-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 In Vancouver we decided[1] to remove the support for multicast/anycast/broadcast in the RELOAD spec, following a discussion back in Taipei about problems for supporting anycast.
I thought a bit more about the anycast problem, and I found a solution to this problem that is simple and so that would permit to keep the text in -base. To summarize the problem, a bootstrap node cannot be directly running on an anycast address because the real destination can change at any time, and that would break DTLS. That can be solved by adding the IP address of a bootstrap node not running on the anycast address in the PingResponse, but unfortunately this is not a compatible change. There is other problems with this approach, related to the fact that the Ping must be sent without DTLS (naked Ping). But, as per -base section 6.5.1.4, all RELOAD nodes are also STUN servers, so the naked Ping can be replaced by a STUN connectivity check. The nice thing about STUN is that the support for anycast is already there, as a STUN server running on an anycast address will respond with a 300 Try Alternate with an ALTERNATE-SERVER attribute containing the IP address of the non-anycast node. So the whole problem can be solved by just saying in -base that any connection to the bootstrap servers must start with a STUN connectivity check. The first IP address to successfully respond (i.e. after processing the 300), is the one where the DTLS/TLS connection must be established to start sending the RELOAD messages. [1] https://www.ietf.org/proceedings/84/minutes/minutes-84-p2psip [2] https://www.ietf.org/proceedings/82/minutes/minutes-82-p2psip - -- Marc Petit-Huguenin Email: [email protected] Blog: http://blog.marc.petit-huguenin.org Profile: http://www.linkedin.com/in/petithug -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQW0RwAAoJECnERZXWan7EZRsP/jDXiBZQBHBJAD8qP2CFp7a7 wQ5xF5Ms5F1NCyciC5q6ufYs3Yj8ipwQ1cx9vJAJ6E72j1f4ZLMiNxy9Dr750peD kK/KAvj5cSMgpp56al+G4J3pdnrIPwx/trRncdX3OAsq8Rtn2GO8lyMFw7RdHK/i wrnZCrSa8e2a2jtt/0Ip7xpnaazgkQKn8x9McoQMtPuy2mrUrmZX2uPvLKnc6UQ+ zl0OfI62PKMv/IryGU9fRIx2vVGRMdu1AgXoIP0jtDnkUo19jcWe3/7ZWzOFeCpT tQaIHhDmSyOZ4EVhYTHHLTT42O0BsO/fdgwKT3PvJJQCEPRi16S36oQzS33tWD6h bEaGFKeC9QotWq2FHaH/38Cqr+nuIB4azBEpEEwErzWGiy0lPSWiL8sJ7TaTSugJ NS5ocDUngf8tZ/3o+sGPypLRMW71BSHvFkWmJ36HuA4Yzg7M68YZto/kw3RdW/J8 G02COfsf2w0131QPoRUQLQgSOHz6ZP7aiwuqrmKyRhxp1jgaVW1iFY0mOzJI+Nw7 omRr0Htw1BghfoBkEGWHejH6cymB2ld1+vvwSHgMryC4rLuPrdLBiBf6isFp0xLi FKiRVYL3pb4rNrzu2KjaiE6Wv6FhR/Ysdo+XsbxH+jRcfSXLz3i5B65O+wcr0Alj Eu1SX15X9nY+FAC2DmjZ =x01n -----END PGP SIGNATURE----- _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
