In your previous mail you wrote:
Francis, just a short comment -
if you would like to continue to misunderstand me thats fine, but I'm
telling you that there are people having problems out there TODAY.
=> what I have understood of your issue is the IPv6 protocol with
its extension header chain defined today makes layer >= 4 classification
hard or impossible at very high speed. This is true (then I don't
really misunderstand you :-) but the real question is whether it is
a real issue (ie. something we need to solve) or not, my argument
is the classification should be done by edge routers and not by
core routers.
Then there are two different points:
- does the issue remain if edge routers are closed enough to hosts:
* an interface only (for direct connections)
* line speed limited at least by available stock hardware
* low or at least reasonable number of flows?
I believe the issue doesn't remain just because for many reasons
stock hardware had, has and will have poor I/O performances
- is it possible to put edge routers closed enough:
* technical constraints: I can't see one?
* price constraints: with ASICs we are supposed to do it cheaply?
* policy constraints: I am sorry to have to say that but it is the job
of a ISP to look at inside packets of its customers. It is why
I said ESP will save us. Of course this should be the point where
we have a very different opinion, in the past my current ISP decided
the Web was mainly pornography and tried to limit the bandwidth
for a particular TCP port...
I have talked about firewalls because:
- they shared the same issue but they have to do something a bit harder
(BTW I think a solution which works for routers and not for firewalls
will have a problem in the future: there are (too) many ISPs which
put firewalls to protect (against) customers)
- they (will?) use ASICs when high performances are needed
- they share the management issue, security policies are even more
critical than QoS policies (a mistake for instance has worse consequences).
What we do have in common is that we share the same vision about ipv6 but I
think that we are experincing different problems and to be frank I dont
think you understand my concers buts thats fine - there are others that do.
=> do you want a private or a public answer (:-)?
As a side note, many operators are bulding a new infrastructure for
residential access and they are using fiber in many cases to the
household...
=> I don't believe they want to give a cheap giga Ethernet per access
with an usable 1Gbits/s (or I'll move to this place).
[EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
