Hello folks,
I have been trying to catch up by reading all the e-mails, but that's very hard these days! I think that DIID is simpler to understand and administer, and is besides much more scalable in the number of prefixes. Furthermore, try as I have to understand why anywone would prefer the DAD approach, I come up emptyhanded except for the single argument that existing implementations do DAD on every address. And I have read a lot of e-mails. Maybe everyone already agrees that DIID is more scalable. If anyone disagrees, I'd be surprised, but please remind me. Then the question is, why do so many people not care about scalability in this matter? That is for me the real puzzler. IPv6 provides so many addresses and so many prefixes that it's hard for us to understand. Therefore, I am sure we do not understand all possible uses for those many addresses and prefixes. Taking brute force unscalable approaches now, and shooting down a whole galaxy of future possibilities, is just not very sportsmanlike, much less wise or conservative with resources. This is my main concern. When I have voiced this concern, I get the answer that "We don't need that many subnet prefixes now". That is a very bad answer. There is one other abstract concern that I have, and one other very concrete concern. I believe that each of them clearly indicates the need for specifying DIID instead of DAD. The other abstract reason that bothers me about this "DAD" algorithm is that it assumes that not all nodes need to carry a link-local address to match their IID. I believe this is also a bad assumption. The link-local address has nice properties for protocol design, and offers a way to do things like Neighbor Discovery in the right way. It's easy to understand, and thus easier to get correct designs, and correct software and hardware. My belief is that the "DAD" algorithm substantially impairs the effectiveness of protocol design at this level. Simply put, it means that global IP addresses may no longer be known to satisfy properties that previously could have been established by protocol using link-local addresses. In other words, algorithms which should have been carried out with the previously useful link-local addresses would then always have to be carried out with global addresses, with the further complications arising from protection against remote attack which are enabled by globailty. If DAD proponents also wish to specify that every IID has to be associated with a link-local address, then I am thoroughly mystified, but at least the above problem goes away. The concrete reason this proposal is unwelcome for me is that it is very bad for Mobile IP. When a home agent receives a Binding Update, it has to ensure that the mobile node's home addresses remains valid on the link (the mobile node's home network). If the mobile node has not yet sent any Binding Update to the home agent, or if the last Binding Update has expired, the mobile node's addresses will remain undefended on the home network. Then, when the Binding Update is received, the first thing the home agent has to do is to ensure that the mobile node's home addresses have not been taken by some other node. If this home agent has to do this for dozens or hundreds of home addresses, it could be quite a burst of protocol. If this happens for a lot of mobile nodes at once, then the situation would just be that much (linearly) worse. Whenever a horde of mobile nodes all suddenly emerge into new radio coverage, this is quite likely to happen. Put briefly, "DAD" is "BAD" for: - scalability for subnet prefix utilization - link-local protocol design - Mobile IP - network administrator sanity (I didn't mention this, but hopefully it's obvious). As best I can tell, DIID is BAD for some existing implementations, and no other reason. In a way, this is benign, for two reasons: - Really using hundreds of subnets is not a concern with existing IPv6 deployments. Thus, if some platforms don't get it perfect just now, no worries. - By the time it really matters, the chances that existing platforms will have undergone _zero_ software upgrades is, approximately, _zero_. I hope this note will have some effect towards moderating the sentiments towards DAD that were in evidence in Yokohama. Regards, Charlie P. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
