hi,
jak
I
appreciate your answer very much.
My
understanding is :
1.For the default router is the necessary condition of
connecting to external networks, so if the host has not selected a router as its
default router, and an RA is received, in order to accelerate the rate of
convergence for authorizing the router and determining default
router(s), the host will want to get the certificate paths of all
the on-link routers, so the host use the all-routers-multicast for
CPS.
2. If one default router has been authorized by the host,
that means before this time the host may have sent CPS by
all-routers-multicast and received the most certificate paths of
routers on the link, meanwhile at least one router communicates with
external networks on behalf of this host, so not urgent and only send CPS by
unicast.
Is it
right? welcome comments.
hongyan
I'm not sure I follow your questions, but here is what I
think the intent is.
If the host has received an RA (solicited or beaconed) from
a router and has decided to select that router as its default, it can unicast
the CPS directly to the router.
If, on the other hand, the host has not received any RAs or
a multicast RS has elicited a number of RAs in reply, then the host can
instead multicast the CPS to All_Routers_Multicast, rather than unicasting it
to each individual router.
Does that answer your question?
jak
----- Original Message -----
Sent: Wednesday, September 21, 2005
4:04 AM
Subject: About CPS message of SEND in
IPv6
Hi, all experts
I have one question about "When soliciting certificates for a router, a
host MUST send Certification
Path Solicitations either to the All-Routers multicast address, if it has not selected a default
router yet, or to the
default router's IP address, if a default router has already been
selected." In rfc3971.
Does it mean the following ?
1.if
there are not other routers that have passed the anchor authentication,
then host will send CPS to the All-Routers multicast address,
and all routers, include ones that have send the certificate paths, will
respond to the solicitation.
2.if
an another router has passed the anchor authentication, host will send the
CPS to the solicited router address, but not the address of router
that has passed the anchor authentication.
Thanks
Hongyan 2005-9-21
-------------------------------------------------------------------- IETF
IPv6 working group mailing list ipv6@ietf.org Administrative Requests:
https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
|