Alex Conta writes:
> Tony Hain wrote:
> > [...] Some of the pushback is
> > simply based on the fact that the diffserv model of QoS
> > is inherently broken because there is no end-to-end
> > immutable set of bits for local decisions to be based on.
>
> I hate to say it, but your conclusion is grotesquely false.
> The Diffserv QOS model is not broken at all - I don't know
> how, where, and why you got that.
>
> For IPv4 M-F classification, Diffserv can use the well-known 5-tuple.
> src, dst addresses, src, dst ports, and protocol ID.
The problem is that the 5-tuple is exactly *one* kind
of definition of a uflow. RFC 2207 defines another kind
which instead of requiring IPsec to conform to RSVP's
desire for a 5-tuple, defines another kind of
uflow based on SRC,DST,SPI instead. This does not
compromise the privacy of the flow itself since what
the SPI represents is opaque to the classifier. What
you are proposing is that that opaqueness is bogus
and that I should always reveal the 5 tuple for
all to see.
I disagree. If there's lossage here, we should
err on the side of privacy. What you all are
proposing effectively renders ESP protection of
transport headers a dead letter if you want
diffserv QoS.
Mike
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
