Darren Reed wrote:
> I disagree... IPsec and Mobile IP/shim6 are integral features of the IP
> protocol suite
> and the way in which they need to be handled should reflect this, which
> is to say that
> I agree with how they're treated today.
First of all, the purpose of the ILB project is to increase what is
considered being integral parts of an IP stack in the 21st century.
But are you arguing that the IP protocol suite (as defined by the IETF)
is the only thing we should integrate tightly in IP? We have tight
integration of at least CGTP, zones, and TX, neither of which is part of
the protocol suite defined by the IETF.
> Load balancing is not in the same category.
>
> Whilst load balancing does need to sit at a very particular point in the
> code path
> for IP packets, it's interaction with IP and its role are distinctly
> value-add rather
> than basic functionality needed to interoperate with other systems - as
> is the case
> with NAT.
Is this a business argument that people would be willing to pay extra
for a L3/L4 load balancer.
In any case, none of the above reads like architectural arguments.
> Linux does allow more than just iptables to hook in,
> however the method they choose to determine the order
> in which a packet is received (assignment of priority
> numbers for the various "hooks") was rejected by PSARC.
The issue isn't whether it is allowed or not. The issue is how people in
practice handle the complexity of multiple things using the same hook at
the same time. I was postulating that they handle it by avoiding using
that capability.
Erik
