rfc1017.txt

来自「RFC 的详细文档！」· 文本 代码 · 共 1,067 行 · 第 1/4 页

   step to accomplish this is to use IP.  The use of IP will allow
   individual networks built by differing agencies to combine resources
   and minimize cost by avoiding the needless duplication of network
   resources and their management.  However, use of IP does not provide
   end-to-end interoperability.  There must also be compatibility of
   higher level functions and protocols.  At a minimum, while commonly
   agreed upon standards (such as the ISO developments) are proceeding,
   methods for interoperability between different protocol suites must
   be developed.  This would provide interoperability of certain
   functions, such as file transfer, electronic mail and remote login.
   The emphasis, however, should be on developing agreement within the
   scientific community on use of a standard set of protocols.

Access Control

   The design of the network should include adequate methods for
   controlling access to the network by unauthorized personnel.  This
   especially includes access to network capabilities that are reachable
   via the commercial phone network and public data nets.  For example,
   terminal servers that allow users to dial up via commercial phone
   lines should have adequate authentication mechanisms in place to
   prevent access by unauthorized individuals.  However, it should be
   noted that most hosts that are reachable via such networks are also
   reachable via other "non-network" means, such as directly dialing



Leiner                                                         [Page 10]

RFC 1017          Requirements for Scientific Research       August 1987


   over commercial phone lines.  The purpose of network access control
   is not to insure isolation of hosts from unauthorized users, and
   hosts should not expect the network itself to protect them from
   "hackers".

Privacy

   The network should provide protection of data that traverses it in a
   way that is commensurate with the sensitivity of that data.  It is
   judged that the scientific requirements for privacy of data traveling
   on networks does not warrant a large expenditure of resources in this
   area.  However, nothing in the network design should preclude the use
   of link level or end-to-end encryption, or other such methods that
   can be added at a later time.  An example of this kind of capability
   would be use of KG-84A link encryptors on MILNET or the Fig Leaf
   DES-based end-to-end encryption box developed by DARPA.

Accounting

   The network should provide adequate accounting procedures to track
   the consumption of network resources.  Accounting of network
   resources is also important for the management of the network, and
   particularly the management of interconnections with other networks.
   Proper use of the accounting database should allow network management
   personnel to determine the "flows" of data on the network, and the
   identification of bottlenecks in network resources.  This capability
   also has secondary value in tracking down intrusions of the network,
   and to provide an audit trail if malicious abuse should occur.  In
   addition, accounting of higher level network services (such as
   terminal serving) should be kept track of for the same reasons.

Type of Service Routing

   Type of service routing is necessary since not all elements of
   network activity require the same resources, and the opportunities
   for minimizing use of costly network resources are large.  For
   example, interactive traffic such as remote login requires low delay
   so the network will not be a bottleneck to the user attempting to do
   work.  Yet the bandwidth of interactive traffic can be quite small
   compared to the requirements for file transfer and mail service which
   are not response time critical.  Without type of service routing,
   network resources must sized according to the largest user, and have
   characteristics that are pleasing to the most finicky user.  This has
   major cost implications for the network design, as high-delay links,
   such as satellite links, cannot be used for interactive traffic
   despite the significant cost savings they represent over terrestrial
   links.  With type of service routing in place in the network
   gateways, and proper software in the hosts to make use of such



Leiner                                                         [Page 11]

RFC 1017          Requirements for Scientific Research       August 1987


   capabilities, overall network performance can be enhanced, and
   sizable cost savings realized.  Since the IP protocol already has
   provisions for such routing, such changes to existing implementations
   does not require a major change in the underlying protocol
   implementations.

Administration of Address Space

   Local administration of network address space is essential to provide
   for prompt addition of hosts to the network, and to minimize the load
   on backbone network administrators.  Further, a distributed name to
   address translation service also has similar advantages.  The DARPA
   Name Domain system currently in use on the Internet is a suitable
   implementation of such a name to address translation system.

Remote Procedure Call Libraries

   In order to provide a standard library interface so that distributed
   network utilities can easily communicate with each other in a
   standard way, a standard Remote Procedure Call (RPC) library must be
   deployed.  The computer industry has lead the research community in
   developing RPC implementations, and current implementations tend to
   be compatible within the same type of operating system, but not
   across operating systems.  Nonetheless, a portable RPC implementation
   that can be standardized can provide a substantial boost in present
   capability to write operating system independent network utilities.
   If a new RPC mechanism is to be designed from scratch, then it must
   have enough capabilities to lure implementors away from current
   standards.  Otherwise, modification of an existing standard that is
   close to the mark in capabilities seems to be in order, with the
   cooperation of vendors in the field to assure implementations will
   exist for all major operating systems in use on the network.

Remote Job Entry (RJE)

   The capabilities of standard network RJE implementations are
   inadequate, and are implemented prolifically among major operating
   systems.  While the notion of RJE evokes memories of dated
   technologies such as punch cards, the concept is still valid, and is
   favored as a means of interaction with supercomputers by science
   users.  All major supercomputer manufacturers support RJE access in
   their operating systems, but many do not generalize well into the
   Internet domain.  That is, a RJE standard that is designed for 2400
   baud modem access from a card reader may not be easily modifiable for
   use on the Internet.  Nonetheless, the capability for a network user
   to submit a job from a host and have its output delivered on a
   printer attached to a different host would be welcomed by most
   science users.  Further, having this capability interoperate with



Leiner                                                         [Page 12]

RFC 1017          Requirements for Scientific Research       August 1987


   existing RJE packages would add a large amount of flexibility to the
   whole system.

Multiple Virtual Connections

   The capability to have multiple network connections open from a
   user's workstation to remote network hosts is an invaluable tool that
   greatly increases user productivity.  The network design should not
   place limits (procedural or otherwise) on this capability.

Network Operation and Management Tools

   The present state of internet technology requires the use of
   personnel who are, in the vernacular of the trade, called network
   "wizards," for the proper operation and management of networks.
   These people are a scarce resource to begin with, and squandering
   them on day to day operational issues detracts from progress in the
   more developmental areas of networking.  The cause of this problem is
   that a good part of the knowledge for operating and managing a
   network has never been written down in any sort of concise fashion,
   and the reason for that is because networks of this type in the past
   were primarily used as a research tool, not as an operational
   resource.  While the usage of these networks has changed, the
   technology has not adjusted to the new reality that a wizard may not
   be nearby when a problem arises.  To insure that the network can
   flexibly expand in the future, new tools must be developed that allow
   non-wizards to monitor network performance, determine trouble spots,
   and implement repairs or 'work-arounds'.

Future Goals

   The networks of the future must be able to support transparent access
   to distributed resources of a variety of different kinds.  These
   resources will include supercomputer facilities, remote observing
   facilities, distributed archives and databases, and other network
   services.  Access to these resources is to be made widely available
   to scientists, other researchers, and support personnel located at
   remote sites over a variety of internetted connections.  Different
   modes of access must be supported that are consonant with the sorts
   of resources that are being accessed, the data bandwidths required
   and the type of interaction demanded by the application.

   Network protocol enhancements will be required to support this
   expansion in functionality; mere increases in bandwidth are not
   sufficient.  The number of end nodes to be connected is in the
   hundreds of thousands, driven by increasing use of microprocessors
   and workstations throughout the community.  Fundamentally different
   sorts of services from those now offered are anticipated, and dynamic



Leiner                                                         [Page 13]

RFC 1017          Requirements for Scientific Research       August 1987


   bandwidth selection and allocation will be required to support the
   different access modes.  Large-scale internet connections among
   several agency size internets will require new approaches to routing
   and naming paradigms.  All of this must be planned so as to
   facilitate transition to the ISO/OSI standards as these mature and
   robust implementations are placed in service and tuned for
   performance.

   Several specific areas are identified as being of critical importance
   in support of future network requirements, listed in no particular
   order:

      Standards and Interface Abstractions

         As more and different services are made available on these
         various networks it will become increasingly important to
         identify interface standards and suitable application
         abstractions to support remote resource access.  These
         abstractions may be applicable at several levels in the
         protocol hierarchy and can serve to enhance both applications
         functionality and portability.  Examples are transport or
         connection layer abstractions that support applications
         independence from lower level network realizations or interface
         abstractions that provide a data description language that can
         handle a full range of abstract data type definitions.
         Applications or connection level abstractions can provide means
         of bridging across different protocol suites as well as helping
         with protocol transition.

      OSI Transition and Enhancements

         Further evolution of the OSI network protocols and realization
         of large-scale networks so that some of the real protocol and
         tuning issues can be dealt with must be anticipated.  It is
         only when such networks have been created that these issues can
         be approached and resolved.  Type-of-service and Expressway
         routing and related routing issues must be resolved before a
         real transition can be contemplated.  Using the interface
         abstraction approach just described will allow definition now
         of applications that can transition as the lower layer networks
         are implemented.  Applications gateways and relay functions
         will be a part of this transition strategy, along with dual
         mode gateways and protocol translation layers.

      Processor Count Expansion

         Increases in the numbers of nodes and host sites and the
         expected growth in use of micro-computers, super-micro



Leiner                                                         [Page 14]

RFC 1017          Requirements for Scientific Research       August 1987


         workstations, and other modest cost but high power computing
         solutions will drive the development of different network and
         interconnect strategies as well as the infrastructure for
         managing this increased name space.  Hierarchical name
         management (as in domain based naming) and suitable transport
         layer realizations will be required to build networks that are
         robust and functional in the face of the anticipated
         expansions.

      Dynamic Binding of Names to Addresses