Joel, On Aug 14, 2013, at 5:57 AM, Joel M. Halpern <[email protected]> wrote:
> The virtual router question is an interesting one. I believe that the answer > is "it depends". > On the one hand there is a base device. There may or may not need to be > capability for I2RS access to that entity. It seems to me that this is dependent on whether the device is part of the routing system -- not whether it is physical or virtual. Does it have a RIB, participates in routing, and an interface to routing? If the answer is yes, then I2RS needs access (whether the base device or an individual virtual one). > Then there are the individual virtual routers. My inclination would be to > use separate I2RS clients, each with a separate I2RS identity and identifier. I agree with this (assuming you meant to write "I2RS agent" or "I2RS server" instead of "I2RS client") -- basically, if it is a node in the topology, it needs its I2RS identity. > But there appears to be enough flexibility in the modeling that we are > discussing that one could probably model it as one I2RS agent with various > pieces and parts. In which case that one agent has only one identity and one > identifier. > I think there's potentially more than this, namely: proposed I2RS topology information models support node aggregation / virtual topologies. Shouldn't each node at a different level of the hierarchy have its own identity (and identifier)? Thanks, -- Carlos. > Yours, > Joel > > On 8/14/13 5:24 AM, t.petch wrote: >> ----- Original Message ----- >> From: "Alia Atlas" <[email protected]> >> To: "Joe Marcus Clarke" <[email protected]> >> Cc: <[email protected]> >> Sent: Tuesday, August 13, 2013 9:01 PM >> >> >>> Hi Joe, >>> >>> Thanks for the detailed review and suggestions. Responses are >> in-line. >>> >>> Alia >>> >>> On Wed, Jul 31, 2013 at 6:57 AM, Joe Marcus Clarke >> <[email protected]>wrote: >>> >> <snip> >>>> Section 6.4: >>>> >>>> Each I2RS Client will have an identity; it can also have secondary >>>> identities to be used for troubleshooting. >>>> >>>> JMC: Each application will have a _unique_ identity. >>>> >>> >>> [Alia] Hmm, this ties into the discussion about how we want to handle >>> redundancy and recovery for clients. It's also a bit of a >> tautology - a >>> client is solely identified by its identity. I have changed it to >> say >>> that "Each I2RS Client will have a unique identity" - but that just >> helps >>> clarify the intent. >> >> I think that this nicely encapsulates a confusion between identity and >> identifier. Identifiers identify. Objects, in a very generic sense, >> have identity. Thus if a human being is an instance of an object, they >> may be identified, based on context, by SSN, passport number, name, name >> and date of birth, cell phone number etc; all could be valid >> identifiers: but equally, a cell phone number could be the identifier of >> a cell phone, which is associated with a function and multiple people, >> while the cell phone could also be identified by its IMEI so the >> determination of what is an identity, may take some consideration. This >> is often critical in security; you have a secure channel but with what? >> Is the identifier sufficient proof of the identity? >> >> Working with routers, you usually have multiple identifiers; the SNMP >> sysName is not (usually) the OSPF 32 bit router id, while the BGP >> Identifier (note, identifier) is different again. >> >> Identifiers exist within a namespace, with rules about syntax, >> uniqueness and so on (even if this are not made explicit). >> >> The revised I-D contains >> " A secondary identity is merely a unique, opaque identifier ..." >> and >> "An I2RS Client may supply a secondary opaque identity .." >> >> I think that most uses of the word "identity" in this I-D are actually >> referring to "identifier" but at the same time, given that almost all >> routers have multiple identifiers (as above), then this issue, of the >> difference between identity and identifier needs making explicit in this >> I-D. >> >> Tom Petch >> >> (p.s. if you have multiple virtual routers in one physical router, how >> many identities are there? Discuss.) >> >> >> _______________________________________________ >> i2rs mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/i2rs >> > _______________________________________________ > i2rs mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/i2rs
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
