[rrg] Renumbering can never be secure, testable, reliable or routine - draft-carpenter-renum-needs-work

[Victor Grishchenko]

IPv4 world was built on an assumption of static IP addresses, so
it is clearly impossible to introduce routine renumbering as an
incremental feature because of the reasons you mentioned and
other reasons.
"Fluid" addresses are possible in the world of prefix bunches,
multi-path TCP etc. Changing an underlying assumption affects
all the stuff piled on top of it.

On Oct 27, 2008, at 6:20 AM, Robin Whittle wrote:
> I don't think it will ever be practical (while retain existing
> Internet protocols) to solve the routing scalability problem in a
> way which requires end-user networks renumber in order to use
> another ISP.
>
> Even if we ignore the problem of keeping sessions alive during a
> renumbering operation, I think there are fundamental problems with
> your intention (I assume) to find a way of making either IPv4 or
> IPv6 renumbering "a relatively routine event", as your I-D mentions.
> 	
> Even if you ignored the problems of implementing the requisite
> automated renumbering functions in existing equipment (primarily
> hosts, including printers and in routers, access points and other
> networking gear) I think there are fundamental problems with what
> needs to be done beyond this.
>
> To be practical, something with the extreme impact of renumbering
> needs to be extremely reliable.  In order for this to be the case, I
> think it needs to be:
>
> 1 - Highly or completely automated, so it can all be done under
>    central control.
>
> 2 - Secure - against hackers or accidental activation.
>
> 3 - Fully testable.  There must be a sham approach to implementing a
>    renumbering operation in order to prove to the administrators
>    that all required numbers are changed, in the right time, to
>    the correct new numbers.  But as I discuss below, this is
>    nowhere near sufficient to prove the whole renumbering
>    operation would in fact succeed.