[swg] Re: [openib-general] TCP/IP connection service over IB

[Caitlin Bestler]

> -----Original Message From Ted Kim -----
> 
> 
> I should point out that there was once a proposal of doing a 
> RDDP IETF draft which would have sub-divided the MPA private 
> data into a "middleware" section and an "app" section. The 
> idea was to be sure that the app/ULP and middleware (e.g. the 
> IOH) uses of private data would not step on each other. I 
> think this idea did not progress, mostly because the author 
> (John Carrier, formerly of Adaptec) changed jobs and was no 
> longer working on iWARP stuff.
> 
> While not directly proposed, this idea could have been 
> carried over to IB.
> Some of the ideas on this thread are already implicitly doing 
> this middleware (for IP addressing purpose) vs ULP/app split.
> 
> 
> -ted
> 

>From a spec-minimalist viewpoint there is no real benefit in
having the wire protocol distinquish between payload provided
by a non-privileged middleware library and a non-privileged
application.

It might be a really nice and convenient thing for it to do,
but there is no real harm in having the middleware do the marking.

The real issue here is that data that had been in a privileged
header that had been implicitly validated by successful routing
in both directions is being replaced by data that is traveling
opaque directly from non-privileged code on the peer.

On an IP network you cannot successfully establish a connnection
where the remote IP address has no correlation with reality and
is totally unreviewable by network administrators.

The network administrator can also always block connections from
certain addresses as a matter of policy and the application cannot
override that. Typically the system administrator can as well.

Passing IP addresses in non-privileged private data is an entirely
different issue.