On Fri, May 28, 2010 at 2:03 PM, Christopher Morrow <[email protected]> wrote:
> this is how some (for instance) root servers today do anycast > services. Put the 'service' ip address on the loopback interface (or > similar alternate interface) then just route traffic over the other > locally connected interfaces ... This works fine, it's not something > an average user wants (or really can) manage though. It requires still > some knowledge, at least in the local network realm, that ip-X is down > one of several interfaces. Expanding this to 'down several providers' > means that the providers must know, and thus the world must know that > this /32 (ip-X) is globally reachable. This is done with PI space and > we all pay a penalty (we all dfz router operators and users of the > internet) for this 'feature'. (You keep me continuing this line of my 'silly' arguments. :-)). Not if there's a mechanism wherein you don't have to advertise your local address to outside. >> Sad there's no mechanism (or inherently impossible) that a multi-home >> site and so all nodes inside deal with multiple PA addressed assigned >> to them in a seamless (not causing the breakages you describe above) >> manner. > > Oh you CAN do this, you don't WANT to, there are lots and lots of > dependencies and timelines to satisfy. All of which make the pain of > changing things far to costly and complex to implement 'quickly'. For > a simple case: 1 host, 2 providers 1 router. Here's a short list of > things to consider (no particular order) > > o access controls on the host (from which ip, to which ip) > o dns updates for changes > o publishing dns records for each identifier/address > o traffic engineering to assure that folks use the addresses being > advertised over DNS properly/fairly > o upstream uRPF checks (must send to the internet with the right > source-address, based on which outbound port is choosen) > > There are a few others I'm sure, never mind the case of a more complex > Enterprise network deployment. Thank you for a list of concerns to clear up. > uhm, so my host has ip address A, it's got attachments to networks B, C, D. > > how does the world know that services on A are behind B, C, D except > for bgp telling them? So.. you mean subnets by networks B, C, D, don't you? We're still inside a site in this moving, aren't we? My illusive homework is to find a mechanism wherein telling BGP I'm inside the site S will suffice. So that I can live with local addressing without breaking the Internet. -- DY _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
