On Thu, 5 Mar 2009, RJ Atkinson wrote:
One of the Routing ADs already has explained to you and to the
other IESG members that L3VPNs *can not* meet the same set of
requirements as this proposal. I have also discussed this at
length in conversations with individual ADs and the entire IESG.
So the claim above is simply not correct.
L3VPNs simply cannot address or solve these MLS issues.
Could you describe why L3VPNs or such are inadequate? The discussion
in S 1.1 of draft doesn't really help much to understand what are the
actual problems with these. It discusses unwillingness to implement
L3VPNs on hosts but it's not clear why this is needed; and also not
being able to carry sensitivity label in L3VPN but it's not clear why
you couldn't just pick a localized approach to designate the labels or
map them in some manner; etc.
FWIW, I wouldn't have a problem with this draft if it didn't add a
hop-by-hop option (if there are problems with e.g. changing all
transport protocols, at least those involve only end-hosts). I don't
want to add any burden on on-path implementations and I prefer to set
a very high bar for adding new hop-by-hop options, and this doesn't
reach that.
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
