[e2e] It's all my fault
Christian Huitema
huitema at windows.microsoft.com
Mon May 14 15:12:48 PDT 2007
> One known benefit of source routing is support for edge-based
multipath
> routing, incorporating knowledge about application needs into the
> decision to have resilient path selection (either concurrently or as a
> hot spare that is kept alive and measured for congestion). That is
> one
> of the technical arguments made in Saltzer, Reed Clark - Source
Routing
> for Campus-wide Internet Transport (finally published in 1980).
Others
> can be found there as well, and were well-discussed beginning with the
> beginnings of the Internet design, and continuing up to and through
the
> standards track evolution of IPv6. Active use of source routing in
> research contexts continue today - despite attempts by "firewall
> mavens"
> to declare source routing to be a "security hole" without any
evidence.
There is an obvious tension between source routing and traffic
engineering. The security concern with denial of service by spiral
routes is only an extreme example of that tension. Fundamentally, source
routing allows users to direct traffic on user-chosen routes across the
network. Users sees that as a great way to go around network
limitations. Network owners see that as bypassing their policy or
engineering decisions of the network providers.
The old UUCP path rewriting logic was a solution to that tension. Usenet
relied on source routing, so they had to support it but they went to
extreme lengths to tame it. Usenet was relatively low bandwidth, so it
was OK to check the path before forwarding a file. Modern IP networks
are supposed to forward packets in a fraction of micro second, they
cannot really rewrite paths as they go along, so they end up simply
dropping the packets.
-- Christian Huitema
More information about the end2end-interest
mailing list