draft-xie-stewart-sigtran-ddp-00 addresses redundancy and failover of
sessions within a server pool, where uncoordinated failover of sessions from
one endpoint to another is a requirement. There is signifcant overheard and
indirection added to the session to achieve this.
We seem to be discussing a simpler requirement: coordinated movement of a
session from one ip:port pair on a single endpoint to a different ip:port
pair on the same endpoint. Windows, buffer states, sequence numbers, etc.
could all remain the same.
I would think the latter requirement could be implemented as a simple TCP
"forward me" option. For ESP/AH-protected sessions, no TCP-level
anti-hijacking protection seems necessary. This could even be performed if
the original IP is suddenly not available and the other endpoint hasn't
given up on the connection yet; you send a "forward me" packet sourced from
the first IP, then listen for an ACK on the new IP.
I can think of no simple way (ie. without recreating IKE&AH inside TCP) to
do this for unprotected sessions; I'm not sure it's worth the effort to
solve either.
I'm sure there's something I'm missing here, or else this would have been
implemented 15 years ago... Thoughts?
S
| | Stephen Sprunk, K5SSS, CCIE #3723
:|: :|: Network Consulting Engineer, NSA
:|||: :|||: 14875 Landmark Blvd #400; Dallas, TX
.:|||||||:..:|||||||:. Email: [EMAIL PROTECTED]
----- Original Message -----
From: [EMAIL PROTECTED]
To: Karl Auerbach
Cc: IETF
Sent: Wednesday, April 26, 2000 16:48
Subject: RE: runumbering (was: Re: IPv6: Past mistakes repeated?)
> > Turn it any way you want, TCP sessions can only survive renumbering
through
> > end to end mechanisms...
> Which raises the interesting (to me anyway) question: Is there value in
> considering a new protocol, layered on top of TCP, but beneath new
> applications, that provides an "association" the life of which transcends
> the TCP transports upon which it is constructed?
> I believe that if we had such a protocol that it would be a useful tool to
> solve many of the juggling acts that transpire under the heading of
> "mobile networking" as well as providing a way to continue (or
> "resume") connectivity after IP address changes.
> (I will, of course, be suitably embarrassed if someone points out that
> work is already going on to do this.)
draft-xie-stewart-sigtran-ddp-00.txt
ned
