#section-2.3
> for something that can work.
>
> 3. In section 3.1.2, as I already pointed out, the proposal is really a
> misuse of the GRASP discovery response message. Not a problem, we simply
> replace it with a synchronization response; see
> https://tools.ietf.org/html/draft-carpenter-anima-ani-objectives-02#section-2.2.
>
> But regardless of that, I am confused by the example locators:
> locator1 = [O_IPv6_LOCATOR, fd45:1345::6789, 6, 443]
> locator2 = [O_IPv6_LOCATOR, fd45:1345::6789, 17, 5683]
> locator3 = [O_IPv6_LOCATOR, fe80::1234, 41, nil]
>
> The first two are OK. The ports announced by the proxy to the pledges may be
> different. If the registrar sends [O_IPv6_LOCATOR, fd45:1345::6789, 6,
> 443], the proxy might announce [O_IPv6_LOCATOR, fe80::4321, 6, 9999] - the
> proxy's link-local address and a different port chosen by the proxy.
>
> But the third locator sent by the Registrar indicates a meaningless
> link-local address, because it could come from many hops away. At first I
> thought this was a confusion with the previous (proxy-to-pledge) case, where
> all addresses must be link-local. But no: this text is just confused, I think:
>
> A protocol of 41 indicates that packets may be IPIP proxy'ed. In the
> case of that IPIP proxying is used, then the provided link-local
> address MUST be advertised on the local link using proxy neighbour
> discovery. The Join Proxy MAY limit forwarded traffic to the
> protocol (6 and 17) and port numbers indicated by locator1 and
> locator2. The address to which the IPIP traffic should be sent is
> the initiator address (an ACP address of the Registrar), not the
> address given in the locator.
>
> A link local address provided by the Registrar is completely invalid except
> on the relevant link connected directly to the Registrar. So it definitely
> must not be given to anybody off that link. At the moment I have no idea how
> the IP-in-IP is supposed to work. Appendix C doesn't help much. Apart from
> anything else, it mentions a non-existent GRASP message type. I can sort of
> see what you want to do, but it isn't a codable spec at the moment.
>
> Maybe you can provide a complete example of the packet flow, where the pledge
> has link-local address Lp, the proxy has link-local address Lx and ACP
> address Ax, and the registrar has ACP address Ar. And to make my concern
> clear, the registrar has the link-local address Lp, by chance the same as the
> pledge, although on a different LAN.
>
> Regards
> Brian
>
> _______________________________________________
> Anima mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/anima
_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
