(IPng 4133) Re: An idea to bounce off people: storing routing info in the DNS instead of the routers.
This is the second one of these responses I have gotten. BTW
Michael Gersten wrote:
> >having a stack believe a redirect with loose source route
> >is an engraved invitation to wholesale hijacking
> > -mo
> This whole idea is based on a trade-off: routers will spend
> less time dealing with a routing table, a little more time
> with the DNS, and most of that will then get sent back to
> the originating sites. What little does not get sent back will
> be in the DNS cache.
> If there's no solution to the redirect security, then that
> can't go in, and the DNS cache use by the routers becomes
> a huge problem, and this trade off no longer works.
> V6 solves the router security problem by requiring a
> router message to have a TTL of 254. The question is,
> can v4 handle that as well, or is this now a case of
> creating IP v5, as an incremental improvement over v4
> (really just this one issue).
IMHO if v6 is done properly there should be no problems security
wise. I also believe that v4 can handle the TTL of 254 without
too much problem either. SO the v6 concern is moot really at this
point anyway. Time is also a factor here.
> (What's wrong with v6? The whole question of TCP vs TCPv6,
> only one chance to do v6 right, the compatibility issues,
> how will v6 routing really happen, etc. With only one chance
> to implement v6, we want to do it right, and not be pressed
> for time. This idea of mine should add another 3-5 years,
> giving v6 a better opportunity to be done right the first time.)
I don't think we have 5 or 6 years for v6. In fact 2 years is
the outside time factor at the current growing demand for routeable
Jeffrey A. Williams
DIR. Internet Network Eng/SR. Java Development Eng.
Information Eng. Group. IEG. INC.
Phone :913-294-2375 (v-office)
E-Mail jwkckid1 at ix.netcom.com