A couple of weeks ago I brought up two issues regarding the trust router
architecture:
1) Do trust links go to realms or do they go to nodes. Tied up in this
was whether you need a mesh and consistency within a realm.
2) whether you need a webserver-like shared hosting model where each
hosting container gets its own config or a whether a router-like model
is sufficient where you can share a routing table between hosted
customers. (I am familiar with VRFs; real routers support both models)
In the background Painless Security and Janet have been working on a
management system for managed trust router instances.
Not surprisingly we've been focusing on trying to minimize complexity.
For issue 1, people tended to favor links that were between realms
rather than between hosts.
That tends to be a lot harder to implement.
Originally, I had been talking about how I thought it would be a flag
day to switch between models.
I no longer think that's true.
IN effect it's just a different type of trust link and a single trust
router could support trust links that point to realms as well as trust
links that point to nodes.
I can think of several phased upgrade strategies. One is to upgrade all
receivers first.
Another is to synthesize fake nodes when talking to trust routers that
only support node links.
For this reason, I now would prefer that we focus on node-level links at
the current moment.
They are far easier from an initial implementation standpoint.
I think it very likely that we'll need to move to realm-level links
soon.
The discussion here focused on the webserver model rather than the
router model. I think we all agree that the trust router softwware
should support the webserver model.
It needs to support the router model as well; that kind of goes with
being router-like.
It's interesting to note that in our management system work we have not
found any reasons to take advantage of the webserver model in initial
deployments.
So, we'll focus on managing the router model at least initially.
Changing between the two is just a matter of generating different schema
from configuration.
--Sam
|