Hello,
After reading the complete document, I feel that there are a few pieces
that are still missing in the document.
Suggested reorganization
---------------------------
The document can do with some reorganization. Section 2 is a bit too
long. It needs to be broken up, and a few more sections should also be
added.
1) Introduction
2) Requirements for ND proxy
2.1) Non-requirements for the ND proxy
3) Behavior of the ND proxy
<This section will contain the guidelines (as listed in my previous
email)>
3.1) Parsing IPv4 packets
3.1.1) ARP packets
3.1.2) ICMPv4 packets
3.1.3) DHCPv4 packets
3.1.4) Other protocol packets
3.1.4.1) Unicast packets
3.1.4.2) Multicast/Broadcast packets
3.2) Parsing IPv6 packets
3.2.1) ICMPv6 packets
3.2.1.1) NS/NA packets
3.2.1.2) RS/RA packets
3.2.1.3) Redirect packet
3.2.2) DHCPv6 packets
3.2.3) Other protocol packets
3.2.3.1) Unicast packets
3.2.3.2) Multicast/Broadcast packets
3.3> Assigning a local IP address
<This section will give an over view of a proxy that has been
assigned an IP address.>
4) Examples
4.1) Example 1
4.2) Example 2
5) Cache table
6) Effect of changes in spanning tree
7) Deployment considerations
7.1) MTU configuration
10) Security considerations
10) ....
11) Appendix A : RA only proxy
New text
---------
I have suggested text for the above sections here. Please refer to my
previous email on justification for the new text.
Section 3)
----------
Please refer to my previous email for text concerning guidelines.
Section 3.3)
------------
A proxy device does not require a local IP address. However it will be
convenient to configure the proxies remotely if they are assigned an
an IP address.
Assignment of an IP address does not change the working of the
proxy. It would require that the proxy to implement the more protocols
(give reference to IPv4, IPv6 node requirements). The interface that
has been assigned an IP address can be viewed as an internal
interface.
The following high level diagram depicts the various functional blocks
within a proxy that has been assigned an IP address.
+-------------+
| |
| ICMPv6, ARP |
| UDP, SNMP |
| etc |
+-------------+
| IPv4/IPv6 |
+-----+-------+
| +---+ +---------------------+
| |int| | IP implementation |
+----------------+i/f+--------+ for a proxy |
| | | |
+---+ +--+---+---+---+---+--+
| | | | |
+++ +++ +++ +++ +++
| | | | | | | | | |
+++ +++ +++ +++ +++
(external interfaces)
Section 5)
----------
The proxy is not a node in the network. Its main tasks are forwarding
IPv4 packets from one port to another, and manipulating protocol
headers.
The main conceptual data structure that will be maintained in the
proxy is the neighbor cache.
Each entry of the neighbor cache contains
o IP (IPv4, or IPv6) address
o port number
o link-layer address
The entry is created by recording the IP address of the sender, the
port number on which it was received, and the link-layer address of
the sender.
A new entry is created in the link-table whenever a new (not present
in the neighbor cache) sender IP address encountered in any packet. A
keep alive timer is also started. This timer is restarted whenever any
packet with the same source IP address is encountered. On expiry of
the timer, the entry is deleted.
The entry is updated in two circumstances
- A packet with the IP address, as the one in the entry, is
received on another port. In this case the port number is
modified.
- A packet with the IP address, as the one in the entry, is
received on with a different source link-layer address. In this
case the link-layer address is modified.
An entry is deleted when
- Expiry of the keep alive timer.
- Change in the spanning tree. Any change in the spanning tree may
result in change of port numbers for few entries. Since it is not
possible to determine the affected entries, and to minimize
traffic loss, the complete table is flushed, and created afresh.
The neighbor cache structure is generic enough to be used along with
both IPv4, and IPv6 addresses.
Section 6 (Effect of changes in spanning tree)
----------------------------------------------
Some of the changes in the topology of the network may result in
modifications of the spanning tree. Some of these changes are
addition/removal of a proxy, or addition/deletion of a link on a
proxy. These changes have some subtle change on the network load.
As soon as a spanning tree change is determined by the proxies in the
network, they will flush the neighbor cache, and create it
afresh. The network traffic will increase momentarily, as each proxy
will broadcast all the packets that it receives. This problem can be
particularly severe in networks where there is a frequent change in
the spanning tree.
There might be some traffic loss, when a new spanning tree is
constructed.
Section 7.1) (MTU configuration)
----------------------------------------
If the proxies within the subnet support different link MTU's, then
the nodes within the subnet should be configured with the smallest
link MTU amongst all the link MTU's. Thus, deployment of the proxies
might not be a simple "plug and play" operation.
Misconfiguration of the MTU in the nodes will result in blackholes
that may prove difficult to track.
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[EMAIL PROTECTED]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
