Hello Brian,
Your points are very well taken. My main suggestion for the immediate term was to relax some restrictions on well-known anycast addresses located in their subnets. It is really easier if there's just one host, too. The other things will take more work. >From that context, I'll just add a few more comments inline: Brian Haberman wrote: > 1. Host-to-router notification protocol (this is taken care of by > changes to mld proposed in draft-haberman-ipngwg-host-anycast) What happens if you have a host on a link responding to an anycast address on that link? Then other hosts on that link won't be able to easily discern whether the router "liked" the anycast addressable host or not. I can imagine some very nasty ways to avoid even this scenario, but I can't believe we'd really want to enforce them. > 2. Security: at a minimum some form of authentication to allow > routers to determine if hosts are allowed to join an anycast > group Similar comment to the on-link case for (1). Furthermore, the security requirements for an anycast group depend on the nature of the anycast group, don't they? It might typically be quite unimportant to securely restrict participation in an anycast group geared towards local broadcast of streaming audio of classical guitar music, or a webcam of the cows in the pasture. > 3. An Anycast Architecture doc that pulls all the pieces together > and concretely describes how pieces interact, the pros and cons > of anycast usage for intra-domain and inter-domain Right! But the latter is often true for any service. The anycast nature of the addressability of inter-domain isn't appreciably harder, otherwise, than handling anycast groups in general, is it? > 4. Possibly a draft that documents any impacts on any existing > protocols (routing protocols, TCP, etc.) This would be very important. > It should also be noted that this is probably way too much work to do > in the IPv6 WG. It's way too much work for me too :-) I'm not really suggesting that the general case be made completely open prior to this work getting done. I was more suggesting that there are useful special cases that do not present any appreciable downside. Regards, Charlie P. > "Charles E. Perkins" wrote: > > > > Hello folks, > > > > I think this is a great idea. > > > > Furthermore, on the topic of letting packets have Source IP > > address be the address of an anycast group, I think that it's > > the responsibility of the particular anycast group to handle > > all the ramifications. It would be nice to have an Internet > > Draft that lays out all of the canonical ramifications. > > > > In the case where there is only one element of an anycast group, > > and it has one of the "well-known" anycast numbers on its subnet, > > this seems to be very natural and beneficial. There would not > > be a need to make the restriction for short session lifetimes. > > > > If the anycast group can have several members, but still is > > addressable at one of the "well-known" anycast numbers, then > > we can require a standard specification for the operation > > of the anycast group, including any such features as use of > > the anycast address as a Source IP value. > > > > Similar considerations hold for security, and even mobility > > of the anycast group. In fact, with enough calculation, we > > might even be able to find some CGA-able anycast groups within > > some lucky subnets! > > > > Regards, > > Charlie P. > > > > "Bound, Jim" wrote: > > > > > > I agree. Lets begin to work on getting a SHOULD that would fix it completely. > > > > > > I will follow your lead in the WG so lets do it ............ > > > > > > /jim > > > > > > > -----Original Message----- > > > > From: Pekka Savola [mailto:[EMAIL PROTECTED]] > > > > Sent: Thursday, May 02, 2002 2:28 AM > > > > To: Bound, Jim > > > > Cc: [EMAIL PROTECTED] > > > > Subject: Re: Anycast Addresses being used for Nodes not just Routers > > > > > > > > > > > > On Wed, 1 May 2002, Bound, Jim wrote: > > > > > What do we think we need to do to get the requirement that > > > > only Routers > > > > > can have anycast addresses changed to "nodes". > > > > > > > > > > IETF Work draft-yanjun-lbam-ipv6-00.txt is a good example > > > > of the use of > > > > > anycast for non-router systems that are very important for > > > > the Internet > > > > > and IPv6. > > > > > > > > I've been trying to push the changing of this: > > > > > > > > o An anycast address must not be assigned to an IPv6 host, that > > > > is, it may be assigned to an IPv6 router only. > > > > > > > > in addr-arch-v3-07 to change 'must' to a 'should' for some > > > > time now, with > > > > not much progress. > > > > > > > > I think this is one item that should be changed before > > > > addr-arch is done > > > > with in the IESG and locked for a few years. > > > > > > > > -- > > > > Pekka Savola "Tell me of difficulties surmounted, > > > > Netcore Oy not those you stumble over and fall" > > > > Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
