[e2e] e2e principle..where??....

[Eric A. Hall]

> > basically e2e is but ONE argument in system design, it is quite
> > likely that other factors can outweigh e2e arguments...
> 
> This makes me uncomfortable. When new technology is deployed into the
> Internet is affects the shared resource that we all use. Breaking with
> the design principles that Internet community has adopted should be
> done very reluctantly.

Well, the principle of self-preservation certainly outweighs the principle
of e2e, especially when considered under duress. Firewalls may be bad for
e2e but they are good for unsecured networks and their admins. As has been
pointed out, secure e2e is the ultimate objective, but try telling an
admin that he should be securing every node on the Internet when he is
being attacked by an external entity.

There are other examples. Many end-systems rely on ICMP messages for
various purposes, and it is arguable that a device which selectively drops
ICM messages during overload is violating e2e. But at the same time, the
principle of self-preservation is the greatest concern for the admins, so
they drop what they view as best-candidate messages during overload. Is
that bad? Yes. Is it less bad than having the router drop everything? That
depends on who you're talking to, but at least one camp has made the
decision that self-preservation is more important than e2e when it comes
to ICMP in particular.

I agree that this stuff should be done reluctantly, but it is hard to
invert Maslowe's Ladder, and harder still to think about the holistic
approach when under duress.

I would also agree that market-preservation or -penetration factors are
not higher on the Ladder than e2e principles, which is probably what you
are really arguing. Certainly a transparent HTTP proxy is an interesting
market exploitation opportunity in that it means an admin doesn't have to
reconfigure every user's browser. But at the same time, a more holistic
approach -- such as tools for automated browser configuration that address
this need -- would be the better approach for the Internet community at
large. Maybe even a better market opportunity for a different group of
vendors.

I would also point out that these things are not considered as harmful
when they are done, and are acts of ignorance more than anything. Word
needs to be spread that they are in fact detrimental to the Internet at
large before too much name-calling can be applied.

On the other hand, overwriting TOS flags with DiffServ flags for the
benefit of a third-party is completely unjustifiable.

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/