Path: utzoo!attcan!uunet!seismo!sundc!pitstop!sun!decwrl!ucbvax!ulysses!smb From: smb@ulysses.homer.nj.att.com (Steven Bellovin) Newsgroups: comp.protocols.tcp-ip Subject: Re: Dumb vs. smart host routing Message-ID: <10285@ulysses.homer.nj.att.com> Date: 12 May 88 15:36:52 GMT References: <8805102321.AA26819@hogg.cc.uoregon.edu> <864@kaos.UUCP> Organization: AT&T Bell Laboratories, Murray Hill Lines: 37 One problem I see is that ICMP Redirect is largely useless. It's only useful for the first gateway along the way to tell the originating host to use a different gateway; it can't be used to tell an intermediate gateway what the proper next hop is. That is, assume we have a large LAN behind a single gateway G to the Internet. If a host H on that LAN wants to talk to host H' on another LAN behind another gateway G', all H can do is send the packets to G. G must know that G' is the proper next hop; if it chooses to use G'' instead, G'' cannot send an ICMP Redirect. Or rather, it can, but the Redirect will go to H, which can't do anything but send to G no matter what it receives. G'' doesn't know that the packet came from G, and hence can't advise G of the proper route. (To be sure, RFC1009 says that gateways within an autonomous system can use Redirects among themselves, but that's not a standardized use for the Internet.) The conclusion of all this is that local gateways must be extremely smart. The current scheme, with EGP, works well enough in the current environment, where there's one central net (ARPANET+MILNET); it would fail miserably if there were a large number of interconnected backbone nets. I'm not certain what to do about the problem. If Record Route were used more, or Loose Source route, a host could handle such a redirect more intelligently. (Of course, under the current spec it wouldn't be sent.) Perhaps we need a new option, ``Last Hop''; it would tell each gateway the immediate predecessor gateway to be advised of a routing correction. Then we'd need some new sort of Redirect message, possibly one that includes a loose source route, rather than just a simple gateway address. The combination of these might even allow a very smart gateway to straighten out twisty paths, though I'm not sure that that's feasible. And the security implications of enhanced Redirects needs to be considered very carefully. --Steve Bellovin ulysses!smb smb@ulysses.att.com