nanog mailing list archives
RE: IPv4 address length technical design
From: "Spurling, Shannon" <shannon () more net>
Date: Fri, 5 Oct 2012 14:18:10 +0000
I had toyed with the idea that maybe we needed an identity based routing system. Addressing doesn't change because it's the physical map of the network. Instead what you need is a set of identity "banking" servers, either arranged by organization or contract, that hold a public key and that your workstations and servers update with their current location. That would be similar to the current DNS infrastructure. When you wish to transact with one of these servers, you use the DNS like identity to retrieve the current location, and send a signed connection request via TCP or UDP. The remote end received an authenticated request that you can confirm using your identity and public key. You don't have to encrypt the contents of the packet, but you could if you needed to. If an address changes, that device could send a signed update indicating the IP change to all currently opened sockets and it's authoritative identity server. I know it's kind of rough, but it would take all this complexity and put it back in the workstation stack. Everybody is lowering their DNS TTL's to nothing anymore to support dynamic DNS. There is a big push to virtualize and fragment the IP address scheme to support IP mobility, which flies in the face of good network management. Not to mention how IP mobility also enables man in the middle to become a serious reality. And all the router vendors are pushing for more features, instead of doing what they are supposed to do better. I think a concept like this could help on several levels. It just seems like something different needs to be done. S - -----Original Message----- From: William Herrin [mailto:bill () herrin us] Sent: Friday, October 05, 2012 8:07 AM To: Barry Shein Cc: nanog () nanog org Subject: Re: IPv4 address length technical design On Thu, Oct 4, 2012 at 7:36 PM, Barry Shein <bzs () world std com> wrote:
In Singapore in June 2011 I gave a talk at HackerSpaceSG about just doing away with IP addresses entirely, and DNS. About the only obvious objection, other than vague handwaves about compute efficiency, is it would potentially make packets a lot longer
What portion of your audience would you say took it at face value without realizing they'd been trolled? Regards, Bill Herrin -- William D. Herrin ................ herrin () dirtside com bill () herrin us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
Current thread:
- Re: [tt] IPv4 address length technical design, (continued)
- Re: [tt] IPv4 address length technical design Eugen Leitl (Oct 04)
- Re: [tt] IPv4 address length technical design Masataka Ohta (Oct 04)
- Re: IPv4 address length technical design Barry Shein (Oct 04)
- Re: IPv4 address length technical design Mark Andrews (Oct 04)
- Re: IPv4 address length technical design George Herbert (Oct 04)
- Re: IPv4 address length technical design Jay Ashworth (Oct 04)
- Re: IPv4 address length technical design Barry Shein (Oct 05)
- Re: IPv4 address length technical design Jay Ashworth (Oct 05)
- RE: IPv4 address length technical design nanog (Oct 06)
- Re: IPv4 address length technical design William Herrin (Oct 05)
- RE: IPv4 address length technical design Spurling, Shannon (Oct 05)
- RE: IPv4 address length technical design Siegel, David (Oct 05)
- Re: IPv4 address length technical design John Levine (Oct 05)
- Re: IPv4 address length technical design Barry Shein (Oct 05)
- Re: IPv4 address length technical design Fred Baker (fred) (Oct 05)
- Re: IPv4 address length technical design Cutler James R (Oct 03)
- Re: IPv4 address length technical design William Herrin (Oct 04)
- Re: IPv4 address length technical design Cutler James R (Oct 04)
- Re: IPv4 address length technical design William Herrin (Oct 04)
- Re: IPv4 address length technical design Owen DeLong (Oct 03)
- Re: IPv4 address length technical design George Herbert (Oct 03)