--On Wednesday, 26 March, 2003 15:13 -0800 Tony Hain <[EMAIL PROTECTED]> wrote:

Michael Mealling wrote:
Its not that 'we don't want to change because its to much
work'. Its that the Internet architecture assured us that the
hour glass model applied, that the network topology would
remain abstracted within what to us is an opaque address
space. One of the number one reasons its so easy for new
application layer technologies to be deployed is that a
developer doesn't need to know or care about any layer below
TCP (or, in rare cases, UDP). If the lower layers want to
change that hour glass model then we're talking about a
serious breach of contract with the layers above it and a
dangerous blow to the hour glass model.

You really don't want to go there, since it is in fact the violation of the layering by the apps that has created some of the mobility and renumbering challenges. Apps know all too much about what is going on below them, which is why the app developer sees any change as a lot of work.

Tony,


I am probably missing something, but I don't see this. Partially to aid transition to v6, we've been telling apps developers for several years that they should rely on DNS names, paying at little attention as possible to the format or content of addresses, their topology implications, etc. As an application-writer, I'm not supposed to know anything about prefixes, address-masks, or anything else about how addresses are put together. Yes, if I start doing tricky things about firewall or NAT-traversal, I can get myself into a lot of trouble, but that is part of why we have always considered those sorts of things to be layer-violating if not worse.

Ignoring the format of addresses has worked well for 1918 addresses (loathsome as they might be) because the assumption is that filtering (so that they don't leak onto the public network) is the responsibility of anything that connects a 1918 network to the public Internet. And CIDR was deployable precisely because the applications themselves didn't know about classes.

Now, if I correctly understood Margaret's presentation last week (and some other things), if there is a possibility that a particular address might be site-local but that the target might also be associated with publicly-routable prefixes, the application has to figure that out, figure out whether the target is local, and then do the right thing. That isn't a matter of filtering or masking external to the application: the application has to do the work, or the architecture that surrounds the applications has to change. That is a fairly big deal and, I think, involves more layering problems than what we are doing today.

But, obviously, I'm not understanding something. Could you explain?

john




Reply via email to