[rrg] Rejecting all but Strategy A

Pekka Nikander pekka.nikander at nomadiclab.com
Wed Jan 7 03:47:04 PST 2009 

On 6 Jan 2009, at 00:01, Dino Farinacci wrote:
> Before we get carried away with what looks like a convergence of  
> "HIP-proxy and LISP", tell me what HIP offers to a LISP router that  
> the LISP architecture does not already provide?

I don't know what LISP already provides, so the following are mere  
guesses.

- Security?  Both opportunistic, no-infrastructure-requiring security  
for multi-homing/mobility, and baseline-level signalling security for  
integrating any security infrastructure you want (such as PKI, AAA, ...)

- Mobility?  As HIP proxy can be trivially integrated with the HIP  
mobile router (MR), the legacy networks can be mobile without any  
extra effort.  (Provided that the mapping infra has the required  
updating capability...)

- Ability to move more cleanly to a host-based solution, better  
serving mobile and multi-interface hosts.  This includes the ability  
to support upgraded hosts in the legacy networks.

Obviously, the next question is what the drawbacks would be.  Here is  
my initial list:

- Crypto.  Current HIP requires PK crypto (but no PKI!) and ESP.  LHIP  
(which uses only hash functions) is an option if people generally shun  
PK, and, as I already explained, ESP can be replaced with any  
tunnelling or flow-identifying protocol.

- Lack of operational experience.  AFAIK, only Boeing has operational  
experience on HIP.  I guess there is more operational experience  
available on LISP, even though I haven't seen any.

(I am sure there are others, but I cannot figure out any other  
drawbacks right now.)

> If is solely a add a pure definition to IDs and RLOCs, then I think  
> it's not worth the cost of deployment to do so.

Agreed.

Obviously, _for_me_ the main benefit would be the ability to cleanly  
move to a host-based solution, in such a way that the upgraded mobile  
hosts could work both stand-alone in the "new internet" (at the non- 
legacy side of xTRs) and in the legacy networks, without any extra  
overhead.  (That is, any upgraded hosts at the legacy networks would  
report their existence to the xTR, which would understand their  
presence, avoiding double encapsulation and signalling overhead).

--Pekka

More information about the rrg mailing list