Ray, I also agree that requirements and use cases seem the next logical step. I'd be willing to document the ones that we are contemplating. It would be useful to have someone more familiar with DSL/Fiber residential deployments do so there as well.
As has already been mentioned, this is a great conversation but it really belongs on the Homenet list at this point (copying that list in case people are not following both). Jason From: Ray Hunter <[email protected]<mailto:[email protected]>> Date: Tue, 2 Aug 2011 06:12:12 -0400 To: Philip Homburg <[email protected]<mailto:[email protected]>> Cc: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: Re: [v6ops] default LAN routing protocol for IPv6 CE router I think the earlier suggestion of Lee Howard to capture requirements for a home network first is a very good one. In the current discussion, I don't think it's fully defined yet who operates your "generic home router" and under what conditions: whether the home router is one operated by the user onto a shared bridged IPv6 access network, or whether the home router spec will be used by an ISP for purchasing and operating the home router, and which then also has to take into account the user's requirements for more than one local LAN in the home, or whether there are 2 home router devices (one operated by the user and one operated by the ISP), or even more home router devices that also route between IPv6 prefixes. Appropriate behaviour of an interface will depend very much on the management and deployment scenario. In IPv4 + NAT that was pretty much irrelevant. The outbound path and address could be learned by acting as a DHCPv4 client and the reverse path was "learned" via NAT. And each cascaded device could in turn act as a DHCPv4 server for its downstream neighbors. A simple "outbound only" firewall rarely did harm either. So simple cascading pretty much always worked without any configuration at all. What if a user stacks multiple home routers in IPv6? Do you assume / enforce a tree structure for a home network? Do you assume / enforce a single-homed ISP model? I know cascaded PD has been discussed many times in the past, but is there an RFC for how it should operate in practice? RFC5877 says "Renumbering Still Needs Work" So back to requirements, I think a list might conceivably consist of: 1) a home router should automatically discover its neighbors on a per port basis. 2) a home router should able to automatically detect whether each neighbor is in the same management domain or not 3) a home router should control peering in a secure manner 4) a home router should automatically learn prefixes and interface addresses (NB PD is only defined in rfc3769 to be to a single router attached to an ISP link, and sub-delegations within the site are NOT communicated back to the ISP) 5) Depending on its peering, a home router should determine it's position in the network relative to the CPE PD router (the root of the prefix delegation / home network assuming a tree structure). 6) Depending on it's position in the home network, a home router should automatically determine what functions it needs to enable per port (firewall, learning a delegated prefix, delegating further prefixes, management access allowed .... ) Most current IGP's would fulfill many of those requirements, but probably not all. The main problem is I don't think the above list is anywhere near definitive or widely accepted. So saying one protocol or mechanism is "better" than another is then a bit premature IMHO. regards, RayH Philip Homburg wrote: In your letter dated Tue, 02 Aug 2011 09:47:31 +0200 you wrote: If the ISP wants to control a firewall or other equipment on a user's premises then they probably need to provide and own the firewall or CPE. Vice versa for the end user. The mix of a user owned firewall with an ISP provided configuration (even if that's just enable/disable function) just won't work practically in operations. And that's even before the lawyers get involved. It's not an issue that the IETF should attempt to solve/ automate using protocols IMVHO. I don't think it is matter of an ISP wanting to control the user's firewall. Suppose you have a generic home router, just a bunch of ethernet ports and some proessing in a small box. If the home router is attached to a WAN link, then it has to enable its firewall to separate the WAN link from the internal links. If the router is used internal to the user's network then it should not enable its firewall, unless one of the ports is connected to the guest network but then it should have a firewall tailered to guest networks. How do you construct a router such that the router always knows what it has to do, or at least is in some sense fail-safe? ________________________________ This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
