On Thu, 2 May 2002, Brian Haberman wrote: > Pekka Savola wrote: > > > > On Thu, 2 May 2002, Brian Haberman wrote: > > > I had actually started taking a crack at this whole problem. It > > > seems to me that the following components are needed for some form of > > > global anycast support: > > > > > > 1. Host-to-router notification protocol (this is taken care of by > > > changes to mld proposed in draft-haberman-ipngwg-host-anycast) > > > > > > 2. Security: at a minimum some form of authentication to allow > > > routers to determine if hosts are allowed to join an anycast > > > group > > > > You're making assumptions here. > > > > Hosts could very well participate in routing protocols. > > I don't think I am making assumptions. If a node is injecting routes, > it is a router. It may not be a member of the trusted set of routers > though. That is where the security comes in. If operators want to > protect the set of nodes that can inject routes, they can do so by > securing the routing protocol exchanges.
No, if a node is injecting routes, it needs not to be a router, as specified in RFC2460 and referred to in addrarch. The definition: router - a node that forwards IPv6 packets not explicitly addressed to itself. [See Note below]. DNS servers could participate in the routing protocol, injecting a route to itself, while still being hosts. Usually the definition of router also includes forwarding packets between interfaces, but that's only implicit here. > > > 4. Possibly a draft that documents any impacts on any existing > > > protocols (routing protocols, TCP, etc.) > > > > Unicast RPF is capable of killing anycast with source addresses quite > > effectively. > > Not sure I follow you. The anycast addresses are in the destination > address field. You mentioned a host-to-router notification protocol, so we're discussing what would be different if anycast requirements are changed (not as a source address, not on a host). Anycast addresses as source addresses (if allowed) have some amount of problems. -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------