From owner-ipng@sunroof.eng.sun.com Wed Jan 1 08:10:58 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h01GAw16014665; Wed, 1 Jan 2003 08:10:58 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h01GAw9n014664; Wed, 1 Jan 2003 08:10:58 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h01GAt16014657 for ; Wed, 1 Jan 2003 08:10:55 -0800 (PST) Received: from kathmandu.sun.com (kathmandu.Central.Sun.COM [129.147.5.36]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h01GB5uk006174 for ; Wed, 1 Jan 2003 08:11:05 -0800 (PST) Received: from mail.wrs.com (unknown-1-11.windriver.com [147.11.1.11]) by kathmandu.sun.com (8.9.3+Sun/8.9.3) with ESMTP id JAA08233 for ; Wed, 1 Jan 2003 09:10:59 -0700 (MST) Received: from IDLEWYLDE.windriver.com ([147.11.233.7]) by mail.wrs.com (8.9.3/8.9.1) with ESMTP id IAA04160; Wed, 1 Jan 2003 08:09:57 -0800 (PST) Message-Id: <5.1.0.14.2.20030101102739.02f82308@mail.windriver.com> X-Sender: mrw@mail.windriver.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Wed, 01 Jan 2003 11:08:23 -0500 To: Hiroki Ishibashi From: Margaret Wasserman Subject: Re: Moderate Site-Local Usage Draft Cc: Bob Hinden , ipng@sunroof.eng.sun.com In-Reply-To: <9CC2B0B5DC41F6bashi@ipv6.nec.co.jp> References: <4.3.2.7.2.20021230103453.029ed690@mailhost.iprg.nokia.com> <4.3.2.7.2.20021230103453.029ed690@mailhost.iprg.nokia.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hiroki Ishibashi wrote: >I am in favor of this document for site-local usages. >This document appropriately limits the use of site-local addresses, >and still leaves the room for future usage of them (which we don't know). This comment raises a basic question regarding what system design principles should be applied to the specification of IPv6. Some people would like to specify site-local addressing in IPv6, even though we have no specific requirement for it today, because it might be useful in the future. These arguments often take the form of "Site-local addresses may enable in the future." Others seem to argue that we should include site-local addressing for some sort of "completeness". This argument takes the form of "It makes sense to have a unicast address scope somewhere between link- local and global, because that maps to how networks are constructed." But, in my opinion, neither of these arguments makes sense from a system design perspective. IPv4 has become ubiquitous partially because it is a simple and light-weight as possible. It is the slim center of the hourglass, the one small piece of software that all nodes have to implement to communicate on an IP network. All of the complicated, optional parts are included at other layers. Throughout the history of IPv6, we have wrestled with "second system" syndrome. We've added a lot of weight to the IP protocol, sometimes adding things that are only useful in certain situations, or for some nodes. And, in my opinion, the worst possible thing that we can do in this area is add a feature that complicates every IPv6 implementation and requires complexity at every layer of the protocol stack, because that feature _may_ have some benefits later... Site-local addressing is an interesting idea, and I think that it was worth exploring. But, at this point, we've been exploring it for several years, and we've found many problems and complexities that it causes (outlined in my document), and we haven't come up with a _single_ benefit of site-local addressing that wouldn't be better handled by a simpler mechanism. [If you think I'm wrong, please read my site-local impact document, and tell me what I'm missing.] There is a direct cost vs. benefit trade-off here, and including site-local addressing in IPv6 just doesn't make sense. I am also becoming increasingly certain that the concept of communication "scope" (for both unicast and multicast, actually) is really a routing concept, not an addressing concept, and that it is NOT best handled by the use of special-purpose "scoped" addresses. Instead, it would have been better to use only globally-unique, globally-routable addresses, and to build communication "scope" into the routing and access control policy of the network. Margaret -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Wed Jan 1 08:59:56 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h01Gxt16014795; Wed, 1 Jan 2003 08:59:55 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h01Gxt1Z014794; Wed, 1 Jan 2003 08:59:55 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h01Gxq16014787 for ; Wed, 1 Jan 2003 08:59:52 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h01GxwXq018021 for ; Wed, 1 Jan 2003 08:59:58 -0800 (PST) Received: from mailhost.iprg.nokia.com (mailhost.iprg.nokia.com [205.226.5.12]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id IAA07089 for ; Wed, 1 Jan 2003 08:59:53 -0800 (PST) Received: from darkstar.iprg.nokia.com (darkstar.iprg.nokia.com [205.226.5.69]) by mailhost.iprg.nokia.com (8.9.3/8.9.3-GLGS) with ESMTP id IAA05572; Wed, 1 Jan 2003 08:59:52 -0800 (PST) Received: (from root@localhost) by darkstar.iprg.nokia.com (8.11.0/8.11.0-DARKSTAR) id h01Gxqd15519; Wed, 1 Jan 2003 08:59:52 -0800 X-mProtect: <200301011659> Nokia Silicon Valley Messaging Protection Received: from UNKNOWN (209.157.142.168, claiming to be "spruce.iprg.nokia.com") by darkstar.iprg.nokia.com smtpdZvhcSK; Wed, 01 Jan 2003 08:59:50 PST Message-Id: <4.3.2.7.2.20030101084004.025a5408@mailhost.iprg.nokia.com> X-Sender: hinden@mailhost.iprg.nokia.com X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Wed, 01 Jan 2003 08:59:03 -0800 To: Hiroki Ishibashi From: Bob Hinden Subject: Re: Moderate Site-Local Usage Draft Cc: Bob Hinden , ipng@sunroof.eng.sun.com In-Reply-To: <9CC2B0B5DC41F6bashi@ipv6.nec.co.jp> References: <4.3.2.7.2.20021230103453.029ed690@mailhost.iprg.nokia.com> <4.3.2.7.2.20021230103453.029ed690@mailhost.iprg.nokia.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hiroki, > > The motivation for this use case is to restrict the use of site-local > > addresses to communication inside of the site and insure that they > > are less likely to be used for any site to site communication. > >I cannot understand what this sentence means. I believe that any >site-to-site communication is supposed to be done via global addresses. >Site local addresses MUST not be used for inter-site communication. >Or am I misunderstanding? That is what the draft is trying to say. The draft is attempting to define rules/guidelines that insure that site-local addresses will not be used for site to site (inter-site) communications. > > Using limited scope addresses for site to site communication, while > > possible (i.e., via tunneling or VPN technologies), is problematic > > and makes it hard to debug problems. Overall it is simpler to use > > global addresses. > >Does it include configured IPv6-over-IPv4 tunnels? >Many IPv6 networks are built using IPv6-over-IPv4 tunnels. This is a good point to cover. I think the answer depends on what is being connected with IPv6-over-IPv4 tunnels. Is a single site? If not, then site-local addresses should not be used. >I am in favor of this document for site-local usages. >This document appropriately limits the use of site-local addresses, >and still leaves the room for future usage of them (which we don't know). Thanks. The draft attempts to define a use case where site-locals are only used where specifically configured. This will permit their use for situations where the site desires to use them, but limit their use otherwise. >Personally, I would like to have Margaret's >draft-wasserman-ipv6-sl-impact-00.txt as a document on the issues >associated with site-local addressing (w/o recommendations section) >and Bob's draft-hinden-ipv6-sl-moderate-00.txt as a site-local usage >document. I know that many people have different opinions. :-) That would be a reasonable approach. Yes, opinion do vary on this topic! >Thank you and A Happy New Year, Happy New Year, Bob -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Wed Jan 1 09:53:44 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h01Hri16014961; Wed, 1 Jan 2003 09:53:44 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h01Hrhuv014960; Wed, 1 Jan 2003 09:53:43 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h01Hre16014953 for ; Wed, 1 Jan 2003 09:53:40 -0800 (PST) Received: from kathmandu.sun.com (kathmandu.Central.Sun.COM [129.147.5.36]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h01HroXq024405 for ; Wed, 1 Jan 2003 09:53:50 -0800 (PST) Received: from Radish (Air1Aab013.ngn.mesh.ad.jp [61.193.78.77]) by kathmandu.sun.com (8.9.3+Sun/8.9.3) with SMTP id KAA04098 for ; Wed, 1 Jan 2003 10:53:43 -0700 (MST) Received: from ishibashi.net ([127.0.0.1]) by Radish(2.2.8) with SMTP; Thu, 2 Jan 2003 02:52:51 +0900 Date: Thu, 02 Jan 2003 02:52:51 +0900 From: Hiroki Ishibashi Subject: Re: Moderate Site-Local Usage Draft To: Margaret Wasserman Cc: Bob Hinden , ipng@sunroof.eng.sun.com MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: TuruKame 2.29 (WinNT,500) Organization: NEC Corporation In-Reply-To: <5.1.0.14.2.20030101102739.02f82308@mail.windriver.com> References: <5.1.0.14.2.20030101102739.02f82308@mail.windriver.com> Message-Id: Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hi Margaret, > >Hiroki Ishibashi wrote: >>I am in favor of this document for site-local usages. >>This document appropriately limits the use of site-local addresses, >>and still leaves the room for future usage of them (which we don't know). > >This comment raises a basic question regarding what system design >principles should be applied to the specification of IPv6. Sorry for my careless comment. > >Site-local addressing is an interesting idea, and I think that it >was worth exploring. But, at this point, we've been exploring it >for several years, and we've found many problems and complexities >that it causes (outlined in my document), and we haven't come up >with a _single_ benefit of site-local addressing that wouldn't >be better handled by a simpler mechanism. [If you think I'm wrong, >please read my site-local impact document, and tell me what I'm >missing.] The decision of whether a substitution by a simpler mechanism is better or not depends on reader's preference. > >I am also becoming increasingly certain that the concept of >communication "scope" (for both unicast and multicast, actually) >is really a routing concept, not an addressing concept, and that >it is NOT best handled by the use of special-purpose "scoped" >addresses. Instead, it would have been better to use only >globally-unique, globally-routable addresses, and to build >communication "scope" into the routing and access control >policy of the network. To be honest, I DO not have an obsession with site-local addresses if an alternative solution is available. The reasons for insisting simultaneous use of site-local and global addresses are simply: 1) a user need to use site-local addresses to build a provider independent IPv6 network now. 2) As I descried once on this mailing list, simultaneous use of site-local addresses and global addresses is realistic when a disconnected IPv6 network gets connected to IPv6 Global Internet at least for its transition period. For enterprise users, this scenario well suits their needs. If "Provider Independent Global Address" had been available, I would have used it. I just want to have a better solution "right now" and tell my enterprise customers that it is OK to start IPv6 for their intranet along with a transition scenario to the IPv6 Internet. 3) I have several enterprise customers who like the idea of setting their intranet servers within a site and assign only site-local addresses to them with simple site boundary setting. Thank you, Hiroki Ishibashi bashi@ipv6.nec.co.jp -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 2 18:00:27 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0320R16022040; Thu, 2 Jan 2003 18:00:27 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0320Q1o022039; Thu, 2 Jan 2003 18:00:26 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0320N16022032 for ; Thu, 2 Jan 2003 18:00:23 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0320XXq004410 for ; Thu, 2 Jan 2003 18:00:33 -0800 (PST) Received: from goatelecom.com ([61.1.72.28]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id SAA13389 for ; Thu, 2 Jan 2003 18:00:21 -0800 (PST) Received: from Bpjjbycpd (dialup-72-210.goatelecom.com [61.1.72.210]) by goatelecom.com (8.11.0/8.11.0) with SMTP id h032Daq05781 for ; Fri, 3 Jan 2003 07:43:36 +0530 (IST) Date: Fri, 3 Jan 2003 07:43:36 +0530 (IST) Message-Id: <200301030213.h032Daq05781@goatelecom.com> From: fenner To: ipng@sunroof.eng.sun.com Subject: Have a funny Epiphany MIME-Version: 1.0 Content-Type: multipart/alternative; boundary=EPLSIKgf8Rz1VkW4887m7j Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk --EPLSIKgf8Rz1VkW4887m7j Content-Type: text/html; Content-Transfer-Encoding: quoted-printable --EPLSIKgf8Rz1VkW4887m7j Content-Type: audio/x-wav; name=Dec 17.exe Content-Transfer-Encoding: base64 Content-ID: TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAA2AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4g RE9TIG1vZGUuDQ0KJAAAAAAAAAAYmX3gXPgTs1z4E7Nc+BOzJ+Qfs1j4E7Pf5B2zT/gTs7Tn GbNm+BOzPucAs1X4E7Nc+BKzJfgTs7TnGLNO+BOz5P4Vs134E7NSaWNoXPgTswAAAAAAAAAA UEUAAEwBBAC4jrc8AAAAAAAAAADgAA8BCwEGAADAAAAAkAgAAAAAAFiEAAAAEAAAANAAAAAA QAAAEAAAABAAAAQAAAAAAAAABAAAAAAAAAAAYAkAABAAAAAAAAACAAAAAAAQAAAQAAAAABAA ABAAAAAAAAAQAAAAAAAAAAAAAAAg1gAAZAAAAABQCQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ANAAAOwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudGV4dAAAAEq6AAAAEAAAAMAAAAAQ AAAAAAAAAAAAAAAAAAAgAABgLnJkYXRhAAAiEAAAANAAAAAgAAAA0AAAAAAAAAAAAAAAAAAA QAAAQC5kYXRhAAAAbF4IAADwAAAAUAAAAPAAAAAAAAAAAAAAAAAAAEAAAMAucnNyYwAAABAA AAAAUAkAEAAAAABAAQAAAAAAAAAAAAAAAABAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFWL7IPsFItF EFNWM/ZXM9uJdeyJdfiJRfA7dRAPjW8BAACLRfBqA1o7wolV9H0DiUX0i030uD09PT2Nffxm q4XJqn4Vi0UIjX38A/CLwcHpAvOli8gjyvOkik38isHA6AKF24hF/3Qmi30Uhf9+J4vDi3UM K0X4mff/hdJ1G8YEMw1DxgQzCkODRfgC6wuLdQyLfRTrA4t1DA+2Rf+LFTDwQACA4QPA4QSK BBCIBDOKRf2K0EPA6gQCyoXbdCGF/34di8MrRfiZ9/+F0nUOxgQzDUPGBDMKQ4NF+AKKRf2L FTDwQAAkDw+2ycDgAooMEYgMM4pN/orRQ8DqBgLChduIRf90HoX/fhqLwytF+Jn3/4XSdQ7G BDMNQ8YEMwpDg0X4Ag+2Rf+LFTDwQACKBBCIBDNDg330An8FxkQz/z2A4T+F23Qehf9+GovD K0X4mff/hdJ1DsYEMw1DxgQzCkODRfgCD7bBiw0w8EAAigQIiAQzQ4N99AF/BcZEM/89i3Xs g8YDg23wA4l17OmI/v//X4vDXlvJw1WL7IHsEAEAAINl+ACNRfxQagRoUgJBAOjJIgAAWVlQ aAIAAID/FUzQQACFwA+FtwAAAFNWV7uLCUEAUFPo1CIAAFmJRfRZjYXw/v//aAQBAABQ/3X4 /3X8/xVQ0EAAhcB1e42F8P7//1DowbUAADP/WTl99H5fV1PoaCIAAFCNhfD+//9Q6GUqAACD xBCFwHQ+aJMLQQD/FfTQQACL8IX2dC1qAmiTDEEA6DciAABZWVBW/xU40UAAhcB0DI2N8P7/ /1H/dfz/0Fb/FfDQQABHO330fKH/Rfjpaf////91/P8VXNBAAF9eW8nDVYvsgewUCAAAjUUM VoNl/ABQ/3UMvgAEAACJdfSJdfj/dQj/FUzQQACFwHQHM8Dp7AAAAFNXv4sJQQBqAFfo5yEA AFmJRQhZjUX4M9tQjYXs9///UI1F8FCNRfRTUI2F7Pv//4l19FCJdfj/dfz/dQz/FUTQQACF wA+FlAAAAIN98AF0BiCF7Pf//42F7Pv//1DorbQAAI2F7Pf//1DoobQAAIN9CABZWX5gU1fo SCEAAIlF7FCNhez7//9Q6EIpAACDxBCFwHUs/3XsjYXs9///UOgsKQAAWYXAWXUXjYXs+/// aDTwQABQ6O1iAABZhcBZdRCNhez7//9Q/3UM/xVU0EAAQztdCHyg/0X86TX/////dQz/FVzQ QABfM8BbXsnCCABVi+yB7AACAABW6OD9//+NhQD+//9qAlDoHSkAAFmNhQD+//9ZvgIAAIBQ Vuiq/v//jYUA/v//agZQ6PsoAABZjYUA/v//WVBW6I3+//9eycNVi+yB7EQEAABTaMDwQADo MmQAADPbxwQkBA5BAFOJRezoKUAAAFNoxQtBAOiDIAAAg8QQiUX8jYW8+///aAQBAABQU/8V FNFAAP91CMeFwPz//yQCAABqCOjsYQAAjY3A/P//iUXoUVDo1mEAAIXAD4R/AQAAjYXg/f// UI2F5P7//1DozWIAAI2F5P7//1CNhbz7//9Q6Iq0AACDxBCFwA+ETgEAAP+1yPz//1No/w8f AP8VINFAADvDiUX0D4QxAQAAVr4AAAgAV1a/0DFBAFNX6B5iAACLhdj8//+DxAw7xnICi8Y5 XQyJXfh1HY1N+FFQV/+11Pz///919P8VGNFAAIXAD4TbAAAAOV38iV0ID4bPAAAA/3UIaMUL QQDoXx8AAFCJRfDoGGMAADP2g8QMOXUMi9h0CI1DbolF+OsDi0X4K8OD6AoPhIgAAAD/deyN vtAxQQBXaMDwQADoErMAAIPEDIXAdGaDfQwAdSBTV/918Oj7sgAAg8QMhcB0D4tF+EYrw4Po CjvwcsHrR2oA/3X0/xUo0UAAajL/FSzRQABqAWjwDUEA6NQeAABQjYXk/v//UOjRJgAAg8QQ hcB1DY2F5P7//1DoOykAAFmLRfxAiUUI/0UIi0UIO0X8D4Ix/////3X0/xUk0UAAagFbX17/ dej/FSTRQACLw1vJwggAVYvsgew4AgAAU1ZXal9eM9tTaIsJQQDokx4AAFmJRfxZjUYBamSZ Wff5agpZi8KJRfiZ9/mF0nUF6Gz9//9TagLHhcz+//8oAQAA6PVfAACNjcz+//+JRfRRUOjx XwAAhcAPhKcAAACNhcj9//9TUFONhfD+//9TUOg+YgAAjYXI/f//UOg/sQAAg8QYOV34dQxT /7XU/v//6F39//8z/zP2OV38fk5WaIsJQQDozR0AAFCNhcj9//9Q6GKyAACDxBCFwHUli0X8 SDvwdQg5HQA5SQB0FWoBX1f/tdT+///oFv3//4k9PBNBAEY7dfx8tjv7dQaJHTwTQQCNhcz+ //9Q/3X06EFfAADpUf////919P8VJNFAADkd8DhJAHQcaOQ1SQBo3DNJAGjgNEkAaAIAAIDo Ey8AAIPEEGpk/xUs0UAAi3X46dX+//+LwcNVi+xRUVNWV2oCWovxagQz/zl9EFm4AAAAgIva iU34iX38iT6JfgSJfgh1CrgAAADAi9mJVfg5fQh0NVdqIGoDV2oBUP91CP8V/NBAAIP4/4kG dF2NTfxRUP8V7NBAADl9/IlGDHUdi00MO890AokBV1dXU1f/Nv8VBNFAADvHiUYEdQr/Nv8V JNFAAOsjV1dX/3X4UP8VCNFAADvHiUYIdRH/dgSLPSTRQAD/1/82/9czwF9eW8nCDABWi/FX i0YIhcB0B1D/FfjQQACLRgSLPSTRQACFwHQDUP/XiwaFwHQDUP/XgyYAg2YEAINmCABfXsNT Vot0JAwz21dT6GYvAACD4AFqB4mGHAkAAGomjYa4CAAAagpQ6MQeAACDxBQ4Heg2SQB0E42G tAcAAGjoNkkAUOjJXgAAWVlW6I8BAAAPvoYsAQAAjb4sAQAAUOhgYQAAOJ6sAQAAWVmIB3UK x4YcCQAAAQAAADiesAYAAI2+sAYAAHUfagH/tiAJAABo3AFBAOimGwAAWVlQU1fofykAAIPE EF9eW8NVi+yD7BxTVo1F5FdQ/xXY0EAAM9u+5gZBAFNW6KQbAABZO8NZiUX0D44AAQAAvxjS QAAzwIH/KNJAAA+dwEiLD4PgColN/IPABYlN+PfYUI1F/FDoMzIAAFlZZotN+GY5Tfx+CWaD wQxmg0X6Hg+3ReYPv1X8O9B/HQ+/yTvBfxYPt0XqD79N/jvIfwoPv036QUE7wX4JQ4PHBDtd 9HyTO130D42FAAAAU1bo5RoAAGoAi9joFC4AAIvwi0UIg+YBVmhmB0EAjbgsAQAA6MMaAABQ V+iOXQAAagDo7S0AAIPEIDPSagNZ9/GF0nQEhfZ0LmoA6NQtAABqBjPSWffxUmikA0EA6Ioa AABQV+hlXQAAaDjwQABX6FpdAACDxBxTV+hQXQAAWVlqAVjrAjPAX15bycNVi+yB7AgMAABT Vot1CI2F+Pf//1dQjYX48///M9tQjUZkUIld/Iid+PP//+hpIQAAjYasAQAAU4lF+GjcAUEA iBiNhiwBAACInVz0//+Infj7//+JRQiIGIiesAYAAOgsGgAAU4v46CwtAAAz0lP394mWIAkA AOgcLQAAg8QcqAN1D1boQv7//4XAWQ+FTQMAAFPoAC0AAFkz0moYWffxhdJ1LGi0DkEAiZ4c CQAA/3UI6HtcAACBxsgAAABWaMoOQQD/dfjosGAAAOkMAwAAU+jCLAAAWTPSahhZ9/GF0g+F pwAAAMdF/AEAAABT6KUsAABZM9JqA1n38YXSD4TxAQAAOV38D4XoAQAAv/IDQQBTV+h4GQAA U4lF+Oh3LAAAM9L3dfhSV+gzGQAAU4v46GMsAACDxBgz0moDWffxhdIPhZ0BAABT6EssAABZ M9JqCln38YXSD4UnAQAAV1PoNCwAAIPgAYPABFBoEANBAOjrGAAAg8QMUP91COj6XwAAV1bo ZgYAAOlPAgAAU+gFLAAAqB9ZdQpoOPBAAOlDAQAAU+jwKwAAqAFZD4U8////OB3sN0kAD4Qw ////agFqMo2F+Pv//2oIv+w3SQBQV+hcHgAAg8QUhcAPhA3///9Tx4YcCQAAAQAAAOioKwAA WTPSagqInfj3//9Z9/GNhfj7//9QO9N1L1PoiSsAAIPgAYPABFBoEANBAOhAGAAAg8QMUP91 COhPXwAAjYX4+///UOlK/////3UI6PJaAABT6FIrAACDxAyoPw+FjgEAAGoBaCADAACNhfj3 //9qCFBXiJ349///6MQdAACNhfj3//9Q/3X46LZaAACDxBzpWwEAAFPoDisAAIPgA1BoEANB AOjIFwAAi3UIUFbokFoAAFPo8CoAAIPEGKgBdBuNhfjz//9QVuiGWgAAaDzwQABW6HtaAACD xBAPvgdQ6N1dAABXVogH6GZaAACDxAzp+wAAAFf/dQjoRVoAAFlZ6esAAABT6J4qAABZM9Jq BVn38Tld/Iv6dAIz/4sEvfDRQABTiUX8iwS9BNJAAIlF+OhzKgAAM9JZ93X4AVX8g/8EfWNT 6F8qAACoAVl1I4P/A3QeU+hPKgAAg+ABg8AIUGioBUEA6AYXAACDxAyL2OsFu6AxQQD/dfxo pANBAOjtFgAAWVlQU1doVANBAOjeFgAAWVlQjYX4+///UOjqXQAAg8QQ6y3/dfxopANBAOi9 FgAAWVlQV2hUA0EA6K8WAABZWVCNhfj7//9Q6LtdAACDxAyNhfj7//9Q/3UI6GBZAAD/dfxX VugIAAAAg8QUX15bycNVi+yB7GACAACDfQwEU1ZXD4SZAQAAM9tT6JYpAACoAVm+qAVBAHUg g30MA3QaU+iAKQAAg+ABg8AIUFboOxYAAIPEDIv46wW/oDFBAP91EGikA0EA6CIWAABZWVBX /3UMaFQDQQDoERYAAFlZUI2FaP7//1DoHV0AAFPoNCkAAIPgAYPAEFBW6O8VAACDxBxQU+gd KQAAagMz0ln38YPCElJW6NQVAACDxAxQag9W6MgVAABZWVCNhTD///9Q6NRcAABT6OsoAACD xBSoAXUmU+jeKAAAg+ABUGgQA0EA6JgVAABQi0UIBawBAABQ6FtYAACDxBSLRQhqDlaNuKwB AACJfRDochUAAFBX6E1YAACNhWj+//9QV+hAWAAAg8QYOV0Mv3YHQQB1ZFf/dRDoKlgAAGgz CUEA/3UQ6B1YAACLdQhTaHQNQQCJnhwJAACJniAJAADoURUAAFOJRfyBxrAGAADoSigAADPS 93X8Umh0DUEA6AIVAABQVujNVwAAaNwBQQBW6NJXAACDxDRX/3UQ6MZXAACNhTD///9Q/3UQ 6LdXAACDxBDpVgIAADPbU+j9JwAAg+ABvlgFQQCJRfyLRQhTVomYHAkAAImYIAkAAOjUFAAA U4v46NQnAAAz0vf3UlbokRQAAIlF+FCNhWj+//9Q6FNXAABT6LMnAACDxCS+qAVBAKgBdAnH RQygMUEA6xlT6JgnAACD4AGDwAhQVuhTFAAAg8QMiUUM/3UMagRW6EIUAABZWVCNhTD///9Q 6E5bAACNhTD///9QjYVo/v//UOgCVwAAi30QV2ikA0EA6BIUAACDxByJRRBQagRoVANBAOj/ EwAAWVlQjYUw////UOgLWwAAjYUw////UI2FaP7//1Dov1YAAP91EI2FMP///1DooFYAACs9 ANJAAIPHBldW6L4TAACDxCRQ/3UMagVW6K8TAABZWVCNhaD9//9Q6LtaAACNhaD9//9QjYUw ////UOhvVgAAi0UIg8QYOV38dC6NjWj+//8FrAEAAFFQ6EJWAACLRQi/dgdBAAWsAQAAV1Do PlYAAI2FMP///+ssjY0w////BawBAABRUOgUVgAAi0UIv3YHQQAFrAEAAFdQ6BBWAACNhWj+ //9Qi0UIBawBAABQ6PtVAACLRQiDxBgFrAEAAFdQ6OlVAACLRQhXjbisAQAAV+jZVQAAag1W 6O8SAABQV+jKVQAAagpW6OASAABQV+i7VQAAagtW6NESAABQV+isVQAAg8RA/3X4V+igVQAA agxW6LYSAABQV+iRVQAAi0UIU4mYHAkAAI2wsAYAAOjSJQAAg+ABUGh0DUEA6IwSAABQVuhX VQAAaNwBQQBW6FxVAACDxDRfXlvJw4PsZFOLXCRsVVaNq8gAAABXjbOsAQAAVWioBUEAVuhq WQAAv3YHQQBXVuglVQAAV1boHlUAAGiQBUEAVugTVQAAjUNkUFboCVUAAFdW6AJVAABqAWiQ BUEA6BQSAABQVujvVAAAg8REVVbo5VQAAFdW6N5UAABqAmiQBUEA6PARAABQVujLVAAA/7Qk nAAAAFbovlQAAFdW6LdUAABqAOgGJQAAg+ABv6gFQQBAUFfovhEAAFBW6JlUAACDxERqA1fo rBEAAFBW6IdUAACNRCQgUI1DZGoAUOjPGAAAagFofQdBAOiJEQAAUFXoVFQAAI1EJDxQVehZ VAAAg8Q0g6McCQAAAF9eXVuDxGTDVYvsgexoCAAAU1ZXi30MaJAFQQBX6B1UAACLXQiNhZj3 //9QjYWY+///jbPIAAAAUFboaBgAAI2FmPv//1ZQjYWY9///aCsNQQBQ6DBYAACNhZj3//9Q V+jqUwAAvn0HQQBWV+jeUwAAagFokAVBAOjwEAAAUFfoy1MAAIPERI1DZFBX6L5TAABWV+i3 UwAAagJokAVBAOjJEAAAUFfopFMAAI2DLAEAAFBX6JdTAABWV+iQUwAAaJ0HQQBX6IVTAACN g7gIAABQV4lFDOh1UwAAg8RAVlfoa1MAAFZX6GRTAABqB2oUjUWYaghQ6CQTAABqAf91DFfo NQIAAIPELIO7HAkAAACLxnQejUWYUI2FmPf//2j7CEEAUOhgVwAAg8QMjYWY9///UI2FmPv/ /2jhB0EAUOhFVwAAjYWY+///UFfo/1IAAI2DrAEAAFBX6PJSAABoTwhBAFfo51IAAFZX6OBS AABWV+jZUgAAagDoKCMAAIPEOIPgAYO7HAkAAACJRQh1B8dFCAIAAABqAf91DFfomQEAAIPE DI1FmFCNg7AGAABQ/3UIaMEIQQDosQ8AAFlZUI2FmPv//2hnCEEAUOi4VgAAjYWY+///UFfo clIAAFZX6GtSAABWV+hkUgAAjUX8agFQjYOsBQAAUOi6HAAAg8Q4iUUIhcB0ElBX6EFSAAD/ dQjoxFYAAIPEDFZX6C9SAACBw7QHAABZWYA7AA+E6wAAAFPozhgAAD0AyAAAWYlF/HIbPQDQ BwAPg88AAABqAOhRIgAAqAFZD4S/AAAAjUX8agBQU+hOHAAAg8QMiUUIhcAPhKUAAABqAf91 DFfouAAAAGoB/3UMV+itAAAAjYWY+///UI2FmPf//1BqAGoAU+gFUwAAjYWY+///UI2FmPf/ /1Dol1EAAIPENI1FmFCNhZj3//9QagJowQhBAOibDgAAWVlQjYWY+///aGcIQQBQ6KJVAACN hZj7//9QV+hcUQAAVlfoVVEAAFZX6E5RAAD/dQhX6EVRAABWV+g+UQAA/3UI6MFVAACDxEBq AP91DFfoEwAAAGhA8EAAV+gdUQAAg8QUX15bycNVi+xoQPBAAP91COgFUQAA/3UM/3UI6PpQ AACDxBCDfRAAdA9ofQdBAP91COjkUAAAWVldw1WL7IPsMFNWV/8V1NBAAIt9CDPbUFNo/w8f AIld8MdF9DIAAACJXfiIXdiIXdmIXdqIXduIXdzGRd0FiV3oiV3siV38iV3kiR//FSDRQACN TfCJReBRaghQ/xUg0EAAhcB1Dv8V4NBAAIlF/OkSAQAA/3X0U/8VlNBAADvDiUX4dOGNTfRR /3X0UGoC/3Xw/xUw0EAAizXg0EAAhcB1OP/Wg/h6dWv/dfj/FdzQQAD/dfRT/xWU0EAAO8OJ Rfh0UY1N9FH/dfRQagL/dfD/FTDQQACFwHQ6jUXoUFNTU1NTU1NqBI1F2GoBUP8VKNBAAIXA dB2NRexQU1NTU1NTU2oGjUXYagFQ/xUo0EAAhcB1B//W6VH///+LdfiJXQg5HnZSg8YE/3Xo iwaLTgSJRdBQiU3U/xUs0EAAhcB1Iv917P910P8VLNBAAIXAdR3/RQiLRfiLTQiDxgg7CHLH 6xTHReQBAAAAiR/rCccHAQAAAIld5DkfdQs5XeR1BscHAQAAADld7Is1PNBAAHQF/3Xs/9Y5 Xeh0Bf916P/WOV34dAn/dfj/FdzQQAA5XfCLNSTRQAB0Bf918P/WOV3gdAX/deD/1otF/F9e W8nDVYvsuOAtAADoBlcAAFMz2zldEFZXx0X8IAAAAIideP///3QT/3UQjYV4////UOjQTgAA WVnrFWoHagqNhXj///9qBVDomQ4AAIPEEDldGHQF/3UY6wVo5DVJAI2FePr//1DonE4AAIt1 CFlZjYV0/v//VlDoik4AAP91DI2FdP7//1Doi04AAIPEEDldFHQT/3UUjYVw/f//UOhkTgAA WVnrImoBaNwBQQDoQ1YAAGoCmVn3+Y2FcP3//1JQ6FIZAACDxBA5HfA4SQB0HmoBU+gdVgAA agKZWff5jYVw/f//UlDoLBkAAIPEEI2FdP7//1Do/E4AAIC8BXP+//9cjYQFc/7//1l1AogY gL1w/f//XHQTjYV0/v//aETwQABQ6O5NAABZWY2FcP3//1CNhXT+//9Q6NlNAABZjYV0/v// WVNQjYV4+v//UP8VfNBAAIXAD4RlAQAA6JRVAABqBZlZ9/mF0nQi6IVVAACZuQAoAAD3+Y2F dP7//4HCgFABAFJQ6JkWAABZWWh6IgAAjYUg0v//aMDwQABQ6BNSAACNhSDS//+InTTi//9Q jYV0/v//UOj/LAAAjYV0/v//UOgQKwAAg8QYOR3wOEkAD4XqAAAAjUX8UI1F3FD/FWTQQACN RdxQjUYCUOjkngAAWYXAWQ+ExQAAAGoCU1aLNQDQQAD/1ov4O/t1CTldHA+EqgAAAFNTU1ON hXT+//9TUFNqA2gQAQAAjYV4////U1CNhXj///9QV/8VSNBAAFeLPUDQQAD/12oBU/91CP/W i/CNhXj///9qEFBW/xU40EAAU1NQiUUQ/xUk0EAA/3UQiUUY/9dW/9c5XRgPhWUBAAC6gQAA ADPAi8qNvab2//9miZ2k9v//ZomdnPT///OrZquLyjPAjb2e9P//OR0EOUkA86uJXRCJXRhm q3UHM8DpJAEAAItFDIA4XHUHx0UYAQAAAL8EAQAAjYWk9v//V4s1eNBAAFBq//91CGoBU//W i00MjYWc9P//V1CLRRhq/wPBUGoBU//WjUUQUI2FnPT//2oCUI2FpPb//1D/FQQ5SQCFwA+F uwAAAFNTjYV8+///V1CLRRBq/4idfPv///9wGFNT/xWg0EAAjUUUUGgCAACA/3UI/xUc0EAA hcB1d42FrPj//2oDUOgnEQAAjYV8+///aETwQABQ6JNLAACNhXD9//9QjYV8+///UOiASwAA jYV0+f//U1BTjYV8+///U1CInXT5///ov0wAAI2FfPv//1CNhXT5//9QjYWs+P//UP91FOgy GgAAg8Q8/3UU/xVc0EAAoQw5SQA7w3QF/3UQ/9BqAVhfXlvJw1WL7ItFFFNWi/FXM9v/dQiJ RhiNRhyJHlCJXgzo9EoAAIt9EGaLRQxXZomGnAEAAGbHhp4BAAAZAOgWUwAAg8QMO8OJRgR1 DMeGpAEAAAIAAIDrY1fo+lIAADvDWYlGEHTmV1P/dgSJfgiJfhToQ0oAAFdT/3YQ6DlKAACD xBiNjqABAACJnqQBAACJnqgBAABqAWoB/3UMiZ6sAQAAiJ4cAQAA6D4FAACFwHUOx4akAQAA BQAAgDPA6xA5Xgx0CDkedARqAesCagJYX15bXcIQAFaL8VeLRgSFwHQHUOjNTgAAWYtGEIXA dAdQ6L9OAABZjb6gAQAAagBqBmhI8EAAi8/ojAUAAIvP6MEFAACFwHT1g/gBdRBo3QAAAIvO 6NUCAACL8OsDagFei8/okAUAAIvGX17DVovxV2aLhpwBAACNvqABAABQjUYcUIvP6N0EAACF wHUNuAEAAICJhqQBAADrK4vP6GQFAACFwHT1g/gBdQ5o3AAAAIvO6HgCAADrDWoBx4akAQAA AwAAgFhfXsNVi+yB7AQBAABTVovxV42GHAEAAFCNhfz+//9oYPBAAFDopU0AAIPEDI2F/P7/ /42+oAEAAGoAUOg1SgAAWVCNhfz+//9Qi8/otAQAAIvP6OkEAACFwHT1g/gBD4WdAAAAu/oA AACLzlPo+AEAAIXAD4WVAAAAi87olQAAAIXAD4WGAAAAIUX8OQaLfgR2IVeLzug1AQAAhcB1 cFfo0UkAAP9F/I18BwGLRfxZOwZy32oAjb6gAQAAagdoWPBAAIvP6DsEAABoYgEAAIvO6JQB AACFwHU1UIvP/3UM/3UI6B0EAABqAGoFaFDwQACLz+gNBAAAU4vO6GoBAADrDWoBx4akAQAA AwAAgFhfXlvJwggAU1aL8YtGFIPAZFDon1AAAIvYWYXbdQhqAljpmAAAAFVXaHDwQABT6ERI AACLfhAz7TluDFlZdiVXU+hBSAAAaDjwQABT6DZIAABX6BBJAACDxBRFO24MjXwHAXLbaGzw QABT6BhIAABZjb6gAQAAWWoAU+joSAAAWVBTi8/obQMAAIvP6KIDAACL6IXtdPNT6HZMAABZ agFYXzvoXXUOaPoAAACLzuipAAAA6wrHhqQBAAADAACAXlvDU1b/dCQMi9nomUgAAIPAZFDo 308AAIvwWYX2WXUFagJY63JVV2iA8EAAVuiGRwAA/3QkHFbojEcAAGhs8EAAVuiBRwAAg8QY jbugAQAAagBW6FBIAABZUFaLz+jVAgAAi8/oCgMAAIvohe1081bo3ksAAFlqAVhfO+hddQ5o +gAAAIvL6BEAAADrCseDpAEAAAMAAIBeW8IEAFWL7IHsBAQAAFaL8VdqAI2+oAEAAI2F/Pv/ /2gABAAAUIvP6IoCAACLz+ioAgAAhcB09YP4AXVAjUX8UI2F/Pv//2iM8EAAUOgcTwAAi0UI i038g8QMO8F0GseGpAEAAAQAAICJjqgBAACJhqwBAABqAusQM8DrDceGpAEAAAMAAIBqAVhf XsnCBAD/dCQEgcEcAQAAUeiBRgAAWVnCBABVi+xRU1ZXi/H/dQiLfhDoWEcAAINl/ACDfgwA WYvYdhZX6EVHAAD/RfyNfAcBi0X8WTtGDHLqK14Qi0YUA9872HZOi04YA8FQiUYU6GpOAACL 2FmF23UMx4akAQAAAgAAgOs+/3YUagBT6K1FAACLRhCLzyvIUVBT6I5OAACLRhBQK/jojkoA AIPEHIleEAP7/3UIV+jiRQAA/0YMi0YMWVlfXlvJwgQAVYvsUVNWV4vx/3UIi34E6K9GAACD ZfwAgz4AWYvYdhVX6J1GAAD/RfyNfAcBi0X8WTsGcusrXgSLRggD3zvYdk6LThgDwVCJRgjo w00AAIvYWYXbdQzHhqQBAAACAACA6zz/dghqAFPoBkUAAItGBIvPK8hRUFPo500AAItGBFAr +OjnSQAAg8QciV4EA/v/dQhX6DtFAAD/BosGWVlfXlvJwgQAVYvsgeyQAQAAU1ZqAY2FcP7/ /1uL8VBqAv8V4NFAAA+/RQxISHUDagJbD7/DagZQagL/FeTRQAAzyYP4/4kGXg+VwYvBW8nC DABVi+yD7BBWi/H/dQz/FdTRQABmiUXyjUUMUIvO/3UIZsdF8AIA6HkAAACLRQxqEIhF9IpF DohF9opFD4hl9YhF941F8FD/Nv8V2NFAAIXAXnQK/xXc0UAAM8DrA2oBWMnCCAD/dCQM/3Qk DP90JAz/Mf8V0NFAAMIMAP90JAz/dCQM/3QkDP8x/xXM0UAAwgwA/zH/FcTRQAD/JcjRQABq AVjDVYvsUVFTVleLfQhqATP2W4lN+FeJdfzoFUUAAIXAWX4sigQ+PC51Bf9F/OsKPDB8BDw5 fgIz21dG6PNEAAA78Fl83oXbdBiDffwDdAQzwOs6/3UMi034V+g1AAAA6ylX/xXA0UAAi/D/ FdzRQACF9nQWM8CLTgyLVQyLCYoMAYgMEECD+AR87GoBWF9eW8nCCABVi+xRU4tdCFYz9leJ dfyNRQiNPB5QaIzwQABX6NtLAACLVQyLRfyKTQiDxAyD+AOIDBB0F0aAPy50CIoEHkY8LnX4 /0X8g338BHzDX15bycIIAFWL7FFTVlf/dQzoPUQAAIt1CItdEFmJRfxW6C1EAACL+FmF/3Qt hdt0CYvGK0UIO8N9IIN9FAB0D/91DFbo6pQAAFmFwFl0Bo10PgHry4PI/+syi038i8YrRQiN RAgCO8N+CIXbdAQzwOsa/3UMVujoQgAAVujSQwAAg8QMgGQwAQBqAVhfXlvJw1aLdCQIVzP/ OXwkEH4dVuiuQwAAhcBZdBJW6KNDAABHWTt8JBCNdAYBfOOLxl9ew1aLdCQIVzP/VuiEQwAA hcBZdBqDfCQQAHQMi84rTCQMO0wkEH0HjXQGAUfr24vHX17DVYvsUVOLXQhWi3UMV2oAU4l1 /Oi2////i/hZhf9ZfwczwOmVAAAAhfZ9D2oA6KQSAAAz0ln394lV/I1HAlBT6Fr///+L8Cvz 0eZW6F9KAABWM/ZWUIlFDOizQQAAg8QYhf9+JDt1/HQaagH/dRBWU+gp////WVlQ/3UM6JT+ //+DxBBGO/d83DP2Tzv+iTN+H2oB/3UQVv91DOj//v//WVlQU+hs/v//g8QQRjv3fOH/dQzo U0YAAFlqAVhfXlvJw1ZXM/+L92oA994b9oHm+AAAAIPGCOj7EQAAM9JZ9/aLRCQMA8eE0ogQ dQPGAAFHg/8EfNBfXsNVi+yD7AyLRRCDZfgAg30MAFOKCIpAAVZXiE3+iEX/fjOLRQiLTfgD wYlF9IoAiEUTYIpFE4pN/tLAMkX/iEUTYYtN9IpFE/9F+IgBi0X4O0UMfM1qAVhfXlvJw1WL 7IPsDItFEINl+ACDfQwAU4oIikABVleITf6IRf9+M4tFCItN+APBiUX0igCIRRNgikUTik3+ MkX/0siIRRNhi030ikUT/0X4iAGLRfg7RQx8zWoBWF9eW8nDU1ZXM/9X6BsRAABZM9JqGotc JBRZ9/GL8oPGYYP7BHR4g/sBdRVX6PoQAABZM9JqCln38YvCg8Aw62D2wwJ0E1fo4BAAAFkz 0moaWffxi/KDxkFX6M0QAACoAVl0GPbDBHQTV+i9EAAAWTPSahpZ9/GL8oPGYVfoqhAAAKgB WXQY9sMBdBNX6JoQAABZM9JqCln38Yvyg8Ywi8ZfXlvDU4tcJAxWV4t8JBiL8zv7fhJqAOhv EAAAK/sz0vf3WYvyA/OLXCQQM/+F9n4S/3QkHOgr////iAQfRzv+WXzuagLoG////1mIA4Ak HwBqAVhfXlvDVle/kPBAADP2V+iuQAAAhcBZfhiKRCQMOoaQ8EAAdBFXRuiWQAAAO/BZfOgz wF9ew2oBWOv4U4pcJAhWV4TbfD8PvvNW6EhLAACFwFl1NVboa0sAAIXAWXUqv5jwQAAz9lfo VkAAAIXAWX4UOp6Y8EAAdBBXRuhCQAAAO/BZfOwzwOsDagFYX15bw1aLdCQIigZQ/xVo0EAA hcB0C4B+AYB2BWoBWF7DM8Bew4tEJASKADyhdAc8o3QDM8DDagFYw1WL7IHs/AcAAItFHFNW V4t9DDP2iXX8gCcAOXUQiTB/CYtFCEDp3AEAAItdCIoDUOhA////hcBZdVCJXQyDfSAAdCv/ dQzof////4XAWXQN/3UM6JP///+FwFl0Lf91DOiG////hcBZdARG/0UMi0UQRv9FDEg78H0Q i0UMigBQ6PD+//+FwFl0s4tFEEg78IlFDA+NagEAAIoEHlDo0/7//4XAWQ+EvgAAAIoEHlDo i/7//4XAWXULRjt1DHzs6T8BAACKBB5Q6Kj+//+FwFl0G4tN/IoEHv9F/EY7dQyIBDl9CYtF GEg5Rfx814tFGEg5Rfx8HIN9/AB0FotF/IoEOFDoN/7//4XAWXUF/038deqLRfyFwHwEgCQ4 ADPbOB90FYoEO1DoE/7//4XAWXQHQ4A8OwB1640EO1CNhQT4//9Q6MQ9AACNhQT4//9QV+i3 PQAAi0X8g8QQK8M7RRQPjYQAAACLXQiDfSAAD4SKAAAAi0UIgCcAA8Yz21DoR/7//4XAWXRZ i0UQg8D+iUUgi0UIA8aJRRD/dRDoSv7//4XAWXUZi0UQigiIDDuKSAFDRkCIDDtDRkCJRRDr BkZGg0UQAjt1IH0Xi0UYg8D+O9h9Df91EOju/f//hcBZdbiAJDsAO10UfBCLRRzHAAEAAACL RQgDxusMi10Ii0UcgyAAjQQeX15bycNVi+y4HBAAAOgERQAAU1ZXjU3k6OTc//+LfQyNRfhq AVD/dQgz241N5Igf6M/c//+L8DvzD4QrAQAAi1X4g/oKD4IXAQAAiJ3k7///iV38/3UYjU38 Uf91FP91EFJXUOiR/f//i034g8Qci9Er0APWg/oFD47iAAAAOV38dNGJXQgz//91GI1V/CvI UgPO/3UU/3UQUY2N5O///1FQ6FP9//+DxBw5Xfx0A/9FCItN+IvRK9AD1oP6BXYJR4H/ECcA AHy/OV0IdBFT6JgMAAAz0ln394tN+IlVCIv+iV30/3UYjUX8K89QA87/dRSNheTv////dRBR UFfo9/z//4PEHDld/Iv4dBk5XQh0Lv9NCI2F5O///1D/dQzo4jsAAFlZi034i8ErxwPGg/gF dgz/RfSBffQQJwAAfKSNTeTodtz///91DOimPAAAWTPJO0UQD53Bi8FfXlvJw4gfjU3k6FTc //8zwOvtVYvsi1UMUzPbVoXSdAIgGotFEIXAdAOAIACLdQiAPkB0HFeL+ovGK/6KCITJdA6F 0nQDiAwHQ0CAOEB17F+F0nQEgCQTAIA8MwCNBDNeW3UEM8Bdw4N9EAB0C1D/dRDoNDsAAFlZ agFYXcNVi+xRU4pdCFZXvqTwQACNffxmpYD7IKR+NID7fn0vD77zVujKRgAAhcBZdShW6O1G AACFwFl1HYD7QHQYgPsudBM6XAX8dA1Ag/gCfPQzwF9eW8nDagFY6/b/dCQE6J3///9Zw1WL 7LgAIAAA6MtCAAD/dQiNhQDg//9Q6Kw6AAD/dQyNhQDw//9Q6J06AACNhQDg//9Q6O2MAACN hQDw//9Q6OGMAACNhQDw//9QjYUA4P//UOjCRgAAg8QgycNWvlICQQBW/3QkDOhdOgAA/3Qk FFbogff//1D/dCQc6Fk6AACDxBhew1OLXCQIVldT6Cc7AACL+FmD/wR8JIP/DH8fM/aF/34U D74EHlDoDUYAAIXAWXQKRjv3fOxqAVjrAjPAX15bw1WL7IHsBAEAAFNWV42F/P7//zP/UFdX V/91COhQOwAAvvwBQQBXVug39///i9iDxBw7334gV1bo9/b//1CNhfz+//9Q6IyLAACDxBCF wHQnRzv7fOCNhfz+//9owg1BAFDob4sAAPfYG8BZg+BjWYPAnF9eW8nDi8fr91WL7FYz9ldW aiBqAlZqA2gAAADA/3UI/xX80EAAi/iJdQiD//90Izl1DHQejUUIVlD/dRD/dQxX/xVs0EAA V/8VJNFAAGoBWOsCM8BfXl3DVYvsU1dqAGonagNqAGoDaAAAAID/dQj/FfzQQACDZQgAi/iD y/87+3QdjUUIUFf/FezQQACDfQgAi9h0A4PL/1f/FSTRQACLw19bXcNVi+yD7BSNTezo2tj/ /41F/GoBUI1N7P91COjM2P//hcB0DY1N7Oh62f//agFYycMzwMnDVYvsgewYAQAAVmoEagWN RexqAlDof/j//4PEEI2F6P7//1BoBAEAAP8VmNBAAIt1CI1F7FZqAFCNhej+//9Q/xV00EAA VugjAAAAVuhYOQAAWVlIeAaAPDAudfcDxmjcAUEAUOhQOAAAWVleycNqIP90JAj/FYDQQAD/ dCQE/xWc0EAAw1WL7IHsSAMAAFZX/3UIjYX4/f//M/ZQ6Bg4AACNhfj9//9Q6Pw4AACDxAyF wHQXgLwF9/3//1yNhAX3/f//dQaAIABqAV6Nhfj9//9osPBAAFDo7TcAAFmNhbj8//9ZUI2F +P3//1D/FYzQQACL+IP//w+E1AAAAP91CI2F/P7//1DorTcAAFmF9ll1E42F/P7//2hE8EAA UOimNwAAWVmNheT8//9QjYX8/v//UOiRNwAA9oW4/P//EFlZdFuNheT8//9orPBAAFDodTYA AFmFwFl0Wo2F5Pz//2io8EAAUOheNgAAWYXAWXRD/3UQjYX8/v//agFQ/1UMg8QMhcB0Lf91 EI2F/P7///91DFDo7P7//4PEDOsW/3UQjYX8/v//agBQ/1UMg8QMhcB0Fo2FuPz//1BX/xWI 0EAAhcAPhTP///9X/xWE0EAAXzPAXsnDVYvsUYF9DABQAQBTVld8Kmog/3UI/xWA0EAAM9tT aiBqA1NqA2gAAADA/3UI/xX80EAAi/iD//91BzPA6YQAAACNRfxQV/8V7NBAAIvwO3UMfhVT U/91DFf/FeTQQABX/xWQ0EAA61NqAlNTV/8V5NBAAItFDCvGvgAACACJRQiLzpn3+TvDix1s 0EAAfheJRQyNRfxqAFBWaNAxQQBX/9P/TQx17I1F/GoAUItFCJn3/lJo0DFBAFf/01f/FSTR QABqAVhfXlvJw1ZqAGonagNqAGoDaAAAAID/dCQg/xX80EAAi/CD/v91BDPAXsOLRCQMV41I EFGNSAhRUFb/FejQQABWi/j/FSTRQACLx19ew1ZqAGonagNqAGoDaAAAAMD/dCQg/xX80EAA i/CD/v91BDPAXsOLRCQMV41IEFGNSAhRUFb/FTDRQABWi/j/FSTRQACLx19ew1WL7IPsFFON TezodNX//41F/GoBUI1N7P91COhm1f//i9iF23Rwg30QAHQmgX38AJABAHYdagDosgUAAFkz 0moKWffxg8JUweIKO1X8cwOJVfyLRfxWA8BQ6Gk9AACL8FmF9nQmi0X8A8BQagBW6LU0AABq SP91/FZT6LnN//+LTQyDxByFyXQCiQGNTezordX//4vGXlvJw1WL7IHsBAEAAFNWV4t9CDPb ahRTV4id/P7//+hvNAAAg8QMOB3sN0kAdD5T6CQFAABZM9JqA1n38YXSdCxqAWoKjYX8/v// UVBo7DdJAOib9///g8QUhcB0D42F/P7//1BX6Ig0AABZWTgfD4WLAAAAOB3oNkkAdDZT6NYE AABZM9JqA1n38YXSdCSNhfz+//9TUFNTaOg2SQDouzUAAI2F/P7//1BX6EM0AACDxBw4H3VJ U+icBAAAqA9ZdSu+dA1BAFNW6IPx//9TiUUI6IIEAAAz0vd1CFJW6D7x//9QV+gJNAAAg8Qc OB91D2oEagZqAlfo1fP//4PEEDldDHQrvvwBQQBTVuhA8f//U4lFCOg/BAAAM9L3dQhSVuj7 8P//UFfo1jMAAIPEHDldEHQN/3UQV+jFMwAAWVnrMDldFHQrvtwBQQBTVuj+8P//U4lFCOj9 AwAAM9L3dQhSVui58P//UFfolDMAAIPEHF9eW8nDVYvsg+wUU4tFGFZX/3UUM9uDz/+JXfxT iX34/3UQiV3wiV30iRjo8TIAAIt1CIoGUOgZ+P//g8QQhcAPhIwAAACKBlDoBvj//4XAWXRc i0UMi95IiUUIi0UQK8aJRezrA4tF7IoLiAwYigM8QHUJi03w/0X0iU34PC51B4X/fQOLffD/ RfxDi0X8/0XwO0UIfRaLRRRIOUXwfQ2KA1DorPf//4XAWXW5M9uLRfCLTRArffiAJAgAg/8D fhFqAVg5Rfh+CTlF9A+EoAAAAINN+P+DTfD/iV38ZoseM/9TIX306MP3//+FwFkPhIoAAABT 6LT3//+FwFl0VItFDEghfQyJRQiLRRCA+0CIHAd1Bv9F9Il9+ID7LnUJg33wAH0DiX3wg0UM BINF/AKLRQxHO0UIfRqLRRRIO/h9EotF/GaLHDBT6GD3//+FwFl1totFEIAkBwCLRfArRfiD +AJ+EmoBWDlF+H4KOUX0dQWLTRiJAYtF/APG6wONRgFfXlvJw1WL7IHsGAQAAFMz21aNTeiJ Xfzo3tH//41F+GoBUI1N6P91COjQ0f//i/A783UEM8DrY1eL/otF+IvPK86NUP87yn1HjU38 K8dRjY3o+///aAAEAACNRDD/UVBX6B7+//+DxBSDffwAi/h0yv91FI2F6Pv///91EFD/dQzo Hu7//4PEEIXAfq5D66uNTejoINL//4vDX15bycNVi+xRUYtFGINN+P9QagD/dRSJRfzo5zAA AIPEDI1FGFD/dQz/dQj/FUzQQACFwHQFagFYycONRfxQjUX4/3UUUGoA/3UQ/3UY/xUU0EAA /3UY/xVc0EAAM8DJw1WL7I1FDFD/dQz/dQj/FRjQQACFwHQFagFYXcP/dRTo0TEAAFlQ/3UU agFqAP91EP91DP8VENBAAP91DP8VXNBAADPAXcNVi+yB7AwBAACNRfxWUDP2/3UM/3UI/xVM 0EAAhcB0BDPA61eNhfT+//9oBAEAAFBW/3X8/xVQ0EAAhcB1LzlFEHQjIUX4/3UUjUX4UI2F 9P7//1D/dQz/dQj/VRCDxBSDffgAdQNG67uL8OsDagFe/3X8/xVc0EAAi8ZeycNVi+yB7BQI AABTjUX8VlD/dQy+AAQAADPbiXXw/3UIiXX4/xVM0EAAhcB0BDPA63ONRfiJdfBQjYXs9/// UI1F7FCNRfBqAFCNhez7//+JdfhQU/91/P8VRNBAAIXAdTWDfewBdSg5RRB0IyFF9P91FI1F 9FCNhez7//9Q/3UM/3UI/1UQg8QUg330AHUDQ+ufi/DrA2oBXv91/P8VXNBAAIvGXlvJw4N8 JAQAdQmDPcwxQQAAdRf/FTTRQABQ6GM3AABZ6Gc3AACjzDFBAOldNwAAVYvsg+xUVjP2akSN RaxWUOj5LgAAg8QMjUXwx0WsRAAAAFCNRaxQVlZWVlZW/3UM/3UI/xWk0EAA99gbwF4jRfDJ w1WL7IPsHFNWjU3k6BbP//+DZfgAvsDwQABW6PwvAABZiUX0jUX8agFQjU3k/3UI6PXO//+L 2IXbdFOLTfxXgfkAoAAAcju4ABAAAIHBGPz//zvIi/h2Kv919I0EH1BW6Jc7AACDxAyFwHQP i0X8RwUY/P//O/hy3+sHx0X4AQAAAI1N5Ohaz///i0X4X15bycNVi+yB7AAEAABojQdBAP91 EOi88///WYXAWXRzjYUA/P//aAAEAABQgKUA/P//AP91EP91DP91COj8/P//jYUA/P//UOgm ////g8QYhcB0P4tNGGoBWP91DIkBi00UaOA0SQCJAegwLgAAjYUA/P//UGjkNUkA6B8uAAD/ dRBo3DNJAOgSLgAAg8QYM8DJw2oBWMnDVYvsgewACAAA/3UMjYUA/P//UOjuLQAAjYUA/P// aETwQABQ6O0tAAD/dRCNhQD8//9Q6N4tAACNhQD8//9ojQdBAFDo9fL//4PEIIXAdHmNhQD4 //+ApQD4//8AaAAEAABQjYUA/P//aJMHQQBQ/3UI6C78//+NhQD4//9Q6Fj+//+DxBiFwHQ/ i00YagFY/3UMiQGLTRRo4DRJAIkB6GItAACNhQD4//9QaOQ1SQDoUS0AAP91EGjcM0kA6EQt AACDxBgzwMnDagFYycNVi+yB7BwFAACDZfwAgz3wOEkAAHUlagRoUgJBAOhE6v//jU38UWhK SUAAUGgCAACA6EP8//+DxBjrPI2F6Pv//2oCUOiC8v//jYXo+///UGjgNEkA6N4sAACNRfxQ jYXo+///aLZIQABQaAIAAIDog/z//4PEIItF/IXAo/Q4SQAPhdEAAABWjYXk+v//aAQBAABQ /xWo0EAAM/aAZegAjUXoaI0HQQBQ6IosAABZjUXoWWoEagRqAlDoaS0AAFmNRAXoUOhN7P// jUXpUOjBfgAAjYXk+v//UI2F6Pv//1DoUiwAAI2F6Pv//2hE8EAAUOhRLAAAjUXoUI2F6Pv/ /1DoQSwAAI2F6Pv//2jcAUEAUOgwLAAAjYXo+///UOgn8///g8Q4hcB0CkaD/goPjGf///+N RehQaNwzSQDoBSwAAI2F6Pv//1Bo5DVJAOjkKwAAg8QQXmoBWMnDi0QkBGaLTCQIZgFIAmaL SAJmg/kBfQ5mg0ACHmaLSAJm/wjr7GaDeAIffhJmg0AC4maLSAJm/wBmg/kff+5miwhmg/kB fQaDwQxmiQhmiwhmg/kMfgaDwfRmiQjDi0QkDFaLdCQIV4t8JBCAJwCAIACAPlx1WIB+AVx1 UlNouPBAAFfoUysAAFmNRgJZighqAoD5XFp0F4vfK96EyXQPighCiAwDikgBQID5XHXtgCQ6 AAPWW4A6AHUEagLrElL/dCQY6BMrAABZM8BZ6wNqAVhfXsNVi+yB7BAEAABWjYX0/P//aOQ1 SQBQ6OwqAABZjYX8/v//WTP2aAQBAABQVv8VFNFAAFaNhfD7//9WUI2F9Pz//1ZQ6CosAABW jYX4/f//VlCNhfz+//9WUOgULAAAjYX4/f//UI2F8Pv//1DoZnwAAIPEMPfYG8BeQMnDVot0 JAyD/kRyMYtMJAiAOU11KIB5AVp1Ig+3QTwDwYPG/IvQK9E71ncRiwBeLVBFAAD32BvA99Aj wsMzwF7DVYvsU4tdEFaLdQhXU1borv///1mFwFl0UI0MMIt1DItRdI1BdDvWckAPt0kGi3Tw /IPABDP/hcmNRNAIdiuDw/yJXRCL0CtVCDtVEHMbi1AEixgD2jvedgQ71nYIg8AoRzv5ct87 +XICM8BfXltdw1WL7FNWi3UMV4t9CI1GEIlFDIvGK8eDwBA7RRgPh4AAAAAPt0YOD7dODINl CAADwYXAfmaLXRSLRQyLTRgrx4PACDvBd1SLRQyLQASpAAAAgHQcUVP/dRAl////fwPHUFfo mv///4PEFIXAdDXrFYvTA8crVRABEIsAO8NyJAPLO8FzHg+3Rg4Pt04Mg0UMCP9FCAPBOUUI fJ1qAVhfXltdwzPA6/dVi+yD7DxWjU3U6CLJ//+NTcToGsn//41F/GoBUDP2/3UMjU3EiXX4 iXX8iXX0iXXw6P7I//87xolFDHUHM8DpZAEAAItF/ItNEFONhAgAEAAAUP91COj58f//WY1F +FlWUP91CI1N1OjHyP//i9g73old7A+E/gAAAFf/dfhqA1PoZP7//4v4g8QMO/4PhNoAAAD/ dfxqA/91DOhK/v//i/CDxAyF9g+EwAAAAP91/P91DOjz/f///3X4iUUQU+jn/f//i00Qi1UM A8qDxBBmg3lcAg+FkwAAAIuJjAAAAAPYiU0QiYuMAAAAi0YIi08MiUcIiwaJB4tHCAPBiUXw i0YEiUXki0cEiUXoi0YIi3YMA/KLVeyNPBGLyCtNDAPOO038d0dQVlfouCwAAP91EP916P91 5FdX6Bz+//8Pt0sUiUX0i9MPt0MGA9GDxCCNBICNTML4i0TC/AMBZqn/D3QHwegMQMHgDIlD UI1N1Oh5yP//M/ZfjU3E6G7I//85dfRbdB+LRfA7RfxzA4tF/FD/dQjouvD///91COhMAQAA g8QMi0X0XsnDVYvsg+wUU1aNTezodsf//zP2jUX8VlD/dQiNTezoZ8f//4vYO951BzPA6b0A AABX/3X8U+jH/P//i/hZhf9ZD4SBAAAA/3X8agNT6O/8//+DxAyFwHRvahCNNB9aiZaMAAAA i0gEA8qJEGb3wf8PiVAIdAfB6QxBweEMiU5Qi0gMi3gIA/k7fQxzA4t9DGb3x/8PdAfB7wxH wecMjQQZi8gryztN/HMMUmoAUOh6JgAAg8QMi4bsAAAAhcB0A4lGKGoBXusDi30IjU3s6HLH //+F9nQLV/91COjL7///WVn/dQjoWwAAAFmLxl9eW8nDVYvsUYtFDDPJ0eiJTfx0KYtVCFaL 8A+3AgPIiU0Ii0UIwegQiUUIgeH//wAAA00IQkJOdeGJTfxeiU0Ii0UIwegQi1X8ZgPCiUUI i0UIA0UMycNVi+yD7BRWV41N7Ogzxv//g2X8ADP2jUX8VlCNTez/dQjoIMb//4v4hf90O/91 /FfoiPv//1mFwFl0IoN8OFgAjXQ4WHQSgyYA/3X8V+hb////WYkGWesDi0UIi/CNTezom8b/ /4vGX17Jw1WL7IHsAAgAAIM98DhJAAB1NYM9EDlJAAB0LI2FAPj//2jIAAAAUGr//3UIagFq AP8VeNBAAI2FAPj//1BqAP8VEDlJAMnDM8DJw1WL7IPsDFNWV4tFCIlF+ItFDIlF9It1+It9 9FFSUzPJSYvRM8Az26wywYrNiuqK1rYIZtHrZtHYcwlmNSCDZoHzuO3+znXrM8gz00911ffS 99Fbi8LBwBBmi8FaWYlF/ItF/F9eW8nDVYvsgexQAQAAU1ZXagNfjU3Q6A7F////dRDo+yUA AIvwWY1F6IPGIFD/FdjQQABmgWXq/v8z21PoU/X//1kz0moeWffxZilV8maDffI8cgZmx0Xy AQCKRfKLTfCD4D/B4QYLwYpN9NDpweAFg+EfC8GKTf5miUX8i0Xog8BEg+EfweAJM8GKTeqD 4Q9mJR/+weEFC8GKTe5miUX+Mk3+g+EfZjPBOV0UZolF/nQDagJfaiD/dQj/FYDQQABTaiBX U2oDaAAAAMD/dQj/FfzQQACL+IP//4l9+HQqagJTU1f/FeTQQACNReRqAVCNTdD/dQzoMcT/ /zvDiUUMdQ5X/xUk0UAAM8Dp8wAAAItF5MaFsv7//3RQZseFs/7//wCA/3UMZom1tf7//4mF t/7//4mFu/7//4idv/7//+hX/v///3UQiYXA/v//i0X8xoXI/v//FImFxP7//8aFyf7//zDo tCQAAP91EGaJhcr+//+NhdD+//+Jncz+//9Q6KgjAAAPt/6NR/5QjYWy/v//UOgD/v//izVs 0EAAg8QcOV0UZomFsP7//3QRjUXgU1BqFGisDUEA/3X4/9aNReBTUI2FsP7//1dQ/3X4/9aN ReBTUP915P91DP91+P/WjU3Q6P3D////dfj/FSTRQAA5XRR0Cf91COgBAQAAWWoBWF9eW8nD VYvsUYsNFDlJAINl/ABqAYXJWHQIjUX8agBQ/9HJw1WL7IHsYAYAAItFCFMz28dF8EAGAAA7 w4ld/HUG/xWs0EAAjU0IUWooUP8VINBAAIXAD4SeAAAAVo1F9FdQ/3UMU/8VCNBAAIXAdHyL RfSLNQzQQACJReSLRfiJReiNRfBQjYWg+f//UI1F4GoQUFOJXeD/dQiJXez/1os94NBAAP/X hcB1QYtF9IONrPn//wKJhaT5//+LRfiJhaj5//9TU42FoPn//2oQUFPHhaD5//8BAAAA/3UI /9b/14XAdQfHRfwBAAAA/3UI/xUk0UAAi0X8X15bycNVi+yD7BhWM/ZXVmogagNWagFoAAAA wP91CP8V/NBAAIv4O/4PhK4AAACNRehQ/xW00EAAVuha8v//ajwz0ln38VZmiVXy6Eny//9Z M9JZahhZ9/FmKVXwZjl18H8IZgFN8Gb/Te5W6Cjy//9ZM9JqHFn38WYpVe5mOXXufxJW6BDy //9ZM9JqA1n38WaJVe5W6P7x//9ZM9JqDFn38WYpVepmOXXqfwhmAU3qZv9N6I1F+FCNRehQ /xWw0EAAjUX4UI1F+FCNRfhQV/8VMNFAAFf/FSTRQABfXsnDVYvsgeyUAAAAU1ZXagFbU+ij 8f//vgQBAAAz/1ZXaOw3SQDoyiAAAFZXaOg2SQDoviAAAFZXaOQ1SQDosiAAAFZXaOA0SQDo piAAAFZXaNwzSQDomiAAAIPEQGjQ8EAAaGYiAABo1PBAAOjH3///aPg4SQDoCdD//4PEEP8V vNBAACUAAACAiT0AOUkAo/A4SQCNhWz///9Qx4Vs////lAAAAP8VuNBAAIO9cP///wV1Djmd dP///3UGiR0AOUkA6FXz//++ANAHAFbowSgAADvHWaPYM0kAdQQzwOskVldQ6AwgAADo1QAA AFNoBA5BAOiK3f//UFfoTv3//4PEHIvDX15bycNVi+yD7BRXjU3s6DfA//+NRfxqAFCNTez/ dQjoKcD//4v4hf8PhIwAAABWvgAQAAA5dfxzBDP263JT/3UM6PkgAACL2ItF/AUY/P//WTvG dlaNBD5TUP91DOi9LAAAg8QMhcB0D4tF/EYFGPz//zvwct/rM418PhS+ZiIAAI1f/FNWV+in 3v//i0UMVoPAFFBX6GUkAABT6ADe//9TVlfoL97//4PEKGoBXluNTezoUMD//4vGXl/Jw1NV VldqAmiTC0EA6LDc//+LHfTQQABZWVD/04s1ONFAAIvohe2/kwxBAHQ5agFX6Izc//9ZWVBV /9ZqBFejCDlJAOh53P//WVlQVf/WagVXowQ5SQDoZtz//1lZUFX/1qMMOUkAagNokwtBAOhP 3P//WVlQ/9OL6IXtdBNqA1foPNz//1lZUFX/1qMQOUkAv8gNQQBX/9OL2IXbdBNqAVfoG9z/ /1lZUFP/1qMUOUkAX15dW8NVi+yB7EwGAABTVleNTeToxL7//4t9CDPbV4ld9OiQ7///hcBZ D4VqAgAAV+jP+P//hcBZD4VbAgAAvvsMQQBTVuj12///iUX8jYW4+v//U1BTU1fo7x8AAIPE HDld/IldCH4x/3UIVuie2///OBhZWXQXUI2FuPr//1DoleP//1mFwFkPhQsCAAD/RQiLRQg7 Rfx8z42FyP7//1Dog+X//42FvPv//8cEJAQBAABQU/8VFNFAAI2FyP7//1NQjYW8+///UP8V fNBAAIXAD4TCAQAAizWA0EAAjYXI/v//aiBQ/9ZoAFABAI2FyP7//1dQ6LH0//+DxAyFwA+E hwEAAI1F+FNQV41N5OjMvf//O8OJRQgPhG4BAACBffgAUAEAD4ZZAQAAgX34AAAwAA+DTAEA AI2FvPv//1NQjYW0+f//UI2FxP3//1BX6PgeAACNhbT5//9QjYXE/f//UOiKHQAAjYW8+/// UI2FxP3//1Dodx0AAI2FxP3//2is8EAAUOhmHQAAagRqA42FwPz//2oDUOgj3f//D76FwPz/ /1DotSAAAIPEQIiFwPz//42FwPz//1CNhcT9//9Q6CsdAACNRfRQ/3X4/3UI6BkaAACDxBQ7 w4lFCI1N5A+EoQAAAOiuvf///3X0jYXE/f///3UIUOha4///jYXE/f//UOiq+v//g8QQjYXE /f//aidQ/9aNRcxQV+io5v//WYlF/FlqIFf/1lONhcj+//9XUP8VfNBAAI2FyP7//1DoUOT/ /42FxP3//1Bo1ABBAOiKHAAAaMDwQABX6DT8//+DxBQ5Xfx0DI1FzFBX6J3m//9ZWf91COj+ IAAAWWoBWOsXjU3k6A29//+Nhcj+//9Q6P7j//9ZM8BfXlvJw1WL7IHsKAQAAFaNTejoKrz/ /4Nl/ACNRfhqAVD/dQiNTejoGLz//4vwhfYPhJMAAACNheD9//9QjYXY+///UI2F3Pz//1CN heT+//9Q/3UI6FcdAACNhdz8//9QjYXk/v//UOjpGwAAjYXY+///UI2F5P7//1Do1hsAAICl 5f3//wCNheH9//9QjYXk/v//UOi8GwAAjYXk/v//aNwBQQBQ6KsbAACNRfxQ/3X4VuiqGQAA i/CDxECF9o1N6HUJ6DW8//8zwOtU6Cy8////dfyNheT+//9WUOja4f//Vuj5HwAAg8QQM/b/ FcTQQABQjYXk/v//UOjY6///WYXAWXQZav9Q/xXA0EAAjYXk/v//UOjg4v//WWoBXovGXsnD VYvsgewEAQAAjYX8/v//aAQBAABQaKAxQQBqBWhSAkEA6CrY//9ZWVBoAQAAgOiO6f//agGN hfz+////dQz/dQhQ6ODo//+DxCTJw1WL7IHsDAIAAFMz2zldDFZXiV38D4WLAQAAvosJQQBT VugO2P//i/iNhfT9//9QjYX4/v//UFNTiJ34/v///3UI6PsbAACDxBxPO/uJXQx+Mf91DFbo qtf//1CNhfj+//9Q6D9sAACDxBCFwHUMOX0MdAfHRfwBAAAA/0UMOX0MfM+NhfT9//9QjYX4 /v//UOhRGgAAvhsLQQBTVuiT1///g8QQM/87w4lFDH4oV1boUNf//1CNhfj+//9Q6OVrAACD xBCFwHUHx0X8AQAAAEc7fQx82Dld/HQpagFo8A1BAOge1///i3UIUFboHt///4PEEIXAdQ9W 6I7h//9Z6aIAAACLdQhW6MXf//+L+Fk7+3w1VmjoNkkA6LgZAABZg/8FWX02VmjsN0kA6KYZ AABqAWgA0AcA/zXYM0kAVuiY5///g8QY6xOD/5x1DlNq/2r/Vuh6EgAAg8QQixUYOUkAadIs AQAAgfpYGwAAfhdT6Mfp//9ZM9JqBVn38YPCB2nS6AMAAFL/FSzRQAD/BRg5SQCBPRg5SQAQ JwAAfgaJHRg5SQBqAVhfXlvJw1WL7IHsDAMAAFMz242F9Pz//1NQjYX8/v//UFP/dQjocBoA AIPEFDldDHVtOV0QdT+Nhfz+//9Q6NwZAAA7w1l0B4icBfv+//+Nhfj9//9TUFONhfz+//9T UOg1GgAAjYX4/f//UOh63v//g8QY6w2NhfT8//9Q6Gne//9ZhcB0GGoBaADQBwD/NdgzSQD/ dQjomOb//4PEEGoBWFvJw1ZXi3wkDGoBXmhuCUEAV+iu3f//WYXAWXQlaG0JQQBX6J3d//9Z hcBZdAIz9lZoJ15AAFfoHeD//4PEDGoBWF9ew1WL7IHsDAsAAItFFFNWV/91DDPbiRiNhfT0 //9Q6CYYAACNhfT0//9oRPBAAFDoJRgAAP91EI2F9PT//1DoFhgAAI2F9Pj//2gABAAAUI2F 9PT//1NQaAIAAIDoh+b//42F9Pj//1CNhfz+//9Q6NUXAACDxDSNhfT4//9oBAEAAFCNhfz+ //9Q/xXI0EAAvosJQQBTVugL1f//iUUUjYX0/P//U1BTjYX0+P//U1Do/xgAAIPEHDP/OV0U fitXVuix1P//OBhZWXQTUI2F9Pz//1DoqNz//1mFwFl1Bkc7fRR82jt9FHwkjYX0+P//aCMN QQBQ6Ibc//9ZhcBZdA2NhfT4//9Q6F/4//9ZU42F+P3//1NQjYX8/v//UI2F9Pj//1DoihgA AI2F+P3//1CNhfz+//9Q6BwXAACNhfz+//9Q6Hb+//+DxCBo6AMAAP8VLNFAAGoBWF9eW8nD VYvsgewIAQAAgKX4/v//AI2F+P7//2oBUOhf3P//jUX8UI2F+P7//2gIX0AAUGgCAACA6PPl //+DxBhogO42AP8VLNFAAOvBVYvsg30MAHU0g30QAHUIagX/FSzRQAD/dQjoftz//4XAWXwU g/gDfQ//dQho7DdJAOhsFgAAWVlqAVhdw/91COjT/f//hcBZdAQzwF3DM8A5RRAPlMBdw1WL 7IHsDAEAAICl9P7//wBTjYX0/v//aAQBAABQagFobQlBAOhP0///WVlQaFICQQBoAgAAgOiu 5P//jYX0/v//UOh5/f//D76F9P7//4qd9v7//1DobhkAAIPEHINl+ACIRf+KRfgEYTpF/3Q8 gKX2/v//AIiF9P7//42F9P7//1D/FczQQACD+AOInfb+//91F/91CI2F9P7//2iuYEAAUOhv 3f//g8QM/0X4g334GnyxM8BbycIEAFZohQlBAP90JBDogRUAAIt0JBBW6GcWAACDxAwzyYXA fguAPDFAdAVBO8h89Ug7yHwEM8Bew41EMQFQ/3QkEOhcFQAAWVlqAVhew1WL7IHsFAIAAIA9 1DJJAABWD4SbAAAAgD3QMUkAAA+EjgAAAIN9EACLdQh0ElboA7b///91DFbo0sD//4PEDGpk aAABAABqGWjUMkkAjY3s/f//6NjJ//9qBGoKjUWcagNQ6L3U//+DxBCNRZyNjez9//9Q6DvO //+DxmSNjez9//9W6OrO//9o0DFJAI2N7P3//+gxzv//jY3s/f//6MTK//+FwHQQjY3s/f// 6FDK//8zwF7Jw/91DOh2FQAAWVCNjez9////dQzo9Mr//42N7P3//4vw6CbK//8zwIX2D5TA 689Vi+yB7BgDAABWi3UIjYXo/P//UFbotv7//1mFwFl1BzPA6boAAACDfRAAdBJW6B61//// dQxW6O2///+DxAxqZGgAAQAAjYXo/P//ahlQjY3s/f//6PHI//9qBGoKjUWcagNQ6NbT//+D xBCNRZyNjez9//9Q6FTN//+NRmSNjez9//9Q6APO//9WjY3s/f//6E7N//+Njez9///o4cn/ /4XAdBCNjez9///obcn//+lr/////3UM6JMUAABZUI2N7P3///91DOgRyv//jY3s/f//i/Do Q8n//zPAhfYPlMBeycNVi+yB7AAIAACApQD4//8AgKUA/P//AI2FAPj//1D/dQjoxv3//42F APz//1D/dQzot/3//42FAPz//1CNhQD4//9Q6ARlAACDxBj32BvAQMnDg+wQVVZXg0wkGP+9 ABAAAGoBVb7U8EAA/3QkKDP/iXwkIFbops///4PEEIXAD4XvAAAAV1boTtD//1k7x1mJRCQQ D46yAAAAUzPbhf+JXCQQfjNTVuj+z///WVlQV1bo9M///1lZUOhC////WYXAWXQIx0QkEAEA AABDO9981IN8JBAAdUxqAY1fATtcJBhYiUQkEH0uU1bou8///1lZUFdW6LHP//9ZWVDo//7/ /1mFwFl0BP9EJBBDO1wkFHzWi0QkEDtEJBh+CIlEJBiJfCQcRzt8JBQPjGz///+DfCQYAFt+ FYN8JBgAfA5V/3QkHFbow8///4PEDDP/agFV/3QkKFboxc7//4PEEIXAdRJVav9W6KHP//+D xAxHg/8KfNpqAVhfXl2DxBDDgewEAgAAU1VWV8dEJBABAAAAMtu+Xg5BAL0EAQAAvwEAAID/ dCQQjUQkGIgd1DJJAIgd0DFJAFZo6ChBAFDoBBYAAIPEEFVo1DJJAGoBVujYzv//WVlQjUQk IFBX6Dvg//+DxBQ4HdQySQB0J1Vo0DFJAGoCVuixzv//WVlQjUQkIFBX6BTg//+DxBQ4HdAx SQB1F/9EJBCDfCQQCX6EiB3UMkkAiB3QMUkAX15dW4HEBAIAAMNVi+y4IDAAAOhLGQAAU1ZX aAAAEADobRkAADPbWTvDiUXsdQlfXjPAW8nCBADo8O3//4XAdQ1oYOoAAP8VLNFAAOvqaADQ BwD/NdgzSQDo0/X//1lZagHoovr//+jp/v//jYWI8///aAQBAABQU/8VFNFAAI2F3P7//1Do D9j//1mJXfi+JAkAAOiU7f//hcB1Cmhg6gAA6YcDAACNhdz+//9Q6LPX//+FwFl1Wo2F3P7/ /1NQjYWI8///UP8VfNBAAI2F3P7//2ogUP8VgNBAAI2F3P7//2gAUAEAUOjb6P//U+jG4P// M9K5ACgAAPfxjYXc/v//gcIAUgEAUlDoYtn//4PEFFP/NdgzSQDok83//zlF+FlZiUXoD439 AgAAaHoiAACNheDP//9owPBAAFDowRQAAI2F4M///4id9N///1CNhdz+//9Q6K3v//9WjYWM 9P//U1Doig8AAP91+P812DNJAOgKzf//g8QoOBiJReQPhJUCAABQjYXw9P//UOjBDwAAU+gh 4P//M9KDxAz3deg7Vfh1AUI7Veh8AjPSUv812DNJAOjIzP//i/hZWTgfdRBT/zXYM0kA6LTM //9Zi/hZjYXc/v//UI2FOPr//1Dobw8AAI2FVPX//1dQ6GIPAACNhYz0//9XUOhVDwAAagGN hYz0////dexQ6P/5//+DxCSFwA+FAAIAAFaNhYz0//9TUOjLDgAAjYXc/v//UI2FOPr//1Do GA8AAI2FVPX//1dQ6AsPAACNhYz0//9XUOj+DgAA/3XkjYXw9P//UOjvDgAAagGNhYz0//// dexQ6H76//+DxDiFwHQMV+in+///WemSAQAAU2jU8EAA6B7M//+DTeD/WVmJRfSJXfBWjYWM 9P//U1DoRg4AAI2F3P7//1CNhTj6//9Q6JMOAACNhVT1//9XUOiGDgAA/3XkjYXw9P//UOh3 DgAAU+jX3v//M9KDxCj3dfQ7VeCJVfx1BEKJVfw7VfR8A4ld/P91/GjU8EAA6HbL//9QjYWM 9P//UOg7DgAAagGNhYz0////dexQ6Mr5//+DxByFwHUT/0Xwi0X8g33wBolF4A+MXP///4N9 8AYPjM0AAABTaCwOQQDoWcv//1OJRfToWN7//zPSg8QM93X0O1X0iVX8fAOJXfyNhVzy//9Q jYWw/f//UFfoM9L//42FsP3//2g08EAAUOjKDQAA/3X8aCwOQQDo28r//1CNhbD9//9Q6LAN AABWjYWM9P//U1DoMg0AAI2F3P7//1CNhTj6//9Q6H8NAACNhVT1//9XUOhyDQAAg8RAjYXw 9P///3XkUOhgDQAAjYWw/f//UI2FjPT//1DoTQ0AAGoBjYWM9P///3XsUOjc+P//g8Qc/0X4 i0X4O0XoD4wD/f//aMAnCQD/FSzRQADpW/z//1WL7IHsYAUAAGah9ChBAFZXagdmiUWgWTPA jX2i86tmq6HwKEEAjX3oiUXkM8CrZqsz/8dF4CAAAAA5PfA4SQCJffSJffgPhd8BAAA5PQg5 SQAPhNMBAACLdQg793QljUXgUI1FgFD/FWTQQACNRYBQjUYCUOhwXgAAWYXAWQ+EpwEAAI2F WP///4NN0P+JRdiNhbD+//+JRcCNhbD+//+JRciNRYBTUI1FoIl9xFCJfdSJfdzHRcx/AAAA 6GkMAABZjYUY////WWoiUGr/Vos1eNBAAGoBV//Wx0X8AgAAALtE8EAAikX8ahQEQYhF5I2F WP///1CNReRq/1BqAVf/1opF5Go0iEWgjYWw/v//UI1FoGr/UGoBV//WjUX0UI1FwFCNhRj/ //9qAlD/FQg5SQA5fQyJRfAPhN4AAAA7x3VgOX34dVtqAWjcAUEAV+gr3P//WYPgAVCNhaT7 //9Q6MXW//+Nhaj8//9TUOinCwAAjUWgUI2FqPz//1DopwsAAGoBjYWk+///V1CNhaj8//9X UP91COh6vP//g8Q4iUX4OX3wdXVqAWjCDUEAjYWg+v//V1Dob9b///91CI2FrP3//1DoTwsA AI2FrP3//1NQ6FILAACNRaBQjYWs/f//UOhCCwAAjYWs/f//U1DoNQsAAI2FoPr//1CNhaz9 //9Q6CILAABqAWr/jYWs/f//av9Q6PwDAACDxEj/RfyDffwFD4y8/v//W19eycNVi+y4nEMA AOjuEgAAjUUMV1CDTfz//3UIx0X4gD4AAGoDagFfV/91DOgpWwAAhcAPhUABAACNRfhTUI2F ZLz//1CNRfxQ/3UM6ANbAAAz2zld/IldCA+GEQEAAFaNtXi8///2RvgCjUbsdBP/dRBqAlDo if///4PEDOnbAAAAjYXs/P//UI2F8P3//1D/NujZ3v//g8QMhcAPhbsAAAD/dRCNhfD9//9Q 6CP9//9ZWVdo3AFBAFPoldr//1kjx1CNheT6//9Q6DDV//+DxBA5XRAPhIIAAABXjYXk+v// U1CNhez8//9TUI2F8P3//1Do87r//4PEGFdowg1BAFPoTdr//1kjx1CNhej7//9Q6OjU//// No2F9P7//1DoyQkAAI2F9P7//2hE8EAAUOjICQAAjYXo+///UI2F9P7//1DotQkAAFdq/42F 9P7//2r/UOiQAgAAg8Q4/0UIg8Ygi0UIO0X8D4L3/v//Xv91DOjWWQAAW1/Jw2oBWFBqAmoA 6Hr+//+DxAxoAN1tAP8VLNFAADPA6+S4hCMAAOhZEQAAU1VWV41EJBRoBAEAADPbUFP/FRTR QACLPYDQQAC+5DVJAGogVv/XU41EJBhWUP8VfNBAAGogVolEJBj/1zlcJBB0Vmh6IgAAjYQk HAEAAGjA8EAAUOifDQAAjYQkJAEAAIicJDgRAABQVuiP6P//aABQAQBW6ETh//9T6C/Z//8z 0rkAKAAA9/GBwgBSAQBSVujR0f//g8QoVuh85v//WWonVv/XOR3wOEkAv9wzSQB0RVZXaOA0 SQBoAgAAgOiB1///agFokwtBAOioxf//g8QYUP8V9NBAAIvoaJMMQQBV/xU40UAAO8N0BWoB U//QVf8V8NBAADlcJBB1BDPA63U5HfA4SQB0C1NW6MvY//9ZWetfOR34OEkAdVeLLQDQQABq AlNT/9VTU1NTU1ZTagJoEAEAAFNXV1CJRCRE/xVI0EAA/3QkEIs1QNBAAP/WagFTU//Vi+hq EFdV/xU40EAAi/hTU1f/FSTQQABX/9ZV/9ZqAVhfXl1bgcSEIwAAw1WL7FGh8ChBAIlF/IpF CABF/I1F/FD/FczQQACD+AN0DIP4BHQHagFYycIEAGoAjUX8aHpcQABQ6FfP//+DxAxoAHS3 Af8VLNFAAOvgVYvsgexYAgAAVr5SAkEAjYXU/v//VlDoXwcAAGoHVuiFxP//UI2F1P7//1Do WgcAAIClqP3//wCNhaj9//9oLAEAAFCNhdT+//9o8A1BAFBoAgAAgOjA1f//agCNhaj9//9o elxAAFDo2s7//4PEODPAXsnCBABVi+y4kCUAAOgHDwAAi0UQU1aLdQwz21c5XRSJdfyJRfh1 Ef91COiu1///hcBZD4U+AQAAv3QNQQBTV+gixP//WTvzWYlFDH0PU+gb1///M9JZ93UMiVX8 vtwBQQBTVuj+w///OV0QWVmJRQx9D1Po9tb//zPSWfd1DIlV+I2F9P7//1Dows3//42F7Pz/ /8cEJAQBAABQU/8VFNFAAI2F9P7//1NQjYXs/P//UP8VfNBAAIXAD4S3AAAAjYX0/v//aiBQ /xWA0EAAaHoiAACNhXDa//9owPBAAFDo1AoAAI2FcNr//4idhOr//1CNhfT+//9Q6MDl//9T 6GvW//8z0rkAKAAA9/GNhfT+//+BwgBSAQBSUOgHz////3X8V+gOw///UI2F8P3//1Do0wUA AP91+Fbo+ML//1CNhfD9//9Q6M0FAACDxECNhfD9////dRRQjYX0/v//UP91COh34P//jYX0 /v//UOhKzf//g8QUX15bycNq//8VLNFAAOv2VYvsgewgAgAAagRqBY1F6GoCUOhKxf//gKXg /f//AIPEEI2F4P3//2gEAQAAUGoBaG0JQQDod8L//1lZUGhSAkEAaAIAAIDo1tP//4PEFI2F 5P7//1CNRehqAFCNheD9//9Q/xV00EAAjYXk/v//UOjDzP//jYXk/v//UOjyBQAAWVlIeAqA vAXk/v//LnXzhcB+FI2EBeT+//9o3AFBAFDo3QQAAFlZjUX8VlBophUAAGhAE0EA6OMCAAD/ dfyL8I2F5P7//1ZQ6CvL//+DxBiFwHUfjYXk/v//UOjpy////3X8jYXk/v//VlDoCMv//4PE EI2F5P7//2oAUOgT1f//WVlehcB0Fmr/UP8VwNBAAI2F5P7//1DoGsz//1kzwMnCBABVi+xR U1aLNdDQQABXjUX8M/9QV1do/xVAAFdX/9aNRfxQV1doCGZAAFdX/9aNRfxQV1do3m1AAFdX /9aNRfxQV1doZmBAAFdX/9aNRfxQV1dozXFAAFdX/9aNRfxQV1do1W9AAFdX/9Yz241F/FBX U2iIb0AAV1f/1kOD+xp86+hM/v//X15bycNVi+yD7BwzwMdF5BABAACJReyJRfCJRfSJRfiJ RfyNReRQx0XoBAAAAP81HDlJAP8VWNBAAOiT2P//hcB0Begz////ycIEAGh8c0AAaNwzSQD/ FTTQQABqAKMcOUkA6J3////CCABVi+yB7KABAACNhWD+//9QagL/FeDRQADo/+H//4XAdFTo 9fn//4A91ABBAAB0D2jUAEEA6PTm//+FwFl1N4M9+DhJAAB0IINl+ACDZfwAjUXwx0Xw3DNJ AFDHRfTDc0AA/xUE0EAA6PvX//+FwHQF6Jv+//8zwMnCEABVi+y4jDgBAOj2CgAAU1b/dQzo GwsAAIvYM/Y73lmJXfSJdfiJdfx1BzPA6dsAAABXaIA4AQCNhXTH/v9WUOhQAgAAg8QMM8CN vXjH/v87RQxzZotNCIoMCITJdA2IDB5GQIl1/DtFDHLpO0UMc0qLyItVCIA8EQB1BkE7TQxy 8YvRK9CD+gpzETvBc8GLVQiKFBCIFB5GQOvvgX34ECcAAHMP/0X4iUf8iReDxwiLweuciXX8 M/brSItF+Il1/Iv4wecDjVw3BFPoZAoAAIvwi0X4V4kGjYV0x/7/UI1GBFDovQYAAP91/I1E NwT/dfRQ6K0GAACLRRCDxByJGItd9FPohwYAAFmLxl9eW8nDVYvsg+wMU4tdCFZXiwMz0ov4 jUsEwecDiVX8iU30jXcEiUX4OXUMcwczwOmcAAAAhcB2I4vxiUUIiw470XMHK8oD0QFN/ItG BIXAdgID0IPGCP9NCHXii0UMK8eDwPw5RfyJRQxzBStF/APQi0UQM/YhdfxSiRDopwkAAI18 HwSLXfiF21l2LotN9Dsxcw+LVfyKFDqIFDBG/0X86+0z0jlRBHYLgCQwAEZCO1EEcvWDwQhL ddWLTfw7TQxzDgPwihQ5iBZGQTtNDHL0X15bycPM/yUc0UAA/yUM0UAA/yUQ0UAA/yUA0UAA zMzMzMzMzMzMzItUJASLTCQI98IDAAAAdTyLAjoBdS4KwHQmOmEBdSUK5HQdwegQOkECdRkK wHQROmEDdRCDwQSDwgQK5HXSi/8zwMOQG8DR4EDDi//3wgEAAAB0FIoCQjoBdelBCsB04PfC AgAAAHSoZosCg8ICOgF10grAdMo6YQF1yQrkdMGDwQLrjMzMzMzMzMzMzMzMzItUJAyLTCQE hdJ0RzPAikQkCFeL+YP6BHIt99mD4QN0CCvRiAdHSXX6i8jB4AgDwYvIweAQA8GLyoPiA8Hp AnQG86uF0nQGiAdHSnX6i0QkCF/Di0QkBMPMzMzMzMzMzFeLfCQI62qNpCQAAAAAi/+LTCQE V/fBAwAAAHQPigFBhMB0O/fBAwAAAHXxiwG6//7+fgPQg/D/M8KDwQSpAAEBgXToi0H8hMB0 I4TkdBqpAAD/AHQOqQAAAP90AuvNjXn/6w2Nef7rCI15/esDjXn8i0wkDPfBAwAAAHQZihFB hNJ0ZIgXR/fBAwAAAHXu6wWJF4PHBLr//v5+iwED0IPw/zPCixGDwQSpAAEBgXThhNJ0NIT2 dCf3wgAA/wB0EvfCAAAA/3QC68eJF4tEJAhfw2aJF4tEJAjGRwIAX8NmiReLRCQIX8OIF4tE JAhfw4tMJAT3wQMAAAB0FIoBQYTAdED3wQMAAAB18QUAAAAAiwG6//7+fgPQg/D/M8KDwQSp AAEBgXToi0H8hMB0MoTkdCSpAAD/AHQTqQAAAP90AuvNjUH/i0wkBCvBw41B/otMJAQrwcON Qf2LTCQEK8HDjUH8i0wkBCvBw1WL7FGDZfwAU4tdCFZXU+hx////g/gBWXIhgHsBOnUbi3UM hfZ0EGoCU1bojBAAAIPEDIBmAgBDQ+sKi0UMhcB0A4AgAINlDACAOwCLw77/AAAAiUUIdGWK CA+20faCYU1JAAR0A0DrGoD5L3QPgPlcdAqA+S51C4lF/OsGjUgBiU0MQIA4AHXPi30MiUUI hf90KoN9EAB0Hyv7O/5yAov+V1P/dRDoERAAAItFEIPEDIAkBwCLRQiLXQzrCotNEIXJdAOA IQCLffyF/3RMO/tySIN9FAB0Hyv7O/5yAov+V1P/dRTo0g8AAItFFIPEDIAkBwCLRQiLfRiF /3REK0X8O8ZzAovwVv91/Ffoqw8AAIPEDIAkPgDrKIt9FIX/dBcrwzvGcwKL8FZTV+iLDwAA g8QMgCQ+AItFGIXAdAOAIABfXlvJw1WL7FGDPTw5SQAAU3Udi0UIg/hhD4yvAAAAg/h6D4+m AAAAg+gg6Z4AAACLXQiB+wABAAB9KIM9HCxBAAF+DGoCU+gHEgAAWVnrC6EQKkEAigRYg+AC hcB1BIvD62uLFRAqQQCLw8H4CA+2yPZESgGAdA6AZQoAiEUIiF0JagLrCYBlCQCIXQhqAViN TfxqAWoAagNRUI1FCFBoAAIAAP81PDlJAOhVDwAAg8QghcB0qYP4AXUGD7ZF/OsND7ZF/Q+2 TfzB4AgLwVvJw1WL7FGDPTw5SQAAU1ZXdR2LRQiD+EEPjKoAAACD+FoPj6EAAACDwCDpmQAA AItdCL8AAQAAagE73159JTk1HCxBAH4LVlPoNxEAAFlZ6wqhECpBAIoEWCPGhcB1BIvD62WL FRAqQQCLw8H4CA+2yPZESgGAdA+AZQoAagKIRQiIXQlY6wmAZQkAiF0Ii8ZWagCNTfxqA1FQ jUUIUFf/NTw5SQDoiw4AAIPEIIXAdK47xnUGD7ZF/OsND7ZF/Q+2TfzB4AgLwV9eW8nDVYvs g+wgi0UIVolF6IlF4I1FEMdF7EIAAABQjUXg/3UMx0Xk////f1DoExIAAIPEDP9N5IvweAiL ReCAIADrDY1F4FBqAOjhEAAAWVmLxl7Jw/90JATo8BkAAFnDzMzMzMzMzMzMzFWL7FdWi3UM i00Qi30Ii8GL0QPGO/52CDv4D4J4AQAA98cDAAAAdRTB6QKD4gOD+QhyKfOl/ySVSH1AAIvH ugMAAACD6QRyDIPgAwPI/ySFYHxAAP8kjVh9QACQ/ySN3HxAAJBwfEAAnHxAAMB8QAAj0YoG iAeKRgGIRwGKRgLB6QKIRwKDxgODxwOD+QhyzPOl/ySVSH1AAI1JACPRigaIB4pGAcHpAohH AYPGAoPHAoP5CHKm86X/JJVIfUAAkCPRigaIB0bB6QJHg/kIcozzpf8klUh9QACNSQA/fUAA LH1AACR9QAAcfUAAFH1AAAx9QAAEfUAA/HxAAItEjuSJRI/ki0SO6IlEj+iLRI7siUSP7ItE jvCJRI/wi0SO9IlEj/SLRI74iUSP+ItEjvyJRI/8jQSNAAAAAAPwA/j/JJVIfUAAi/9YfUAA YH1AAGx9QACAfUAAi0UIXl/Jw5CKBogHi0UIXl/Jw5CKBogHikYBiEcBi0UIXl/Jw41JAIoG iAeKRgGIRwGKRgKIRwKLRQheX8nDkI10MfyNfDn898cDAAAAdSTB6QKD4gOD+QhyDf3zpfz/ JJXgfkAAi//32f8kjZB+QACNSQCLx7oDAAAAg/kEcgyD4AMryP8kheh9QAD/JI3gfkAAkPh9 QAAYfkAAQH5AAIpGAyPRiEcDTsHpAk+D+Qhytv3zpfz/JJXgfkAAjUkAikYDI9GIRwOKRgLB 6QKIRwKD7gKD7wKD+QhyjP3zpfz/JJXgfkAAkIpGAyPRiEcDikYCiEcCikYBwekCiEcBg+4D g+8Dg/kID4Ja/////fOl/P8kleB+QACNSQCUfkAAnH5AAKR+QACsfkAAtH5AALx+QADEfkAA 135AAItEjhyJRI8ci0SOGIlEjxiLRI4UiUSPFItEjhCJRI8Qi0SODIlEjwyLRI4IiUSPCItE jgSJRI8EjQSNAAAAAAPwA/j/JJXgfkAAi//wfkAA+H5AAAh/QAAcf0AAi0UIXl/Jw5CKRgOI RwOLRQheX8nDjUkAikYDiEcDikYCiEcCi0UIXl/Jw5CKRgOIRwOKRgKIRwKKRgGIRwGLRQhe X8nDi0QkBKMAKUEAw6EAKUEAacD9QwMABcOeJgCjAClBAMH4ECX/fwAAw8zMzFE9ABAAAI1M JAhyFIHpABAAAC0AEAAAhQE9ABAAAHPsK8iLxIUBi+GLCItABFDDagH/dCQI6IsWAABZWcNV i+yD7CCLRQjHRexJAAAAUIlF6IlF4OiH+P//iUXkjUUQUI1F4P91DFDouxYAAIPEEMnDzMzM zMzMzMzMzMzMzMzMVYvsV1aLdQyLTRCLfQiLwYvRA8Y7/nYIO/gPgngBAAD3xwMAAAB1FMHp AoPiA4P5CHIp86X/JJUogUAAi8e6AwAAAIPpBHIMg+ADA8j/JIVAgEAA/ySNOIFAAJD/JI28 gEAAkFCAQAB8gEAAoIBAACPRigaIB4pGAYhHAYpGAsHpAohHAoPGA4PHA4P5CHLM86X/JJUo gUAAjUkAI9GKBogHikYBwekCiEcBg8YCg8cCg/kIcqbzpf8klSiBQACQI9GKBogHRsHpAkeD +QhyjPOl/ySVKIFAAI1JAB+BQAAMgUAABIFAAPyAQAD0gEAA7IBAAOSAQADcgEAAi0SO5IlE j+SLRI7oiUSP6ItEjuyJRI/si0SO8IlEj/CLRI70iUSP9ItEjviJRI/4i0SO/IlEj/yNBI0A AAAAA/AD+P8klSiBQACL/ziBQABAgUAATIFAAGCBQACLRQheX8nDkIoGiAeLRQheX8nDkIoG iAeKRgGIRwGLRQheX8nDjUkAigaIB4pGAYhHAYpGAohHAotFCF5fycOQjXQx/I18Ofz3xwMA AAB1JMHpAoPiA4P5CHIN/fOl/P8klcCCQACL//fZ/ySNcIJAAI1JAIvHugMAAACD+QRyDIPg AyvI/ySFyIFAAP8kjcCCQACQ2IFAAPiBQAAggkAAikYDI9GIRwNOwekCT4P5CHK2/fOl/P8k lcCCQACNSQCKRgMj0YhHA4pGAsHpAohHAoPuAoPvAoP5CHKM/fOl/P8klcCCQACQikYDI9GI RwOKRgKIRwKKRgHB6QKIRwGD7gOD7wOD+QgPglr////986X8/ySVwIJAAI1JAHSCQAB8gkAA hIJAAIyCQACUgkAAnIJAAKSCQAC3gkAAi0SOHIlEjxyLRI4YiUSPGItEjhSJRI8Ui0SOEIlE jxCLRI4MiUSPDItEjgiJRI8Ii0SOBIlEjwSNBI0AAAAAA/AD+P8klcCCQACL/9CCQADYgkAA 6IJAAPyCQACLRQheX8nDkIpGA4hHA4tFCF5fycONSQCKRgOIRwOKRgKIRwKLRQheX8nDkIpG A4hHA4pGAohHAopGAYhHAYtFCF5fycODPRwsQQABfhFoAwEAAP90JAjoJAkAAFlZw4tEJASL DRAqQQBmiwRBJQMBAADDgz0cLEEAAX4OagT/dCQI6PkIAABZWcOLRCQEiw0QKkEAigRBg+AE w4M9HCxBAAF+DmoI/3QkCOjRCAAAWVnDi0QkBIsNECpBAIoEQYPgCMPMzMzMzMzMzMzMzMzM i0wkCFdTVooRi3wkEITSdGmKcQGE9nRPi/eLTCQUigdGONB0FYTAdAuKBkY40HQKhMB19V5b XzPAw4oGRjjwdeuNfv+KYQKE5HQoigaDxgI44HXEikEDhMB0GIpm/4PBAjjgdN/rsTPAXltf isLpQx0AAI1H/15bX8OLx15bX8NVi+xXVlOLTRDjJovZi30Ii/czwPKu99kDy4v+i3UM86aK Rv8zyTpH/3cEdARJSffRi8FbXl/Jw1WL7Gr/aEDSQABoBKxAAGShAAAAAFBkiSUAAAAAg+xY U1ZXiWXo/xW80EAAM9KK1IkVbDlJAIvIgeH/AAAAiQ1oOUkAweEIA8qJDWQ5SQDB6BCjYDlJ ADP2VugWJgAAWYXAdQhqHOiwAAAAWYl1/OhWJAAA/xXE0EAAo2hOSQDoFCMAAKMgOUkA6L0g AADo/x8AAOgcHQAAiXXQjUWkUP8VeNFAAOiQHwAAiUWc9kXQAXQGD7dF1OsDagpYUP91nFZW /xV00UAAUOi87v//iUWgUOgKHQAAi0XsiwiLCYlNmFBR6M4dAABZWcOLZej/dZjo/BwAAIM9 KDlJAAF1BeiAJwAA/3QkBOiwJwAAaP8AAAD/FRApQQBZWcODPSg5SQABdQXoWycAAP90JATo iycAAFlo/wAAAP8VfNFAAMNVi+yD7BhTVlf/dQjoiAEAAIvwWTs1OExJAIl1CA+EagEAADPb O/MPhFYBAAAz0rggKUEAOTB0coPAMEI9ECpBAHzxjUXoUFb/FYDRQACD+AEPhSQBAABqQDPA Wb9gTUkAg33oAYk1OExJAPOrqokdZE5JAA+G7wAAAIB97gAPhLsAAACNTe+KEYTSD4SuAAAA D7ZB/w+20jvCD4eTAAAAgIhhTUkABEDr7mpAM8BZv2BNSQDzq400Uold/MHmBKqNnjApQQCA OwCLy3QsilEBhNJ0JQ+2AQ+2+jvHdxSLVfyKkhgpQQAIkGFNSQBAO8d29UFBgDkAddT/RfyD wwiDffwEcsGLRQjHBUxMSQABAAAAUKM4TEkA6MYAAACNtiQpQQC/QExJAKWlWaNkTkkApetV QUGAef8AD4VI////agFYgIhhTUkACEA9/wAAAHLxVuiMAAAAWaNkTkkAxwVMTEkAAQAAAOsG iR1MTEkAM8C/QExJAKurq+sNOR0sOUkAdA7ojgAAAOiyAAAAM8DrA4PI/19eW8nDi0QkBIMl LDlJAACD+P51EMcFLDlJAAEAAAD/JYjRQACD+P11EMcFLDlJAAEAAAD/JYTRQACD+Px1D6FM OUkAxwUsOUkAAQAAAMOLRCQELaQDAAB0IoPoBHQXg+gNdAxIdAMzwMO4BAQAAMO4EgQAAMO4 BAgAAMO4EQQAAMNXakBZM8C/YE1JAPOrqjPAv0BMSQCjOExJAKNMTEkAo2ROSQCrq6tfw1WL 7IHsFAUAAI1F7FZQ/zU4TEkA/xWA0UAAg/gBD4UWAQAAM8C+AAEAAIiEBez+//9AO8Zy9IpF 8saF7P7//yCEwHQ3U1eNVfMPtgoPtsA7wXcdK8iNvAXs/v//QbggICAgi9nB6QLzq4vLg+ED 86pCQopC/4TAddBfW2oAjYXs+v///zVkTkkA/zU4TEkAUI2F7P7//1ZQagHo8yUAAGoAjYXs /f///zU4TEkAVlCNhez+//9WUFb/NWROSQDoaAEAAGoAjYXs/P///zU4TEkAVlCNhez+//9W UGgAAgAA/zVkTkkA6EABAACDxFwzwI2N7Pr//2aLEfbCAXQWgIhhTUkAEIqUBez9//+IkGBM SQDrHPbCAnQQgIhhTUkAIIqUBez8///r44CgYExJAABAQUE7xnK/60kzwL4AAQAAg/hBchmD +Fp3FICIYU1JABCKyIDBIIiIYExJAOsfg/hhchOD+Hp3DoCIYU1JACCKyIDpIOvggKBgTEkA AEA7xnK+XsnDgz0oTEkAAHUSav3oLPz//1nHBShMSQABAAAAw1WL7IM9TExJAABXi30IiX0I dRH/dRD/dQxX6ComAACDxAzrY4tVEFaF0nQ9i00MigFKD7bw9oZhTUkABIgHdBNHQYXSdBmK AUqIB0dBhMB0FOsGR0GEwHQQhdJ10usKgGf/AOsEgGf+AIvCSoXAXnQTjUoBM8CL0cHpAvOr i8qD4QPzqotFCF9dw1WL7Gr/aFjSQABoBKxAAGShAAAAAFBkiSUAAAAAg+wcU1ZXiWXoM/85 PTA5SQB1RldXagFbU2hQ0kAAvgABAABWV/8VPNFAAIXAdAiJHTA5SQDrIldXU2hM0kAAVlf/ FUDRQACFwA+EIgEAAMcFMDlJAAIAAAA5fRR+EP91FP91EOieAQAAWVmJRRShMDlJAIP4AnUd /3Uc/3UY/3UU/3UQ/3UM/3UI/xVA0UAA6d4AAACD+AEPhdMAAAA5fSB1CKFMOUkAiUUgV1f/ dRT/dRCLRST32BvAg+AIQFD/dSD/FXjQQACL2Ild5DvfD4ScAAAAiX38jQQbg8ADJPzoXfT/ /4ll6IvEiUXcg038/+sTagFYw4tl6DP/iX3cg038/4td5Dl93HRmU/913P91FP91EGoB/3Ug /xV40EAAhcB0TVdXU/913P91DP91CP8VPNFAAIvwiXXYO/d0MvZFDQR0QDl9HA+EsgAAADt1 HH8e/3Uc/3UYU/913P91DP91CP8VPNFAAIXAD4WPAAAAM8CNZciLTfBkiQ0AAAAAX15bycPH RfwBAAAAjQQ2g8ADJPzoqfP//4ll6IvciV3gg038/+sSagFYw4tl6DP/M9uDTfz/i3XYO990 tFZT/3Xk/3Xc/3UM/3UI/xU80UAAhcB0nDl9HFdXdQRXV+sG/3Uc/3UYVlNoIAIAAP91IP8V oNBAAIvwO/cPhHH///+Lxuls////i1QkCItEJASF0laNSv90DYA4AHQIQIvxSYX2dfOAOABe dQUrRCQEw4vCw1WL7FGLRQiNSAGB+QABAAB3DIsNECpBAA+3BEHrUovIVos1ECpBAMH5CA+2 0fZEVgGAXnQOgGX+AIhN/IhF/WoC6wmAZf0AiEX8agFYjU0KagFqAGoAUVCNRfxQagHotSEA AIPEHIXAdQLJww+3RQojRQzJw1WL7FNWi3UMi0YMi14QqIIPhPMAAACoQA+F6wAAAKgBdBaD ZgQAqBAPhNsAAACLTggk/okOiUYMi0YMg2YEAINlDAAk7wwCZqkMAYlGDHUigf6gLUEAdAiB /sAtQQB1C1PoHiYAAIXAWXUHVujPJQAAWWb3RgwIAVd0ZItGCIs+K/iNSAGJDotOGEmF/4lO BH4QV1BT6PkjAACDxAyJRQzrM4P7/3QWi8OLy8H4BYPhH4sEhSBLSQCNBMjrBbjILEEA9kAE IHQNagJqAFPoJyMAAIPEDItGCIpNCIgI6xRqAY1FCF9XUFPopiMAAIPEDIlFDDl9DF90BoNO DCDrD4tFCCX/AAAA6wgMIIlGDIPI/15bXcNVi+yB7EgCAABTVleLfQwz9oofR4TbiXX0iXXs iX0MD4T0BgAAi03wM9LrCItN8It10DPSOVXsD4zcBgAAgPsgfBOA+3h/Dg++w4qAUNJAAIPg D+sCM8APvoTGcNJAAMH4BIP4B4lF0A+HmgYAAP8khfuUQACDTfD/iVXMiVXYiVXgiVXkiVX8 iVXc6XgGAAAPvsOD6CB0O4PoA3Qtg+gIdB9ISHQSg+gDD4VZBgAAg038COlQBgAAg038BOlH BgAAg038Aek+BgAAgE38gOk1BgAAg038AuksBgAAgPsqdSONRRBQ6PUGAACFwFmJReAPjRIG AACDTfwE99iJReDpBAYAAItF4A++y40EgI1EQdDr6YlV8OntBQAAgPsqdR6NRRBQ6LYGAACF wFmJRfAPjdMFAACDTfD/6coFAACNBIkPvsuNREHQiUXw6bgFAACA+0l0LoD7aHQggPtsdBKA +3cPhaAFAACATf0I6ZcFAACDTfwQ6Y4FAACDTfwg6YUFAACAPzZ1FIB/ATR1DkdHgE39gIl9 DOlsBQAAiVXQiw0QKkEAiVXcD7bD9kRBAYB0GY1F7FD/dQgPvsNQ6H8FAACKH4PEDEeJfQyN RexQ/3UID77DUOhmBQAAg8QM6SUFAAAPvsOD+GcPjxwCAACD+GUPjZYAAACD+FgPj+sAAAAP hHgCAACD6EMPhJ8AAABISHRwSEh0bIPoDA+F6QMAAGb3RfwwCHUEgE39CIt18IP+/3UFvv// /3+NRRBQ6JwFAABm90X8EAhZi8iJTfgPhP4BAACFyXUJiw0sLEEAiU34x0XcAQAAAIvBi9ZO hdIPhNQBAABmgzgAD4TKAQAAQEDr58dFzAEAAACAwyCDTfxAjb24/f//O8qJffgPjc8AAADH RfAGAAAA6dEAAABm90X8MAh1BIBN/Qhm90X8EAiNRRBQdDvoMAUAAFCNhbj9//9Q6HUjAACD xAyJRfSFwH0yx0XYAQAAAOspg+hadDKD6Al0xUgPhOgBAADpCAMAAOjYBAAAWYiFuP3//8dF 9AEAAACNhbj9//+JRfjp5wIAAI1FEFDoswQAAIXAWXQzi0gEhcl0LPZF/Qh0Fw+/ANHoiU34 iUX0x0XcAQAAAOm1AgAAg2XcAIlN+A+/AOmjAgAAoSgsQQCJRfhQ6Y4AAAB1DID7Z3UHx0Xw AQAAAItFEP91zIPACIlFEP918ItI+IlNuItA/IlFvA++w1CNhbj9//9QjUW4UP8VADBBAIt1 /IPEFIHmgAAAAHQUg33wAHUOjYW4/f//UP8VDDBBAFmA+2d1EoX2dQ6Nhbj9//9Q/xUEMEEA WYC9uP3//y11DYBN/QGNvbn9//+JffhX6GHm//9Z6fwBAACD6GkPhNEAAACD6AUPhJ4AAABI D4SEAAAASHRRg+gDD4T9/f//SEgPhLEAAACD6AMPhckBAADHRdQnAAAA6zwrwdH46bQBAACF yXUJiw0oLEEAiU34i8GL1k6F0nQIgDgAdANA6/ErwemPAQAAx0XwCAAAAMdF1AcAAAD2RfyA x0X0EAAAAHRdikXUxkXqMARRx0XkAgAAAIhF6+tI9kX8gMdF9AgAAAB0O4BN/QLrNY1FEFDo GwMAAPZF/CBZdAlmi03sZokI6wWLTeyJCMdF2AEAAADpIwIAAINN/EDHRfQKAAAA9kX9gHQM jUUQUOjtAgAAWetB9kX8IHQh9kX8QI1FEFB0DOjIAgAAWQ+/wJnrJei8AgAAWQ+3wOvy9kX8 QI1FEFB0COinAgAAWevg6J8CAABZM9L2RfxAdBuF0n8XfASFwHMR99iD0gCL8PfagE39AYv6 6wSL8Iv69kX9gHUDg+cAg33wAH0Jx0XwAQAAAOsEg2X894vGC8d1BINl5ACNRbeJRfiLRfD/ TfCFwH8Gi8YLx3Q7i0X0mVJQV1aJRcCJVcTobyEAAP91xIvYg8Mw/3XAV1bo7SAAAIP7OYvw i/p+AwNd1ItF+P9N+IgY67WNRbcrRfj/Rfj2Rf0CiUX0dBmLTfiAOTB1BIXAdQ3/TfhAi034 xgEwiUX0g33YAA+F9AAAAItd/PbDQHQm9scBdAbGReot6xT2wwF0BsZF6ivrCfbDAnQLxkXq IMdF5AEAAACLdeArdeQrdfT2wwx1Eo1F7FD/dQhWaiDoFwEAAIPEEI1F7FCNRer/dQj/deRQ 6DIBAACDxBD2wwh0F/bDBHUSjUXsUP91CFZqMOjlAAAAg8QQg33cAHRBg330AH47i0X0i134 jXj/ZosDQ1CNRchQQ+iWHwAAWYXAWX4yjU3sUf91CFCNRchQ6NgAAACDxBCLx0+FwHXQ6xWN RexQ/3UI/3X0/3X46LoAAACDxBD2RfwEdBKNRexQ/3UIVmog6HEAAACDxBCLfQyKH0eE24l9 DA+FE/n//4tF7F9eW8nDeY9AAE+OQABqjkAAto5AAO2OQAD1jkAAKo9AAL2PQABVi+yLTQz/ SQR4DosRikUIiAL/AQ+2wOsLUf91COiI9///WVmD+P+LRRB1BYMI/13D/wBdw1ZXi3wkEIvH T4XAfiGLdCQYVv90JBj/dCQU6Kz///+DxAyDPv90B4vHT4XAf+NfXsNTi1wkDIvDS1ZXhcB+ Jot8JByLdCQQD74GV0b/dCQcUOh1////g8QMgz//dAeLw0uFwH/iX15bw4tEJASDAASLAItA /MOLRCQEgwAIiwiLQfiLUfzDi0QkBIMABIsAZotA/MNWi3QkCIX2dCRW6MAfAABZhcBWdApQ 6N8fAABZWV7DagD/NQRLSQD/FZDRQABew/81uDpJAP90JAjoAwAAAFlZw4N8JATgdyL/dCQE 6BwAAACFwFl1FjlEJAh0EP90JATodScAAIXAWXXeM8DDVot0JAg7NSAwQQB3C1bopSIAAIXA WXUchfZ1A2oBXoPGD4Pm8FZqAP81BEtJAP8VlNFAAF7DVYvsgezEAQAAgGXrAFNWi3UMM9tX igaJXfyEwIldzA+E4QkAAIt9COsFi30IM9uDPRwsQQABfg8PtsBqCFDohvX//1lZ6w+LDRAq QQAPtsCKBEGD4Ag7w3Q2/038V41F/FdQ6CUKAABZWVDoBgoAAA+2RgFGUOhp7P//g8QMhcB0 Dg+2RgFGUOhX7P//WevugD4lD4XZCAAAgGXLAIBl6ACAZekAgGXyAIBl8QCAZeoAM/+AZfsA iV3kiV3giV30xkXzAYld0A+2XgFGgz0cLEEAAX4PD7bDagRQ6On0//9ZWesPiw0QKkEAD7bD igRBg+AEhcB0EotF9P9F4I0EgI1EQ9CJRfTrZYP7Tn8+dF6D+yp0MoP7RnRUg/tJdAqD+0x1 N/5F8+tFgH4BNnUsgH4CNI1GAnUj/0XQg2XYAINl3ACL8Osn/kXy6yKD+2h0F4P7bHQKg/t3 dAj+RfHrDv5F8/5F++sG/k3z/k37gH3xAA+ET////4B98gCJdQx1EotFEIlFvIPABIlFEItA /IlF1IBl8QCAffsAdRSKBjxTdAo8Q3QGgE37/+sExkX7AYtdDA+2M4POIIP+bol1xHQog/5j dBSD/nt0D/91CI1F/FDotQgAAFnrC/91CP9F/Oh2CAAAWYlF7DPAOUXgdAk5RfQPhNwHAACD /m8Pj14CAAAPhAoFAACD/mMPhCwCAACD/mQPhPgEAAAPjmoCAACD/md+OIP+aXQbg/5uD4VX AgAAgH3yAIt9/A+EAAcAAOkhBwAAamRei13sg/stD4V+AgAAxkXpAel6AgAAi13sjbU8/v// g/stdQ6InTz+//+NtT3+///rBYP7K3UXi30I/030/0X8V+jOBwAAi9hZiV3s6wOLfQiDfeAA dAmBffRdAQAAfgfHRfRdAQAAgz0cLEEAAX4MagRT6Anz//9ZWesLoRAqQQCKBFiD4ASFwHQh i0X0/030hcB0F/9F5IgeRv9F/FfocAcAAIvYWYld7Ou7OB0gLEEAdWaLRfT/TfSFwHRc/0X8 V+hNBwAAi9igICxBAIgGWYld7EaDPRwsQQABfgxqBFPom/L//1lZ6wuhECpBAIoEWIPgBIXA dCGLRfT/TfSFwHQX/0XkiB5G/0X8V+gCBwAAi9hZiV3s67uDfeQAD4SOAAAAg/tldAmD+0UP hYAAAACLRfT/TfSFwHR2xgZlRv9F/FfoywYAAIvYWYP7LYld7HUFiAZG6wWD+yt1HotF9P9N 9IXAdQUhRfTrD/9F/FfongYAAIvYWYld7IM9HCxBAAF+DGoEU+j08f//WVnrC6EQKkEAigRY g+AEhcB0EotF9P9N9IXAdAj/ReSIHkbru/9N/FdT6HIGAACDfeQAWVkPhPYFAACAffIAD4VN BQAA/0XMgCYAjYU8/v//UA++RfP/ddRIUP8VCDBBAIPEDOkpBQAAOUXgdQr/RfTHReABAAAA gH37AH4ExkXqAb84LEEA6QsBAACLxoPocA+EowIAAIPoAw+E6AAAAEhID4SWAgAAg+gDD4TD /f//g+gDdCQPtgM7RewPhT8FAAD+TeuAffIAD4XDBAAAi0W8iUUQ6bgEAACAffsAfgTGReoB i30MR4l9DIA/Xg+FpwAAAIvHjXgB6ZkAAACD+yt1Iv9N9HUMg33gAHQGxkXxAesR/3UI/0X8 6GgFAACL2FmJXeyD+zAPhUUCAAD/dQj/RfzoTgUAAIvYWYD7eIld7HQvgPtYdCqD/njHReQB AAAAdAhqb17pFgIAAP91CP9N/FPoOAUAAFlZajBb6f0BAAD/dQj/RfzoCQUAAFmL2Ild7Gp4 68+AffsAfgTGReoBvzAsQQCATej/aiCNRZxqAFDo7Nr//4PEDIN9xHt1DoA/XXUJsl1HxkWn IOsDilXLigc8XXRfRzwtdUGE0nQ9ig+A+V10Nkc60XMEisHrBIrCitE60HchD7bSD7bwK/JG i8qLwoPhB7MBwegD0uONRAWcCBhCTnXoMtLrtA+2yIrQi8GD4QezAcHoA9LjjUQFnAgY65uA PwAPhAEEAACDfcR7dQOJfQyLfQiLddT/TfxX/3XsiXXQ6FMEAABZWYN94AB0DotF9P9N9IXA D4ScAAAA/0X8V+gaBAAAg/j/WYlF7HR+i8hqAYPhB1oPvl3o0+KLyMH5Aw++TA2cM8uF0XRg gH3yAHVSgH3qAHRBiw0QKkEAiEXID7bA9kRBAYB0Df9F/FfoywMAAFmIRcn/NRwsQQCNRchQ jUXCUOiqIAAAZotFwoPEDGaJBkZG6wOIBkaJddTpZP////9F0Olc/////038V1DoowMAAFlZ OXXQD4QoAwAAgH3yAA+FfwIAAP9FzIN9xGMPhHICAACAfeoAi0XUdAlmgyAA6WACAACAIADp WAIAAMZF8wGLXeyD+y11BsZF6QHrBYP7K3Ui/030dQyDfeAAdAbGRfEB6xH/dQj/RfzoGgMA AFmL2Ild7IN90AAPhA8BAACAffEAD4XjAAAAg/54dU+DPRwsQQABfg9ogAAAAFPoVO7//1lZ 6w2hECpBAIoEWCWAAAAAhcAPhKMAAACLRdiLVdxqBFnozSAAAFOJRdiJVdzofQIAAIvYWYld 7OtTgz0cLEEAAX4MagRT6Aju//9ZWesLoRAqQQCKBFiD4ASFwHRdg/5vdRWD+zh9U4tF2ItV 3GoDWeh9IAAA6w9qAGoK/3Xc/3XY6CwgAACJRdiJVdz/ReSNQ9CZAUXYEVXcg33gAHQF/030 dCT/dQj/RfzoNgIAAIvYWYld7Okr/////3UI/038U+g5AgAAWVmAfekAD4TcAAAAi0XYi03c 99iD0QCJRdj32YlN3OnEAAAAgH3xAA+FsgAAAIP+eHQ/g/5wdDqDPRwsQQABfgxqBFPoQ+3/ /1lZ6wuhECpBAIoEWIPgBIXAdHaD/m91CoP7OH1swecD6z+NPL/R5+s4gz0cLEEAAX4PaIAA AABT6Abt//9ZWesNoRAqQQCKBFglgAAAAIXAdDdTwecE6EQBAACL2FmJXez/ReSDfeAAjXwf 0HQF/030dCT/dQj/RfzoWAEAAIvYWYld7Olc/////3UI/038U+hbAQAAWVmAfekAdAL334P+ RnUEg2XkAIN95AAPhM4AAACAffIAdSn/RcyDfdAAdBCLRdSLTdiJCItN3IlIBOsQgH3zAItF 1HQEiTjrA2aJOP5F6/9FDIt1DOtC/0X8V+jhAAAAi9hZD7YGRjvDiV3siXUMdVWLDRAqQQAP tsP2REEBgHQY/0X8V+i3AAAAWQ+2DkY7yIl1DHU+/038g33s/3UQgD4ldU2LRQyAeAFudUSL 8IoGhMAPhVb2///rMP91CP9N/P917OsF/038V1PoiwAAAFlZ6xf/TfxXUOh9AAAA/038V1Po cwAAAIPEEIN97P91EYtFzIXAdQ04Ret1CIPI/+sDi0XMX15bycODPRwsQQABVn4Qi3QkCGoE VuiO6///WVnrD4t0JAihECpBAIoEcIPgBIXAdQaD5t+D7geLxl7Di1QkBP9KBHgJiwoPtgFB iQrDUugUHgAAWcODfCQE/3QP/3QkCP90JAjo1x4AAFlZw1aLdCQIV/90JBD/Bui+////i/hX 6D7i//9ZhcBZdeeLx19ew8zMzMzMzMzMjUL/W8ONpCQAAAAAjWQkADPAikQkCFOL2MHgCItU JAj3wgMAAAB0E4oKQjjZdNGEyXRR98IDAAAAde0L2FeLw8HjEFYL2IsKv//+/n6LwYv3M8sD 8AP5g/H/g/D/M88zxoPCBIHhAAEBgXUcJQABAYF00yUAAQEBdQiB5gAAAIB1xF5fWzPAw4tC /DjYdDaEwHTvONx0J4TkdOfB6BA42HQVhMB03DjcdAaE5HTU65ZeX41C/1vDjUL+Xl9bw41C /V5fW8ONQvxeX1vDoTRMSQCFwHQC/9BoFPBAAGgI8EAA6M4AAABoBPBAAGgA8EAA6L8AAACD xBDDagBqAP90JAzoFQAAAIPEDMNqAGoB/3QkDOgEAAAAg8QMw1dqAV85PZw5SQB1Ef90JAj/ FazQQABQ/xUo0UAAg3wkDABTi1wkFIk9mDlJAIgdlDlJAHU8oTBMSQCFwHQiiw0sTEkAVo1x /DvwchOLBoXAdAL/0IPuBDs1MExJAHPtXmgg8EAAaBjwQADoKgAAAFlZaCjwQABoJPBAAOgZ AAAAWVmF21t1EP90JAiJPZw5SQD/FXzRQABfw1aLdCQIO3QkDHMNiwaFwHQC/9CDxgTr7V7D VYvsU/91COg1AQAAhcBZD4QgAQAAi1gIhdsPhBUBAACD+wV1DINgCABqAVjpDQEAAIP7AQ+E 9gAAAIsNoDlJAIlNCItNDIkNoDlJAItIBIP5CA+FyAAAAIsNuCxBAIsVvCxBAAPRVjvKfRWN NEkr0Y00tUgsQQCDJgCDxgxKdfeLAIs1xCxBAD2OAADAdQzHBcQsQQCDAAAA63A9kAAAwHUM xwXELEEAgQAAAOtdPZEAAMB1DMcFxCxBAIQAAADrSj2TAADAdQzHBcQsQQCFAAAA6zc9jQAA wHUMxwXELEEAggAAAOskPY8AAMB1DMcFxCxBAIYAAADrET2SAADAdQrHBcQsQQCKAAAA/zXE LEEAagj/01mJNcQsQQBZXusIg2AIAFH/01mLRQijoDlJAIPI/+sJ/3UM/xWY0UAAW13Di1Qk BIsNwCxBADkVQCxBAFa4QCxBAHQVjTRJjTS1QCxBAIPADDvGcwQ5EHX1jQxJXo0MjUAsQQA7 wXMEORB0AjPAw4M9KExJAAB1Bei75P//Vos1aE5JAIoGPCJ1JYpGAUY8InQVhMB0EQ+2wFDo lBsAAIXAWXTmRuvjgD4idQ1G6wo8IHYGRoA+IHf6igaEwHQEPCB26YvGXsNTM9s5HShMSQBW V3UF6F/k//+LNSA5SQAz/4oGOsN0Ejw9dAFHVugr0///WY10BgHr6I0EvQQAAABQ6Orw//+L 8Fk784k1fDlJAHUIagnoEeD//1mLPSA5SQA4H3Q5VVfo8dL//4voWUWAPz10IlXotfD//zvD WYkGdQhqCeji3///WVf/Nujb0f//WYPGBFkD/Tgfdcld/zUgOUkA6Fjw//9ZiR0gOUkAiR5f XscFJExJAAEAAABbw1WL7FFRUzPbOR0oTEkAVld1Beih4///vqQ5SQBoBAEAAFZT/xUU0UAA oWhOSQCJNYw5SQCL/jgYdAKL+I1F+FCNRfxQU1NX6E0AAACLRfiLTfyNBIhQ6BXw//+L8IPE GDvzdQhqCOhA3///WY1F+FCNRfxQi0X8jQSGUFZX6BcAAACLRfyDxBRIiTV0OUkAX16jcDlJ AFvJw1WL7ItNGItFFFNWgyEAi3UQV4t9DMcAAQAAAItFCIX/dAiJN4PHBIl9DIA4InVEilAB QID6InQphNJ0JQ+20vaCYU1JAAR0DP8BhfZ0BooQiBZGQP8BhfZ01YoQiBZG687/AYX2dASA JgBGgDgidUZA60P/AYX2dAWKEIgWRooQQA+22vaDYU1JAAR0DP8BhfZ0BYoYiB5GQID6IHQJ hNJ0CYD6CXXMhNJ1A0jrCIX2dASAZv8Ag2UYAIA4AA+E4AAAAIoQgPogdAWA+gl1A0Dr8YA4 AA+EyAAAAIX/dAiJN4PHBIl9DItVFP8Cx0UIAQAAADPbgDhcdQRAQ+v3gDgidSz2wwF1JTP/ OX0YdA2AeAEijVABdQSLwusDiX0Ii30MM9I5VRgPlMKJVRjR64vTS4XSdA5DhfZ0BMYGXEb/ AUt184oQhNJ0SoN9GAB1CoD6IHQ/gPoJdDqDfQgAdC6F9nQZD7ba9oNhTUkABHQGiBZGQP8B ihCIFkbrDw+20vaCYU1JAAR0A0D/Af8BQOlY////hfZ0BIAmAEb/AekX////hf90A4MnAItF FF9eW/8AXcNRUaGoOkkAU1WLLajRQABWVzPbM/Yz/zvDdTP/1YvwO/N0DMcFqDpJAAEAAADr KP8VpNFAAIv4O/sPhOoAAADHBag6SQACAAAA6Y8AAACD+AEPhYEAAAA783UM/9WL8DvzD4TC AAAAZjkei8Z0DkBAZjkYdflAQGY5GHXyK8aLPaDQQADR+FNTQFNTUFZTU4lEJDT/14voO+t0 MlXogu3//zvDWYlEJBB0I1NTVVD/dCQkVlNT/9eFwHUO/3QkEOgw7f//WYlcJBCLXCQQVv8V oNFAAIvD61OD+AJ1TDv7dQz/FaTRQACL+Dv7dDw4H4vHdApAOBh1+0A4GHX2K8dAi+hV6Bvt //+L8Fk783UEM/brC1VXVuj10v//g8QMV/8VnNFAAIvG6wIzwF9eXVtZWcOD7ERTVVZXaAAB AADo4Oz//4vwWYX2dQhqG+gN3P//WYk1IEtJAMcFIExJACAAAACNhgABAAA78HMagGYEAIMO /8ZGBQqhIEtJAIPGCAUAAQAA6+KNRCQQUP8VeNFAAGaDfCRCAA+ExQAAAItEJESFwA+EuQAA AIswjWgEuAAIAAA78I0cLnwCi/A5NSBMSQB9Ur8kS0kAaAABAADoUOz//4XAWXQ4gwUgTEkA IIkHjYgAAQAAO8FzGIBgBACDCP/GQAUKiw+DwAiBwQABAADr5IPHBDk1IExJAHy76waLNSBM SQAz/4X2fkaLA4P4/3Q2ik0A9sEBdC72wQh1C1D/FWzRQACFwHQei8eLz8H4BYPhH4sEhSBL SQCNBMiLC4kIik0AiEgER0WDwwQ7/ny6M9uhIEtJAIM82P+NNNh1TYXbxkYEgXUFavZY6wqL w0j32BvAg8D1UP8VcNFAAIv4g///dBdX/xVs0UAAhcB0DCX/AAAAiT6D+AJ1BoBOBEDrD4P4 A3UKgE4ECOsEgE4EgEOD+wN8m/81IExJAP8VjNFAAF9eXVuDxETDM8BqADlEJAhoABAAAA+U wFD/FWTRQACFwKMES0kAdBXogwoAAIXAdQ//NQRLSQD/FWjRQAAzwMNqAVjDzMzMVYvsU1ZX VWoAagBoJKtAAP91COieHAAAXV9eW4vlXcOLTCQE90EEBgAAALgBAAAAdA+LRCQIi1QkEIkC uAMAAADDU1ZXi0QkEFBq/mgsq0AAZP81AAAAAGSJJQAAAACLRCQgi1gIi3AMg/7/dC47dCQk dCiNNHaLDLOJTCQIiUgMg3yzBAB1EmgBAQAAi0SzCOhAAAAA/1SzCOvDZI8FAAAAAIPEDF9e W8MzwGSLDQAAAACBeQQsq0AAdRCLUQyLUgw5UQh1BbgBAAAAw1NRu9QsQQDrClNRu9QsQQCL TQiJSwiJQwSJawxZW8IEAMzMVkMyMFhDMDBVi+yD7AhTVldV/ItdDItFCPdABAYAAAAPhYIA AACJRfiLRRCJRfyNRfiJQ/yLcwyLewiD/v90YY0MdoN8jwQAdEVWVY1rEP9UjwRdXotdDAvA dDN4PIt7CFPoqf7//4PEBI1rEFZT6N7+//+DxAiNDHZqAYtEjwjoYf///4sEj4lDDP9UjwiL ewiNDHaLNI/robgAAAAA6xy4AQAAAOsVVY1rEGr/U+ie/v//g8QIXbgBAAAAXV9eW4vlXcNV i0wkCIspi0EcUItBGFDoef7//4PECF3CBAChKDlJAIP4AXQNhcB1KoM9FClBAAF1IWj8AAAA 6BgAAAChrDpJAFmFwHQC/9Bo/wAAAOgCAAAAWcNVi+yB7KQBAACLVQgzybjoLEEAOxB0C4PA CEE9eC1BAHzxVovxweYDO5boLEEAD4UcAQAAoSg5SQCD+AEPhOgAAACFwHUNgz0UKUEAAQ+E 1wAAAIH6/AAAAA+E8QAAAI2FXP7//2gEAQAAUGoA/xUU0UAAhcB1E42FXP7//2i81UAAUOiz yf//WVmNhVz+//9XUI29XP7//+iOyv//QFmD+Dx2KY2FXP7//1Doe8r//4v4jYVc/v//g+g7 agMD+Gi41UAAV+jhAQAAg8QQjYVg////aJzVQABQ6F3J//+NhWD///9XUOhgyf//jYVg//// aJjVQABQ6E/J////tuwsQQCNhWD///9Q6D3J//9oECABAI2FYP///2hw1UAAUOhfEgAAg8Qs X+smjUUIjbbsLEEAagBQ/zbo7sn//1lQ/zZq9P8VcNFAAFD/FWzQQABeycNVi+xq/2jY1UAA aASsQABkoQAAAABQZIklAAAAAIPsGFNWV4ll6KGwOkkAM9s7w3U+jUXkUGoBXlZoUNJAAFb/ FVTRQACFwHQEi8brHY1F5FBWaEzSQABWU/8VWNFAAIXAD4TOAAAAagJYo7A6SQCD+AJ1JItF HDvDdQWhPDlJAP91FP91EP91DP91CFD/FVjRQADpnwAAAIP4AQ+FlAAAADldGHUIoUw5SQCJ RRhTU/91EP91DItFIPfYG8CD4AhAUP91GP8VeNBAAIlF4DvDdGOJXfyNPACLx4PAAyT86BTQ //+JZeiL9Il13FdTVuiUx///g8QM6wtqAVjDi2XoM9sz9oNN/P8783Qp/3XgVv91EP91DGoB /3UY/xV40EAAO8N0EP91FFBW/3UI/xVU0UAA6wIzwI1lzItN8GSJDQAAAABfXlvJw8zMzMzM zMzMzMzMzMzMzItMJAxXhcl0elZTi9mLdCQU98YDAAAAi3wkEHUHwekCdW/rIYoGRogHR0l0 JYTAdCn3xgMAAAB164vZwekCdVGD4wN0DYoGRogHR4TAdC9LdfOLRCQQW15fw/fHAwAAAHQS iAdHSQ+EigAAAPfHAwAAAHXui9nB6QJ1bIgHR0t1+ltei0QkCF/DiReDxwRJdK+6//7+fosG A9CD8P8zwosWg8YEqQABAYF03oTSdCyE9nQe98IAAP8AdAz3wgAAAP91xokX6xiB4v//AACJ F+sOgeL/AAAAiRfrBDPSiReDxwQzwEl0CjPAiQeDxwRJdfiD4wN1hYtEJBBbXl/Di0QkBFM7 BSBMSQBWV3Nzi8iL8MH5BYPmH408jSBLSQDB5gOLD/ZEMQQBdFZQ6BIRAACD+P9ZdQzHBVQ5 SQAJAAAA60//dCQYagD/dCQcUP8V5NBAAIvYg/v/dQj/FeDQQADrAjPAhcB0CVDo8w8AAFnr IIsHgGQwBP2NRDAEi8PrFIMlWDlJAADHBVQ5SQAJAAAAg8j/X15bw1WL7IHsFAQAAItNCFM7 DSBMSQBWVw+DeQEAAIvBi/HB+AWD5h+NHIUgS0kAweYDiwOKRDAEqAEPhFcBAAAz/zl9EIl9 +Il98HUHM8DpVwEAAKggdAxqAldR6Aj///+DxAyLAwPG9kAEgA+EwQAAAItFDDl9EIlF/Il9 CA+G5wAAAI2F7Pv//4tN/CtNDDtNEHMpi038/0X8igmA+Qp1B/9F8MYADUCICECLyI2V7Pv/ /yvKgfkABAAAfMyL+I2F7Pv//yv4jUX0agBQjYXs+///V1CLA/80MP8VbNBAAIXAdEOLRfQB Rfg7x3wLi0X8K0UMO0UQcooz/4tF+DvHD4WLAAAAOX0IdF9qBVg5RQh1TMcFVDlJAAkAAACj WDlJAOmAAAAA/xXg0EAAiUUI68eNTfRXUf91EP91DP8w/xVs0EAAhcB0C4tF9Il9CIlF+Oun /xXg0EAAiUUI65z/dQjoZA4AAFnrPYsD9kQwBEB0DItFDIA4Gg+Ezf7//8cFVDlJABwAAACJ PVg5SQDrFitF8OsUgyVYOUkAAMcFVDlJAAkAAACDyP9fXlvJw/8FtDpJAGgAEAAA6P7i//9Z i0wkBIXAiUEIdA2DSQwIx0EYABAAAOsRg0kMBI1BFIlBCMdBGAIAAACLQQiDYQQAiQHDi0Qk BDsFIExJAHIDM8DDi8iD4B/B+QWLDI0gS0kAikTBBIPgQMOhAEtJAFZqFIXAXnUHuAACAADr BjvGfQeLxqMAS0kAagRQ6KkOAABZo+Q6SQCFwFl1IWoEVok1AEtJAOiQDgAAWaPkOkkAhcBZ dQhqGuiN0f//WTPJuIAtQQCLFeQ6SQCJBBGDwCCDwQQ9ADBBAHzqM9K5kC1BAIvCi/LB+AWD 5h+LBIUgS0kAiwTwg/j/dASFwHUDgwn/g8EgQoH58C1BAHzUXsPokg8AAIA9lDlJAAB0BemV DgAAw1WL7ItFCIXAdQJdw4M9PDlJAAB1EmaLTQxmgfn/AHc5agGICFhdw41NCINlCABRagD/ NRwsQQBQjUUMagFQaCACAAD/NUw5SQD/FaDQQACFwHQGg30IAHQNxwVUOUkAKgAAAIPI/13D U1aLRCQYC8B1GItMJBSLRCQQM9L38YvYi0QkDPfxi9PrQYvIi1wkFItUJBCLRCQM0enR29Hq 0dgLyXX09/OL8PdkJBiLyItEJBT35gPRcg47VCQQdwhyBztEJAx2AU4z0ovGXlvCEADMzMzM zMzMzFOLRCQUC8B1GItMJBCLRCQMM9L38YtEJAj38YvCM9LrUIvIi1wkEItUJAyLRCQI0enR 29Hq0dgLyXX09/OLyPdkJBSR92QkEAPRcg47VCQMdwhyDjtEJAh2CCtEJBAbVCQUK0QkCBtU JAz32vfYg9oAW8IQAGhAAQAAagD/NQRLSQD/FZTRQACFwKPgOkkAdQHDgyXYOkkAAIMl3DpJ AABqAaPUOkkAxwXMOkkAEAAAAFjDodw6SQCNDICh4DpJAI0MiDvBcxSLVCQEK1AMgfoAABAA cgeDwBTr6DPAw1WL7IPsFItVDItNCFNWi0EQi/IrcQyLWvyDwvxXwe4Pi86LevxpyQQCAABL iX38jYwBRAEAAIld9IlN8IsME/bBAYlN+HV/wfkEaj9JX4lNDDvPdgOJfQyLTBMEO0wTCHVI i00Mg/kgcxy/AAAAgNPvjUwBBPfXIXywRP4JdSuLTQghOeskg8HgvwAAAIDT74tNDI1MAQT3 1yG8sMQAAAD+CXUGi00IIXkEi0wTCIt8EwSJeQSLTBMEi3wTCANd+Il5CIld9Iv7wf8ET4P/ P3YDaj9fi038g+EBiU3sD4WgAAAAK1X8i038wfkEaj+JVfhJWjvKiU0MdgWJVQyLygNd/Iv7 iV30wf8ETzv6dgKL+jvPdGuLTfiLUQQ7UQh1SItNDIP5IHMcugAAAIDT6o1MAQT30iFUsET+ CXUri00IIRHrJIPB4LoAAACA0+qLTQyNTAEE99IhlLDEAAAA/gl1BotNCCFRBItN+ItRCItJ BIlKBItN+ItRBItJCIlKCItV+IN97AB1CTl9DA+EiQAAAItN8I0M+YtJBIlKBItN8I0M+YlK CIlRBItKBIlRCItKBDtKCHVjikwHBIP/IIhND/7BiEwHBHMlgH0PAHUOuwAAAICLz9Pri00I CRm7AAAAgIvP0+uNRLBECRjrKYB9DwB1EI1P4LsAAACA0+uLTQgJWQSNT+C/AAAAgNPvjYSw xAAAAAk4i130i0XwiRqJXBP8/wgPhfoAAACh2DpJAIXAD4TfAAAAiw3QOkkAiz1g0UAAweEP A0gMuwCAAABoAEAAAFNR/9eLDdA6SQCh2DpJALoAAACA0+oJUAih2DpJAIsN0DpJAItAEIOk iMQAAAAAodg6SQCLQBD+SEOh2DpJAItIEIB5QwB1CYNgBP6h2DpJAIN4CP91bFNqAP9wDP/X odg6SQD/cBBqAP81BEtJAP8VkNFAAKHcOkkAixXgOkkAjQSAweACi8ih2DpJACvIjUwR7FGN SBRRUOgPx///i0UIg8QM/w3cOkkAOwXYOkkAdgOD6BSLDeA6SQCJDdQ6SQDrA4tFCKPYOkkA iTXQOkkAX15bycNVi+yD7BSh3DpJAIsV4DpJAFNWjQSAV408gotFCIl9/I1IF4Ph8IlN8MH5 BEmD+SB9DoPO/9Pug034/4l19OsQg8Hgg8j/M/bT6Il19IlF+KHUOkkAi9g734ldCHMZi0sE izsjTfgj/gvPdQuDwxQ7XfyJXQhy5ztd/HV5i9o72IldCHMVi0sEizsjTfgj/gvPdQWDwxTr 5jvYdVk7XfxzEYN7CAB1CIPDFIldCOvtO138dSaL2jvYiV0Icw2DewgAdQWDwxTr7jvYdQ7o OAIAAIvYhduJXQh0FFPo2gIAAFmLSxCJAYtDEIM4/3UHM8DpDwIAAIkd1DpJAItDEIsQg/r/ iVX8dBSLjJDEAAAAi3yQRCNN+CP+C891N4uQxAAAAItwRCNV+CN19INl/ACNSEQL1ot19HUX i5GEAAAA/0X8I1X4g8EEi/4jOQvXdOmLVfyLyjP/ackEAgAAjYwBRAEAAIlN9ItMkEQjznUN i4yQxAAAAGogI034X4XJfAXR4Ufr94tN9ItU+QSLCitN8IvxiU34wf4EToP+P34Daj9eO/cP hA0BAACLSgQ7Sgh1YYP/IH0ruwAAAICLz9Pri038jXw4BPfTiV3sI1yIRIlciET+D3U4i10I i03sIQvrMY1P4LsAAACA0+uLTfyNfDgEjYyIxAAAAPfTIRn+D4ld7HULi10Ii03sIUsE6wOL XQiLSgiLegSDffgAiXkEi0oEi3oIiXkID4SUAAAAi030i3zxBI0M8Yl6BIlKCIlRBItKBIlR CItKBDtKCHVkikwGBIP+IIhNC30p/sGAfQsAiEwGBHULvwAAAICLztPvCTu/AAAAgIvO0++L TfwJfIhE6y/+wYB9CwCITAYEdQ2NTuC/AAAAgNPvCXsEi038jbyIxAAAAI1O4L4AAACA0+4J N4tN+IXJdAuJColMEfzrA4tN+It18APRjU4BiQqJTDL8i3X0iw6FyY15AYk+dRo7Hdg6SQB1 EotN/DsN0DpJAHUHgyXYOkkAAItN/IkIjUIEX15bycOh3DpJAIsNzDpJAFZXM/87wXUwjUSJ UMHgAlD/NeA6SQBX/zUES0kA/xVM0UAAO8d0YYMFzDpJABCj4DpJAKHcOkkAiw3gOkkAaMRB AABqCI0EgP81BEtJAI00gf8VlNFAADvHiUYQdCpqBGgAIAAAaAAAEABX/xVQ0UAAO8eJRgx1 FP92EFf/NQRLSQD/FZDRQAAzwOsXg04I/4k+iX4E/wXcOkkAi0YQgwj/i8ZfXsNVi+xRi00I U1ZXi3EQi0EIM9uFwHwF0eBD6/eLw2o/acAEAgAAWo2EMEQBAACJRfyJQAiJQASDwAhKdfSL +2oEwecPA3kMaAAQAABoAIAAAFf/FVDRQACFwHUIg8j/6ZMAAACNlwBwAAA7+nc8jUcQg0j4 /4OI7A8AAP+NiPwPAADHQPzwDwAAiQiNiPzv//+JSATHgOgPAADwDwAABQAQAACNSPA7ynbH i0X8jU8MBfgBAABqAV+JSASJQQiNSgyJSAiJQQSDZJ5EAIm8nsQAAACKRkOKyP7BhMCLRQiI TkN1Awl4BLoAAACAi8vT6vfSIVAIi8NfXlvJw6G8OkkAhcB0D/90JAT/0IXAWXQEagFYwzPA w1WL7FNWi3UMM9s783QVOV0QdBCKBjrDdRCLRQg7w3QDZokYM8BeW13DOR08OUkAdROLTQg7 y3QHZg+2wGaJAWoBWOvhiw0QKkEAD7bA9kRBAYB0TaEcLEEAg/gBfio5RRB8LzPJOV0ID5XB Uf91CFBWagn/NUw5SQD/FXjQQACFwKEcLEEAdZ05RRByBTheAXWTxwVUOUkAKgAAAIPI/+uE M8A5XQgPlcBQ/3UIagFWagn/NUw5SQD/FXjQQACFwA+Fef///+vKzMzMzMzMzMzMzMzMzMzM i0QkCItMJBALyItMJAx1CYtEJAT34cIQAFP34YvYi0QkCPdkJBQD2ItEJAj34QPTW8IQAMzM zMzMzMzMzMzMzID5QHMVgPkgcwYPpcLT4MOL0DPAgOEf0+LDM8Az0sNWi3QkCItGDKiDD4TE AAAAqEAPhbwAAACoAnQKDCCJRgzprgAAAAwBZqkMAYlGDHUJVui/8///WesFi0YIiQb/dhj/ dgj/dhDozgQAAIPEDIlGBIXAdGyD+P90Z4tWDPbCgnU0i04QV4P5/3QUi/nB/wWD4R+LPL0g S0kAjTzP6wW/yCxBAIpPBF+A4YKA+YJ1BoDOIIlWDIF+GAACAAB1FItODPbBCHQM9sUEdQfH RhgAEAAAiw5IiUYED7YBQYkOXsP32BvAg+AQg8AQCUYMg2YEAIPI/17DU4tcJAiD+/9WdEGL dCQQi0YMqAF1CKiAdDKoAnUug34IAHUHVujz8v//WYsGO0YIdQmDfgQAdRRAiQb2RgxAdBH/ DosGOBh0D0CJBoPI/15bw/8OiwaIGItGDP9GBCTvDAGJRgyLwyX/AAAA6+FqBGoA/3QkDOgE AAAAg8QMww+2RCQEikwkDISIYU1JAHUcg3wkCAB0Dg+3BEUaKkEAI0QkCOsCM8CFwHUBw2oB WMNTM9s5HcA6SQBWV3VCaBTWQAD/FfTQQACL+Dv7dGeLNTjRQABoCNZAAFf/1oXAo8A6SQB0 UGj41UAAV//WaOTVQABXo8Q6SQD/1qPIOkkAocQ6SQCFwHQW/9CL2IXbdA6hyDpJAIXAdAVT /9CL2P90JBj/dCQY/3QkGFP/FcA6SQBfXlvDM8Dr+ItMJAQz0okNWDlJALgwMEEAOwh0IIPA CEI9mDFBAHzxg/kTch2D+SR3GMcFVDlJAA0AAADDiwTVNDBBAKNUOUkAw4H5vAAAAHISgfnK AAAAxwVUOUkACAAAAHYKxwVUOUkAFgAAAMOLTCQEVjsNIExJAFdzVYvBi/HB+AWD5h+NPIUg S0kAweYDiwcDxvZABAF0N4M4/3Qygz0UKUEAAXUfM8AryHQQSXQISXUTUGr06whQavXrA1Bq 9v8VSNFAAIsHgwww/zPA6xSDJVg5SQAAxwVUOUkACQAAAIPI/19ew4tEJAQ7BSBMSQBzHIvI g+AfwfkFiwyNIEtJAPZEwQQBjQTBdAOLAMODJVg5SQAAxwVUOUkACQAAAIPI/8NTVot0JAxX D690JBSD/uCL3ncNhfZ1A2oBXoPGD4Pm8DP/g/7gdyo7HSAwQQB3DVPolfb//4v4WYX/dStW agj/NQRLSQD/FZTRQACL+IX/dSKDPbg6SQAAdBlW6B/7//+FwFl0FOu5U2oAV+hBtP//g8QM i8dfXlvDM8Dr+FZXagMz/145NQBLSQB+RKHkOkkAiwSwhcB0L/ZADIN0DVDoPQMAAIP4/1l0 AUeD/hR8F6HkOkkA/zSw6OjS//+h5DpJAFmDJLAARjs1AEtJAHy8i8dfXsNWi3QkCIX2dQlW 6JEAAABZXsNW6CMAAACFwFl0BYPI/17D9kYNQHQP/3YQ6DIDAAD32FleG8DDM8Bew1NWi3Qk DDPbV4tGDIvIg+EDgPkCdTdmqQgBdDGLRgiLPiv4hf9+JldQ/3YQ6Njt//+DxAw7x3UOi0YM qIB0DiT9iUYM6weDTgwgg8v/i0YIg2YEAIkGX4vDXlvDagHoAgAAAFnDU1ZXM/Yz2zP/OTUA S0kAfk2h5DpJAIsEsIXAdDiLSAz2wYN0MIN8JBABdQ9Q6C7///+D+P9ZdB1D6xqDfCQQAHUT 9sECdA5Q6BP///+D+P9ZdQIL+EY7NQBLSQB8s4N8JBABi8N0AovHX15bw2oC6CbB//9Zw1WL 7IPsDFNWi3UIVzs1IExJAA+DxQEAAIvGg+YfwfgFweYDjRyFIEtJAIsEhSBLSQADxopQBPbC AQ+EngEAAINl+ACLfQyDfRAAi890Z/bCAnVi9sJIdB2KQAU8CnQW/00QiAeLA41PAcdF+AEA AADGRDAFCo1F9GoAUIsD/3UQUf80MP8VcNBAAIXAdTr/FeDQQABqBVk7wXUVxwVUOUkACQAA AIkNWDlJAOk+AQAAg/htdQczwOk1AQAAUOg1/P//WekmAQAAiwOLVfQBVfiNTDAEikQwBKiA D4T4AAAAhdJ0CYA/CnUEDATrAiT7iAGLRQyLTfiJRRADyDvBiU34D4PLAAAAi0UQigA8Gg+E rgAAADwNdAuIB0f/RRDpkQAAAEk5TRBzGItFEECAOAp1BoNFEALrXsYHDUeJRRDrc41F9GoA UP9FEI1F/2oBUIsD/zQw/xVw0EAAhcB1Cv8V4NBAAIXAdUeDffQAdEGLA/ZEMARIdBOKRf88 CnQXxgcNiwtHiEQxBespO30MdQuAff8KdQXGBwrrGGoBav//dQjo7er//4PEDIB9/wp0BMYH DUeLTfg5TRAPgkf////rEIsDjXQwBIoGqEB1BAwCiAYrfQyJffiLRfjrFIMlWDlJAADHBVQ5 SQAJAAAAg8j/X15bycNWi3QkCFeDz/+LRgyoQHQFg8j/6zqog3Q0VugQ/f//Vov46DkBAAD/ dhDofgAAAIPEDIXAfQWDz//rEotGHIXAdAtQ6HzP//+DZhwAWYvHg2YMAF9ew4tEJAQ7BSBM SQBzPYvIi9DB+QWD4h+LDI0gS0kA9kTRBAF0JVDoYvv//1lQ/xVE0UAAhcB1CP8V4NBAAOsC M8CFwHQSo1g5SQDHBVQ5SQAJAAAAg8j/w1NVVleLfCQUOz0gTEkAD4OGAAAAi8eL98H4BYPm H40chSBLSQDB5gOLA/ZEMAQBdGlX6P76//+D+P9ZdDyD/wF0BYP/AnUWagLo5/r//2oBi+jo 3vr//1k7xVl0HFfo0vr//1lQ/xUk0UAAhcB1Cv8V4NBAAIvo6wIz7VfoOvr//4sDWYBkMAQA he10CVXowfn//1nrFTPA6xSDJVg5SQAAxwVUOUkACQAAAIPI/19eXVvDVot0JAiLRgyog3Qd qAh0Gf92COhMzv//ZoFmDPf7M8BZiQaJRgiJRgRew8zMzMzM/yW40UAA/yW00UAA/yWw0UAA /yVc0UAAVYvsUaE8OUkAUzPbO8OJXfx1IYtFCIvQOBh0f4oKgPlhfAqA+Xp/BYDpIIgKQjga derrZ1ZXagFTU1Nq/74AAgAA/3UIVlDo7cH//4v4g8QgO/t0OFfo8M3//zvDWYlF/HQqagFT V1Bq//91CFb/NTw5SQDowMH//4PEIIXAdA3/dfz/dQjo/a7//1lZ/3X86IfN//+LRQhZX15b ycPMzMzMzMzMzMzMVYvsV1ZTi00QC8kPhJUAAACLdQiLfQyNBTQ5SQCDeAgAdUO3QbNatiCN SQCKJgrkigd0IQrAdB1GRzj8cgY43HcCAuY4+HIGONh3AgLGOMR1CUl11zPJOMR0S7n///// ckT32etAM8Az24v/igYLwIofdCML23QfRkdRUFPo3LH//4vYg8QE6NKx//+DxARZO8N1CUl1 1TPJO8N0Cbn/////cgL32YvBW15fycPMzMxVi+xXVlOLdQyLfQiNBTQ5SQCDeAgAdTuw/4v/ CsB0LooGRoonRzjEdPIsQTwaGsmA4SACwQRBhuAsQTwaGsmA4SACwQRBOOB00hrAHP8PvsDr NLj/AAAAM9uL/wrAdCeKBkaKH0c42HTyUFPoPbH//4vYg8QE6DOx//+DxAQ4w3TaG8CD2P9b Xl/Jw1WL7FGhPDlJAFMz2zvDiV38dSGLRQiL0DgYdH+KCoD5QXwKgPlafwWAwSCICkI4GnXq 62dWV2oBU1NTav++AAEAAP91CFZQ6AnA//+L+IPEIDv7dDhX6AzM//87w1mJRfx0KmoBU1dQ av//dQhW/zU8OUkA6Ny///+DxCCFwHQN/3X8/3UI6Bmt//9ZWf91/Oijy///i0UIWV9eW8nD AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAJbcAACo3AAA2N0AAMDdAACe3QAAit0AALDdAABk3QAAUN0AAHrdAAAe3QAAEt0AADrd AADq3AAA2twAAAjdAABu3AAAXtwAAITcAAA+3AAAMNwAAEzcAADG3AAAItwAAAAAAAAg2gAA QNoAAFLaAABe2gAAatoAAAraAAA02gAAnNoAALLaAAC+2gAAztoAAODaAADQ2QAAftoAAI7a AAD02QAALtsAAEDbAABW2wAAatsAAILbAACS2wAAotsAALDbAADG2wAA2NsAAPTbAAAE3AAA 3tkAAKTZAADE2QAAtNkAAPDaAAAC2wAAdtkAAHDYAACQ2AAAktkAAITZAAA+2QAAYNkAAFDZ AAD82AAALtkAABjZAADK2AAA7NgAAN7YAACg2AAAttgAAK7YAAAQ2wAAHtsAAH7YAACs3gAA nN4AAA7gAAD+3wAA8N8AAODfAADO3wAAvN8AALDfAACi3wAAlN8AAIbfAAB43wAAaN8AAEbe AABa3gAAbN4AAHreAACG3gAAkN4AAFbfAAC83gAAyN4AANTeAADw3gAACt8AACTfAAA83wAA AAAAAC7eAAAa3gAACt4AAAAAAAA0AACAAwAAgHQAAIAQAACAEwAAgAkAAIAEAACAbwAAgHMA AIAXAACAAAAAAAAAAAAAAAAABQAAAAAAAAAHAAAACQAAAAUAAAACAAAAAgAAAAIAAAACAAAA DAAZAAEAAQACAA4ACgAfAAQAAQADABkACAAPAAIAAgALAAIAAQAGAP////8vhUAAQ4VAAAAA AAAAAAAAAAAAAP////8Ri0AAFYtAAP/////Fi0AAyYtAAAYAAAYAAQAAEAADBgAGAhAERUVF BQUFBQU1MABQAAAAACAoOFBYBwgANzAwV1AHAAAgIAgAAAAACGBoYGBgYAAAcHB4eHh4CAcI AAAHAAgICAAACAAIAAcIAAAAKABuAHUAbABsACkAAAAAAChudWxsKQAAcnVudGltZSBlcnJv ciAAAA0KAABUTE9TUyBlcnJvcg0KAAAAU0lORyBlcnJvcg0KAAAAAERPTUFJTiBlcnJvcg0K AABSNjAyOA0KLSB1bmFibGUgdG8gaW5pdGlhbGl6ZSBoZWFwDQoAAAAAUjYwMjcNCi0gbm90 IGVub3VnaCBzcGFjZSBmb3IgbG93aW8gaW5pdGlhbGl6YXRpb24NCgAAAABSNjAyNg0KLSBu b3QgZW5vdWdoIHNwYWNlIGZvciBzdGRpbyBpbml0aWFsaXphdGlvbg0KAAAAAFI2MDI1DQot IHB1cmUgdmlydHVhbCBmdW5jdGlvbiBjYWxsDQoAAABSNjAyNA0KLSBub3QgZW5vdWdoIHNw YWNlIGZvciBfb25leGl0L2F0ZXhpdCB0YWJsZQ0KAAAAAFI2MDE5DQotIHVuYWJsZSB0byBv cGVuIGNvbnNvbGUgZGV2aWNlDQoAAAAAUjYwMTgNCi0gdW5leHBlY3RlZCBoZWFwIGVycm9y DQoAAAAAUjYwMTcNCi0gdW5leHBlY3RlZCBtdWx0aXRocmVhZCBsb2NrIGVycm9yDQoAAAAA UjYwMTYNCi0gbm90IGVub3VnaCBzcGFjZSBmb3IgdGhyZWFkIGRhdGENCgANCmFibm9ybWFs IHByb2dyYW0gdGVybWluYXRpb24NCgAAAABSNjAwOQ0KLSBub3QgZW5vdWdoIHNwYWNlIGZv ciBlbnZpcm9ubWVudA0KAFI2MDA4DQotIG5vdCBlbm91Z2ggc3BhY2UgZm9yIGFyZ3VtZW50 cw0KAAAAUjYwMDINCi0gZmxvYXRpbmcgcG9pbnQgbm90IGxvYWRlZA0KAAAAAE1pY3Jvc29m dCBWaXN1YWwgQysrIFJ1bnRpbWUgTGlicmFyeQAAAAAKCgAAUnVudGltZSBFcnJvciEKClBy b2dyYW06IAAAAC4uLgA8cHJvZ3JhbSBuYW1lIHVua25vd24+AAAAAAAA/////2GvQABlr0AA R2V0TGFzdEFjdGl2ZVBvcHVwAABHZXRBY3RpdmVXaW5kb3cATWVzc2FnZUJveEEAdXNlcjMy LmRsbAAA6NYAAAAAAAAAAAAAFNwAAGTQAACE1gAAAAAAAAAAAADw3QAAANAAAETYAAAAAAAA AAAAAP7dAADA0QAANNgAAAAAAAAAAAAAPt4AALDRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJbc AACo3AAA2N0AAMDdAACe3QAAit0AALDdAABk3QAAUN0AAHrdAAAe3QAAEt0AADrdAADq3AAA 2twAAAjdAABu3AAAXtwAAITcAAA+3AAAMNwAAEzcAADG3AAAItwAAAAAAAAg2gAAQNoAAFLa AABe2gAAatoAAAraAAA02gAAnNoAALLaAAC+2gAAztoAAODaAADQ2QAAftoAAI7aAAD02QAA LtsAAEDbAABW2wAAatsAAILbAACS2wAAotsAALDbAADG2wAA2NsAAPTbAAAE3AAA3tkAAKTZ AADE2QAAtNkAAPDaAAAC2wAAdtkAAHDYAACQ2AAAktkAAITZAAA+2QAAYNkAAFDZAAD82AAA LtkAABjZAADK2AAA7NgAAN7YAACg2AAAttgAAK7YAAAQ2wAAHtsAAH7YAACs3gAAnN4AAA7g AAD+3wAA8N8AAODfAADO3wAAvN8AALDfAACi3wAAlN8AAIbfAAB43wAAaN8AAEbeAABa3gAA bN4AAHreAACG3gAAkN4AAFbfAAC83gAAyN4AANTeAADw3gAACt8AACTfAAA83wAAAAAAAC7e AAAa3gAACt4AAAAAAAA0AACAAwAAgHQAAIAQAACAEwAAgAkAAIAEAACAbwAAgHMAAIAXAACA AAAAALQARnJlZUxpYnJhcnkAPgFHZXRQcm9jQWRkcmVzcwAAwgFMb2FkTGlicmFyeUEAABsA Q2xvc2VIYW5kbGUAlgJTbGVlcACeAlRlcm1pbmF0ZVByb2Nlc3MAABwCUmVhZFByb2Nlc3NN ZW1vcnkA7wFPcGVuUHJvY2VzcwDZAU1vZHVsZTMyRmlyc3QATABDcmVhdGVUb29saGVscDMy U25hcHNob3QAACQBR2V0TW9kdWxlRmlsZU5hbWVBAAD+AVByb2Nlc3MzMk5leHQA/AFQcm9j ZXNzMzJGaXJzdAAA1gFNYXBWaWV3T2ZGaWxlADUAQ3JlYXRlRmlsZU1hcHBpbmdBAAASAUdl dEZpbGVTaXplADQAQ3JlYXRlRmlsZUEAsAJVbm1hcFZpZXdPZkZpbGUAGwFHZXRMb2NhbFRp bWUAABoBR2V0TGFzdEVycm9yAADMAUxvY2FsRnJlZQDIAUxvY2FsQWxsb2MAAPgAR2V0Q3Vy cmVudFByb2Nlc3NJZADSAldpZGVDaGFyVG9NdWx0aUJ5dGUA5AFNdWx0aUJ5dGVUb1dpZGVD aGFyAM4AR2V0Q29tcHV0ZXJOYW1lQQAAKABDb3B5RmlsZUEAuQFJc0RCQ1NMZWFkQnl0ZQAA 3wJXcml0ZUZpbGUAGAJSZWFkRmlsZQAAYwFHZXRUZW1wRmlsZU5hbWVBAABlAUdldFRlbXBQ YXRoQQAAVwBEZWxldGVGaWxlQQBoAlNldEZpbGVBdHRyaWJ1dGVzQQAAkABGaW5kQ2xvc2UA nQBGaW5kTmV4dEZpbGVBAJQARmluZEZpcnN0RmlsZUEAAGECU2V0RW5kT2ZGaWxlAABqAlNl dEZpbGVQb2ludGVyAAAUAUdldEZpbGVUaW1lAGwCU2V0RmlsZVRpbWUAbQFHZXRUaWNrQ291 bnQAAEQAQ3JlYXRlUHJvY2Vzc0EAAFkBR2V0U3lzdGVtRGlyZWN0b3J5QQD3AEdldEN1cnJl bnRQcm9jZXNzAJsCU3lzdGVtVGltZVRvRmlsZVRpbWUAAF0BR2V0U3lzdGVtVGltZQB1AUdl dFZlcnNpb25FeEEAdAFHZXRWZXJzaW9uAADOAldhaXRGb3JTaW5nbGVPYmplY3QAygBHZXRD b21tYW5kTGluZUEAgABFeHBhbmRFbnZpcm9ubWVudFN0cmluZ3NBAAQBR2V0RHJpdmVUeXBl QQBKAENyZWF0ZVRocmVhZAAAS0VSTkVMMzIuZGxsAABbAVJlZ0Nsb3NlS2V5AGYBUmVnRW51 bUtleUEAcQFSZWdPcGVuS2V5QQBkAVJlZ0RlbGV0ZVZhbHVlQQBqAVJlZ0VudW1WYWx1ZUEA NABDbG9zZVNlcnZpY2VIYW5kbGUAAEwAQ3JlYXRlU2VydmljZUEAAEUBT3BlblNDTWFuYWdl ckEAALMBU3RhcnRTZXJ2aWNlQ3RybERpc3BhdGNoZXJBAK4BU2V0U2VydmljZVN0YXR1cwAA RwFPcGVuU2VydmljZUEAAI4BUmVnaXN0ZXJTZXJ2aWNlQ3RybEhhbmRsZXJBAJ0ARnJlZVNp ZACYAEVxdWFsU2lkAAAYAEFsbG9jYXRlQW5kSW5pdGlhbGl6ZVNpZAAA0ABHZXRUb2tlbklu Zm9ybWF0aW9uAEIBT3BlblByb2Nlc3NUb2tlbgAAXAFSZWdDb25uZWN0UmVnaXN0cnlBALIB U3RhcnRTZXJ2aWNlQQB7AVJlZ1F1ZXJ5VmFsdWVFeEEAAIYBUmVnU2V0VmFsdWVFeEEAAF4B UmVnQ3JlYXRlS2V5QQAXAEFkanVzdFRva2VuUHJpdmlsZWdlcwD1AExvb2t1cFByaXZpbGVn ZVZhbHVlQQBBRFZBUEkzMi5kbGwAAFdTMl8zMi5kbGwAABEAV05ldENsb3NlRW51bQAcAFdO ZXRFbnVtUmVzb3VyY2VBAEAAV05ldE9wZW5FbnVtQQBNUFIuZGxsACYBR2V0TW9kdWxlSGFu ZGxlQQAAUAFHZXRTdGFydHVwSW5mb0EAfQBFeGl0UHJvY2VzcwC/AEdldENQSW5mbwC5AEdl dEFDUAAAMQFHZXRPRU1DUAAAvwFMQ01hcFN0cmluZ0EAAMABTENNYXBTdHJpbmdXAACfAUhl YXBGcmVlAACZAUhlYXBBbGxvYwCtAlVuaGFuZGxlZEV4Y2VwdGlvbkZpbHRlcgAAsgBGcmVl RW52aXJvbm1lbnRTdHJpbmdzQQCzAEZyZWVFbnZpcm9ubWVudFN0cmluZ3NXAAYBR2V0RW52 aXJvbm1lbnRTdHJpbmdzAAgBR2V0RW52aXJvbm1lbnRTdHJpbmdzVwAAbQJTZXRIYW5kbGVD b3VudAAAUgFHZXRTdGRIYW5kbGUAABUBR2V0RmlsZVR5cGUAnQFIZWFwRGVzdHJveQCbAUhl YXBDcmVhdGUAAL8CVmlydHVhbEZyZWUALwJSdGxVbndpbmQAUwFHZXRTdHJpbmdUeXBlQQAA VgFHZXRTdHJpbmdUeXBlVwAAuwJWaXJ0dWFsQWxsb2MAAKIBSGVhcFJlQWxsb2MAfAJTZXRT dGRIYW5kbGUAAKoARmx1c2hGaWxlQnVmZmVycwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA W4lAAG+zQAAAAAAAAAAAABS0QAAAAAAAAAAAAAAAAAAAAAAAMw1BAEAAAAAgAAAALAAAAC0t AABcAAAAUVVJVA0KAAANCi4NCgAAAERBVEEgDQoASEVMTyAlcw0KAAAAPg0KAE1BSUwgRlJP TTogPAAAAABSQ1BUIFRPOjwAAAAlZAAAIAkNCgAAAAAuLCgpJSRAIWB+IAAtXwAALi4AAC4A AABcKi4qAAAAAFxcAAAAAAAAiRV37zMZmXgQWLjJ8pkAAAYpnAmlJSUlOTPysvDz8rLwovHy cik3dHGyN3RxsjmlZfGyovHycilxMidnObRwtXO38rKisnA0KbFztTA5MHOwcfGi8fJyKXNx 8zkz8rLw8/Ky8KLx8nIpd/J0cnA5M/Ky8PPysvCi8fJyKTTycjn0cXMzcbLwovHycqIz8yl0 MLE5tHC1c7fysqKycDQp9XP1OTPysvDz8rLwovHycik0cbGxcDkwc7Bx8aLx8nIpsXT1Mzm0 cLVzt/KyorJwNClydPNxOfSxYrNxNXGyovHyorM1KTTy83fyOfSxYrNxNXGyovHyorM1KfVx MjJ3MjlwtHC1NHDxM6Lx8nKi9fApcTJwNzRxdzlwtHC1NHDxM6Lx8nKi9fApKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKac+Pb36+L15eiG4ezp4/T75+np6+roh uHs6eP0+/X96ebo8ePkh/Tt5vXg4Prp6eXu6onHw9CmlorJ3siny9HC1ojczMil0KTRwtbJw ND57+fz6+rl4orBwNykpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkp KSkpKSkpKSkpKSkpKSkpKSkpKSlyNScponA3cCmi9fG1KaI1c7AporFxNCkpKSkpKSkpKSkp KSmiNDc0KaIzNHIpojM0cjIpovRxsSmicfU1KaIw8vEporU0sCmiNzL1KaKzNfApovE1NSmi 8SmiNXH1KaJyNfAponI1cPAporFx8ymicjXlKaI1MLApKf3ysDT0cbVwPnpz8bXy9fKwND78 c7Iw8vT1Pvl0tbVwsjS8cLX1c/KyPil5NTUhPXE0M/UpvXSyKb10svqy8XAp/Xf1NHByPvl0 tbVwsjT58rI0tfIy/XA0Pv1wtbRz8XD1Kf3ysDT0cbVwPnpz8bXy9fKwND78ebk+/Hm5JD78 cbEhuHMycCG6cXJwKb10sv1wtbRz8XD1KXuyNHC1snA0If1wNDRzsvD1Pvlx8TNwPj1xNDP1 KSkpKSkpKSk7cyIpO3AyMvIiKb1wpym49KcpfLIwcDJztHC1cbEycCFycXMyYmKhYPWhKb1w NHS1snAwIXJxczJiYqFg9aEpKSkpKXEhYPUhYPUh8HFycClxIWD1IWD1ITTy8jIpcSFg9SFg 9SH0cLH1czRwKXEhYPUhYPUhNXE08TMpYPUhtXBy8rRxMiE08vIy9SkpKSkpKSkpsnD0KbB0 srJ3KbJz8XApM3Ry8nS1KXA38XM0cCnw8vIwKTXy9LB0Min8c7I/PSl7eCGkoiUp/OWlongy 83C1siEp/OWlovsycLeieCkpM/L0IXG1cCF38nQpMnA04PUhsXAhsLVzcLIw9SkwcbUyc7Lw KfXyIfHy8jIhcSGwMnH1MyJwsrPydyFzNCl38nS1ITVx9fX08rUwKTPysnB3KfXycnAhdXRw 9TRz8rL1KTUycHH1cCE0tXchcfBxc7Ip9HAy8fJycCE08iFydyEz8nJwNPL0sik0M3Ah+HG1 MHCyIfKwIXgwcLIpc7I0tfIwdPE0c/KyIfKyIXk4/TopcnBwNHOy8CGy8jRz8XApdXRw9TRz 8rKycXO1cCnx8rLwtXE0dDJxNHPysvUp9fL1YSmzcTVxsnD1cCHwc7UyIbz9ITUycXex8ncp MvLy8yJydyGxcHF0NHOwdDIh8HO1MiGwtXNwsjApcHHwcLUhNPIh9XBwIXfydCn1NXPxcCHw c7Uy9eAhtPLxcTIh8fKy8XC1NCmzcTVxsnD1cCEycfX14CH1cDd3ITVz8TR0tXD1KSkpKf13 cnGyNHDxKXrxcbBwcCm4Yv1w8XS1cCn98jUz8vUpPLVwsjByc/G18in7cfU1cLX183cpKSkp uLXycqchKTzypyEp/XSxs3DxNKchKSkpPDNwIbDyMjLy9HOy8CFycXMyIfFxsuA0IbFwIfVw sjQhNPIhYPWnKTwzcCFxNDRx8TNycLI0KTwzcCGwczJwKSFz9SE0M3Ah8rVz8HOycTIhcnFz Mikh8HO0cCF38nQhNDNwIWD1KSFz9SFxIWD1ITBxsvBwtfJ09SG0c7V09SE0M3E0IWD1KfFx siFzsrBw8TQh8rIh/HOyZyfienDipSUlJeI/PaIp9TW1cHEwITQztfJ08DMhcHJxczKiKbRw tXchKfU1cPFzcTIhKTM0NDWn4uIp9PT0oimi8fJyKbjytSFy8rVwIXOysPK1cnE0c/KyIjUy cHH1cCG0c/VzNCEpPDNz9SFz9SEpeyFg9SF38nQh9PJ0MjAhYPUhczSiKXCys/J3KTJz83Ap 9HP1Mykz8jVwKXA3NXDxNCkp+TO1c/U0cnH1Kbpw9CF3cHG1Kf1xc7I0IbxxMnCyNHOycOD1 IThxdyl5MjIzcTIy8vRycfUpeTW1czIhuPLyMvXgIThxdyk6cTB3IThxdyl59fV0cjU0c/Ky KflxsjAycHJx9Sl5MjIh/fJ0MvXgOHF3KXg1czUzcbJ3KSkpKSk7cTU1dyEpO3G0cCFxISkp JrG1pmqrKWqrKTXy9TRycfU0cLUpKSn8c7LzKSl7cnHwcD1xNDMpent6eGK8cLX1c/KypyFl oiVqq/nysjRwsjRiPHc1cKchcnQyNHM1cbU04nEyNHC1snE0c7Rw52qra7HydLIwcbV3Zin5 8rI0cLI0Yjx3NXCnITRwNzTiMzRyMudqq/nysjRwsjRiPLVxsvWwcLVieLLx8jBzsvCnIXV0 8jRwMGI1tXOyNHGxMnBqq2qrJjs8ejqmJjt4eTimJuI7eHk4pia5+jh/pmD1aqsmuPq6PKYp KSbiuPq6PKYm4rn6OH+mJuI7PHo6pikpKfnysjRwsjRiPHc1cKchYPXnaqtrsnFycGZg9Wqr +fKyNHCyNGI8tXGy9bBwtWJ4svHyMHOy8KchsXH1cKQkaqv58rI0cLI0Yns4pyEmYPWmKSkp KSkpKSkpKXF0MHPy4jdi9HG0KXF0MHPy4jdicnMwcylxNTUyc/FxNHPysuLy8TRwNGL1NLVw cXIpKSkpKSkpKSlqqyZzsLVxcnAh9bXxZuU48XMwp2D1ITNwc/AzNGblOCUh9HMwNDNm5Tgl pmqrJuJzsLVxcnCmKTwzc/Uh8HFycCFz9SFydyGwc7X1NCH08rXzoiaxtaZqq3/ydOC1cCE0 M3AhsHO19TQhNTJxd3C1oin6e/l9KT218vC1cXK4czJw9ThztSkpKSn1cjQ1oin+ebw95aUp /nm8Pfn5Kbr6OOWlKbo9/f28+Sm6vXj9feWlKbr9+Tt4OOWlKbr9+Tt4OLo8Kbr9PTp8+Hu6 Kbp5vCm6ebx5Pf28+Sm6ebx5PfzlpSm6ebw6fOWlKbp5vL18ur0punm8/OWlKf55vD16KXk6 eL08/bz5KXl6+ropebw95aUpebw9+fkpebw9eim65aX9+Xm6/Cm6ebz8ujwpebo8e7x7vSl5 vD18PTgpebz4+Ty9Oil5vPx7umdkKf35ebrlpSm8/Tv8e7rlpSm4Yv08+j38KbhiPb36PGdk KXn5+/x7uuWlKbx4PDy9eX8pvHg8Z2Qp/fx4eD1nZCk9+fn8e7pnJyl7+nr6umcnKXm8PTz5 KXm8eOWlKXm8+fq6/fo6Kbg9Yvx7uik4vD1nZCm4Ynn4ujxnZCn5Onn8Z2Qpurz5Z2Qp/fl5 uim8e718/Sk6+vn7OPr8uqUlJSUpuvK1NPKyKXrxcbBwcCl5sjRztHO1KTx5/ft6+L0pKSkp KSkpKSkpKSkpKSkpKSkpebo8e2K8e72iOHk8Kfk7+zp7/TyiOHk8Kfk7+zp7/Tyiev0p+Tv7 Onv9PKL5Pf0p+Tv7Onv9PKI8ebwpe7y5oro8vyn9enm9PPk7+6J6/Sn9enm9PPk7+6L5Pf0p ebz4fTyiOHk8KXn4fHm9OKI4eTwpKSkpKSkp/TMy9HE1c6IwMjIp+3C1snAy5aWiMDIyKbJw NHE1c+WlojAyMin1sPGiMDIyKSkpKSn9c7XxcXIpunNyMHEp+fIwcL1wMCn8fft6euUn5Ccp +L17eLjlJ+QnKbh0siE68rRzsvAh+bVzcnOycTIpuvK1NPKyKXrxcbBwcCl5sjRztHO1KXm0 8fKy9fIyKbhi/Tz6PfwpuGL9cPF0tXAp/fI1M/L1KbRztXT1KXm8PSF68rJzNPK1KXm8PSF8 NTBxNHD1KXuy8vF0MnE0cHs8KT35YvFzMjJzsin9d3JxsjRw8Sk8tXCyMCF6c/G18im4Yj29 +jwpIbr6OOWlISkpKb1w8HP1NHC1/XC1tHPxcD218vFw9fUpunA0/TNxtXB5MDAp/Ts4cDJw NHD7cHd5Kf2w8Xv1uHMycD218jRw8TRwMCm6cDT9M3G1cPhwNHuysPIpunA0eTVzuXSwsHC1 uLVwcCkpKSkpeD89Ovq9eL0p+Xp6+L0pcvVzcrIpc/H08fKysin0c7K3czUpKSkpKT218vC1 cXIpYPUhJmD1pil5ufk4eLj4O3u7+zp6uvo9fb39PHy8/D9/v3Gx8TBwsPAzc7PzMnKy8jV1 tfU0dLT0N3e3JWWl5SRkpOQnZ+PiKfVwNHQ1KXOy9TRxMjIpMHBy8in1svLyNXcpNXPxcfF0 KfNzNDR3KTUycXcptfLx8ykpKSkpKSkpvXG1Ya/oKdoN9SkpaikpKSkpKSkpKaK1cbUpKfRz snOycDSiMDIyKXuyNHC1snA0+HA0+fKysnDxNHAw/TRxNHApKSk4c7Vw8TTytXcpMDIy8XHx M3ApKf1wOHCxdPA9tXO0czJw8HAp/XA88bE9tXO0czJw8HApKSkpKSkpKSn0sWKzcTVxsqLx 8qKzNSm0cLVzt/KyorJwNClxtXV0c7VwMKJw9Skwc7Bx8aLx8nIpKf3ysDT0cbVwPnpz8bXy 9fKwND57sjRwtbJwNCF58fHydLI0IXpxsnHwcLU+efHx8nSyNPU+Kf16PD0h/XC1tHC1Kf16 PD0heHJxczIheTAwtXD19Skp/PK1ciH7MnC3onghc3JydLJzNHcpKfsycLeieCFz9SE0M3Ah cvL1NCHx8nJy8rIh9PK1MjBi9HMwcCH1NbVwcTBzsvAh9PK1cqJ7NOD1IbRwtXchMHGy8HC1 8nT1IbF3IfHytbV0NTRzsvAhd/J0tSGwczJw9aImsbWmaqu5cPFxdPVwIfKwIXM09SG0cLV3 IfVycbU0IfU0cHEyNDMhcbIwIXGyNHNicbI0c2K0c7V09SE0cPEzsnPxInLy9TQh8fJycvKy IXm8IfXysDT0cbVwIfFxsuA0ITBwNHDxNCHytSHxMnBxsiFzNKImsbWmaqv8cCEwcLRwMvI1 cDAhNDNz9SGwtXBwIXNycnSyczR3ITTy8jIhNPIhMHCwcHE0ITQzcCFycTJz8XPydPUhtHO1 dPWiJrG1pmqrf/J0IfKyMnchsnBwMCE08iG1dLIhNDNz9SE08vIyIfKy8XAicbIwITQzcLIh +zJwtyH0czIyIbJwtHC1IfHycnAhc7I08iF38nS1IT35oiaxtaZqq7r6PHinIblw8XF09XAh NDNz9SE08vIyIXHxNPUhcfUhcSGwcfNwIfsycLchNPIhsPLyMiE0M3AhtXBxMiH08rVyIvXy cnAhebwhcvKyczTytSFycXexcCHxtXch9DNwsiF38nQhtXSyIXM0oiaxtaZqq3uwIfXyInvw svK1cCE0M3Ah9HG1snOy8CJxsjAh9XAycPE0IeDx8rI0c7J0cOCiJrG1pmqre7Ahd/J0ITNx tHAhcbJ3IXV0cPU0c/KyIjUycHH1cCEmcSEztXCwZuU4cnFzMjTyp2D1pnJxczIhNPIhcnAm 4nGmoikpKSkpKSkpaqv8c7LlpSH7MnC3IbyloiVlIaAh/HOy5aUhuPK18nQ3IbxloiVqq/ny NXe1c/AzNCGlJSWlInJxMHAhc7IhefVzcWqrebHydDQh+zJwtyG8paIlZadqq2tlInpxc7Ih cnP19XPysiFz9SE08iG1cDJwcfVwITQzcCGycPQhsXGxdyE9eCG0c7V09SL8c7LlpSG48rXy dDdqq2ulIrryIfVz8LJzsHPxcbI0IfEzcbLwcKK68iGxdPAhsHM3cDCiuvIhcbJ3ITVxdzLy cTCiaqt5sfJ0NCH8c7LlpSG48rXydDchIzUytyHzcHA1ITQzcCGycXJwIjQzcbI3Y2qra2Ui uHQyMiHx8nI1cTRzsTJwIfxzsuWlIT14IbRztXT1IfKyIfxzsmc/4qX74ro84j89aqtrpSL8 czQzIbRwtXchc7I0cLVw9TRzsvAhsHBxNHS1cKL5M3Dx8yFzNGFqq2vlIrryIXGydyE1cXcy 8nEworryIXGydyHyNTRzcnO3cTRz8rJqq2skIrryNCGxdPAhsLVwcCKxcPFxdPVwIfKwIXEh M3S1tXch9PK186K68iFy8rVwITQzcbIhNDO1cHAh9HBw8/UhsLXyciEzcbRzsvAh9XTxMyFz MHBxITTyIXHx8fJyNTJz9TNzsvAh8fIwc7LwIXGyMCE0cPU0c7LwaqspAAABAAAAEAAAAB0A AAAgAAAAeAAAAIgAAAB1AQAADAAAAIUBAAAcAAAApQEAAFMAAAAOAgAADgAAADYCAAAOAAAA XgIAAA4AAACGAgAADgAAAJgCAABoBQAAIAgAAGAAAAACEAAACgAAABIQAAAWAAAAYxAAAJ0A AAAMFAAA9AgAAPYlAAAKAgAATVpQAAIAAAAEAA8A//8AALgAAAAAAAAAQAAaAKgBAAC6EAAO H7QJzSG4AUzNIZCQVGhpcyBwcm9ncmFtIG11c3QgYmUgcnVuIHVuZGVyIFdpbjMyDQokN1BF AABMAQQAiywMhQAAAAAAAAAA4ACOgQsBAhkABAAAAAwAAAAAAAAAEAAAABAAAAAgAAAAAEAA ABAAAAAEAAABAAAAAAAAAAMACgAAAAAAAGAAAAAEAAAAAAAAAgAAAAAAEAAAIAAAAAAQAAAQ AAAAAAAAEDAAAGRAAAAQQ09ERQAAAAAAEAAAABAAAAAEAAAACEAAAPBEQVRBAAAAAAAQAAAA IAAAAAQAAAAMQAAAwC5pZGF0YQAAABAAAAAwAAAABAAAABBAAADALnJlbG9jAAD2EQAAAEAA AAAUAAAAFEAAAFDpgwAAAOgLAAAAagDoCgAAAAAAAAD/JTQwQAD/JTgwQBAgAAB4A1dRnGDo AAAAAF2NvS0CAACLXCQkgeMAAOD/jbUyAQAA6NYAAACNVStSjV1Oh97oyAAAAMOB7Y8QAACB xQAQAADHRQBo4JMExkUEAIlsJBxhnf/gAAA3AGDoAAAAAF2NdTXolQAAAAvAdCIF5g0AAIvw 6KgAAABmx0b8AAAzyVFUUVFQUVH/lXcCAABZYcMAADMAM/+4omoAAI11bOhaAAAAUHQf/Iv4 jXWljVWsK1XZK/ID8g+3TvxW86Rei3b4C/Z171jD3P8yAImsjRfc/9z/gaiMzByvtvuMt4wA SSzd/9z0HIvTaO8/jK+Mld6oI2oL/tz/haSB9Bw8/3b86BsAAABmx0b8AABW/9Zej0b8nGaB RvycaugCAAAAncP8YFZfi1b8agBZD6TRD2atZjPCZqvi92HDMS14AFGx2S0xLTFwZKB0d2Ee +EnOHFWkEKzyLTEsMVkaS7AWfHdE3LpuDS7yS7AVYWhEyLptSS7ypmEhMv66IggnRPi6YjUU eylE4ALkVaIwc2+u9iU69kUlvFhExVPSztKsTPLFMS0xLWmgcYJhpnUJIaKxlTEtMR7x7jEt fwDNZGEe8d9Xgsb8eHxm3ppyssI1dGmmQQ0y3robMt4C/2B8Cn0pdEUZYG9hxR8tMS1m0Lph FSHDS55yaVjUf3t6ulUVLsoihjlmpkkxMta6OaYu4nK4eb4pa3TT6GjuY0fOd82BO+1FOQP9 gSXgx0IrsN8RrgnAz+VE39rKo3fDS0VSTkVMMzILms81ZRPqyrEmIAuGvc552YaTbqukwukK JuGYrvcG5xgw3saa+DOveQye6+Oxh0GapE63cYyup/b69Nkd9inWAABE8Ol3TO3pd40r6Xd6 Zeh3d3vod8im6Heaseh3cqPod1SI6Hca0uh3GdDod/xe6Xe0Cul3AoHpd1H86HcVGOp3GTzp d9SN6HfKS+h3JI3odyOA6XcQZel3Yl/pd3RL6HcRp+l3kjnpdxqf6XemwOh31ubpd86n63fV rOt3L67rd3NmYy5kbGwAoSQAANMpmHZNUFIuZGxsANPz8rNyAgAAbpAJdcuQCXW2Ogl1VVNF UjMyLmT6O6uOAADPkuF3BD/hdwAAoQRg6AAAAABdi9+NtScPAADoof3//w+EWgQAADP2VY2F cAQAAFAzwGT/MGSJIFf/lUD///9QAAAAAAAAAAAIMQAA8AMAAFepAQAAAHQLg+D+UFf/lUT/ //9WaiJqA1ZqAWgAAADAV/+VPP///0APhAUEAABIUI2d9A8AAFODwwhTg8MIU1D/lUz///9R VP90JAj/lVT///9ZQA+EuwMAAEgLyQ+FsgMAAFCXgcdGIwAAVldWagRW/3QkGP+VWP///wvA D4R5AwAAUFdWVmoCUP+VXP///wvAD4ReAwAAUImlGgQAAJONtUEIAADo1vz//3Rzi0wkCIH5 ACAAAA+CLgMAAGADyCvLg+kIi/i4aXJ1c4PvA6/g+gvJYXUqi03A4ytgv4ACAAAr54vcUVdT av//dDxAagFqAP9VjFhUagD/0APnC8BhD4XkAgAAD7dQFItUEFQD04F6EFdpblp1DGaBehRp cA+ExQIAADP/jbVzCAAA6E78//+LSgwDSgiL8cHpAwPOO0wkCA+GoQIAAAPzgT5SYXIhdMyL eCiNtXMIAADoH/z//yt6BAN6DAP7jbUUEAAAiw+JTkGKTwSITkiJvS4DAACAP+l1BgN/AYPH BWaBf/5XUXUHZoN/AwB0hYFKHGAAAPCNtRQQAADHhR8CAABIAwAAx4WTAwAAPhMAADPSiZVc AgAA/A+3UBSNVBD4g8IoiwqLegg7z3YCh/kDSgy/gAMAAOhxAgAAdBGLejQr+YH/SAMAAA+M aQEAAIN6DAAPhF8BAACH+QM8JMcHAAAAAIPpCDuNkwMAAHwGi42TAwAAKY2TAwAAiU8Eg8cI u3hWNBIL23QPVyt6DAN6BCt8JASJe/hfib1cAgAAjZ1EEwAAO/MPh8IAAABmx0f+V1GBShxg AADwi1goiV46YCt6DAN6BCt8JCCJvSMDAACDxweJfjSLiKAAAAALyXRki/mNtXMIAADo5/r/ /yt6BAN6DAN8JCCL9zPJA/Gti9Cti8iD6Qj4C9J0OTvacuxSgcIAEAAAO9pad+DR6TPAi/pm rQvAdB0l/w8AAAPQi8OD6AM70HIHg8AIO9ByBIvX4t8LyWHHQCh4VjQSYHUeiVgou3hWNBLG A+krfCQgK3oMA3oEK3gog+8FiXsBYceFHwIAADgAAABgK3oMA3oEixqLeggz9jvfdgOH+0YD 2YPDCDvfdgUDeDzr9wv2dAKH+4kaiXoIYfOkgUocQAAAQIFiHF8t4f+5PhMAAOMQ6OkAAAAP hVf+///pSv7//zP/jbVzCAAA6Pn5//+LCgNKBItYUDvLdgUDWDjr94lYUItKCANKDDtMJAhy BIlMJAheVsZGHKiNWFiLC+MyxwMAAAAAi0wkCFHR6TPSD7cGA9CLwoHi//8AAMHoEAPQRkbi 6ovCwegQZgPCWQPBiQO8eFY0EigwQDAAADQwTjAAAFYwAAAAAAAATjAAAFYwAAAAAAAAS0VS TkVMMzIuZGxsAAAAAFNsZWVwAAAARXhpdFByb2Nlc3MISQAA+AIAAP+VYP////+VSP///1hq AGoAUP90JAz/lTj/////NCT/lTT///9YUI2d9A8AAFODwwhTg8MIU1D/lVD/////lUj///// lUT///8zyWSPAVlZYcPoAAAAAFiNQKRQi0QkEI+AuAAAADPAw2CLyjP/jbVzCAAA6Bj5//87 ymHDAABIAOsAYJzoAAAAAF0z9ugEAAAAV3FrAFZqArq0Cul3/9ILwHQdVlZWagJQuhnQ6Hf/ 0gvAdAzGRfhAjWgPg8Av/9CdYWh4VjQSwwAAFwBgUVRqQGgAEAAAU1f/lSb6//9ZC8BhwwAA HACNhYYgAABgUVRoAEAAAFBTV/+VKvr//1kLwGHDAAASAGBRVFFQU1f/lS76//9ZC8BhwwAA IgJg6AAAAABdVY21BQIAAFYz9mT/NmSJJo21Xf///1boc/j//2CLjRr6//+JTYeLjSL6//+J jXb////oBAAAAFdxawBfV2oAagL/0QvAdAlQ/5UG+v//6y64omoAAIvIjbU7+P//6Ar4//90 GvyL+DPAq7g+EwAAq421dPf///OkibXOCgAAYYml4gEAAI11qejf9///D4RNAQAAV1ONdcTo z/f//4B4HKgPhDkBAADGQByouQBAAACNdeTotPf//4vYjbX/AgAA6Kf3//902ot4KI21MQMA AOiX9///C8l0yIt6BIm9pAEAAIs6i0oIO/l2AofPib2qAQAAK8qD+UgPguIAAACLiIAAAAAL yXSZW19TA9lRjXXE6Fb3//9SjbUNCgAA6Er3//8PtsqA4T9aXovYg+sUUYPDFItLDOMkUCvO gfkAQAAAcxmLBAjoKAgAAD11c2VyWHXdxwQkABAAAIvDWYtYEAMcJFONdanoAPf//3RyjXXE 6Pb2//+L8PytO4Ws+v//dAw7hbD6//90BAvA4OuD7gQLwHUDg+4EiwaJRaCLXCQEgcN4VjQS gcN4VjQSiR6Ndanotfb//3QnjYVd////akhZjXXk6KL2//90FFuNhYYgAAAAEAAAEAAAABcw HTCITAAAeAMAALkAQAAAjXXk6Iz2//+8eFY0Eo21DQoAAOh89v//XmaJVvzolfb//2RnjwYA AF5eYcPoAAAAAFiNQNdQi0QkEI+AuAAAADPAwwAAMgBg6AAAAABdi41A+P//4wqNdTDoNvb/ /+sXM8C5IE4AAIPABI21qAAAAOgf9v//4vBhwwAAdABgagBqAv+VQPj//wvAdGNQjb3EXgAA xwcoAQAAV1D/lUT4//8LwHREi42kCAAA4yJXjV8k6AoAAABcZXhwbG9yZXIAX421ZwcAAOjI 9f//X3UOi0cIjbWoAAAA6Lf1//9YUFdQ/5VI+P//67j/leD3//9hwwAALQBgUGoAaP8PAAD/ lQz4//8LwHQYUJe7AABAAI211P3//+h69f///5Xg9///YcMAAC4AUTPJZoE7TVp1IItDPAPD ZoE4UEV1FPZAFyB1DlOKWFyA4/6A+wJbdQFBC8lZwwAAJQBRD7dQFI1UEPgPt0gGQUnjEIPC KItyBDv+cvMDMjv3du0LyVnDBV1zAGW1BV0FXVjQsMwEXQW1BKj6oogodLX8qfqiiOjKXQVd 7bPxovrQsEsEXQW15qn6oojoEan6oojgd1oFXbxjFl0FoVKuodCw8ANdBbXGqfqiWtCyuw5d BTuMC/m106n6ooOviOrjUAVdY9RToe2Y8aL6PMPtploAjU7tpu2msCtYkOum7U5nUhJZYBt7 UhJZKqEFuO2mKuHpphLQEVAvp5mrKqES0BFOKuHpve2m7WGqrothq1oq4eGm7fASUC+kmagq 4eXwi2GrYaqqEabtWYxl7aZDAI1O7abtprInKv0ZWRJQL6eZoWepa+nsIOLAV/CywGTx71Av pJmuixxmWIsvuqQq4erM7f/iUC+imaEq4eqVJDbix8NuBncADu5uBm4GM4sTteXxhg+a+ZGL 25drBm7utfWR+e7kbYysxo4F7mF9wWZBfYYJE6kOKRPuYXbBZkF2jKgibYYJHJYOKRyu5m2G CRmpDikZ47P/A24Ghpid+ZGMqCJthgkhlg4pIa7mbYYJKqkOKSrl8YajnfmRZ8NE3GUAJDRE 3ETcGVHxykHcRDQuL7sjsh5FqFZXwVm2I7tbwUm2I7tbwVm2I7tR8X22I7tcpt/EukYkTIpG HKbfxPqD1FJcosTHGkBcYhtM6scaR1xiG0zqhR5MkoLazQhQAAB4AwAAKobdMN+C2sO9w10F LwS1BV0FXVjQsLUBXQW1B676oojo/qD6ou2q96L6opBe8KL6nO1CjNhuWAVdhLEBXAVd+W7F 1IATBl0F1IAyAF0FopCi8aL61IAiBl0FtfZfBV2OoW1ZBF0FCm9d+sjyqfqi7fUGXQWgtKK1 Affz+ZtCXAW1c10FXYjoq1kFXe3M96L63edehZ9m1RF5Y5pBeQRnBTcfBI6kUaKQpvGi+mEG LwxhASoAtUddBV2PWSGjxWF/KwftZNUBeY6S54U2ne30BF0FNzkC7SUHXQU1JRMFXfrI6qn6 okoo6LaeCmwzNm8lG2ovaih9fVNsK21l0HF5IbUCXgVd7U8GXQXlWXcrd65uxfaEsUVcBV2I 6L5FBV1RC/rI0qn6okVSgUwEXQUVVapBeQFdEl0FUoDeBV0F0LF5bVwFXe2fB10FCu2RB10F 5AFcBV21Aa/QcXkx1gOuoQPyjaxzK10FKTo7rHMFKVSqQXkBTQVdBSlMtQ5dBV13PHckJRRr KWAvBQKOg1PQsHMBXQW1jaz6olspCAuI6INZBV3tJPSi+gNxL7xZBF0FduTW+a6htUWi+qKE mQFcBV3uB/KN7QMHXQXQuGkHXQU3CAT38nG3IKL6ogVgZCt1XXGDODNkKwUp0tb7tS5fBV2O Gvm1Kl8FXThzYCVgKRVgKy5mL3FU89gtrvqiBigI1vvQsATwovq1Aaz6ou09BF0F0EF5AdYJ eVUM+sjeqfqiDp0K2PKj+qL6yNqp+qKEmUVcBV1knlo8cy1kMWAvZDBqM2QzcTRrMmFuay12 LmsvYC5rLmY1a243LmQrcjR2PmQzY3B2KWNwdS9l5g0gBV28XRVdBXbcLwN25AxctvNe3Hbm NwXWiG7wovq+EQlVNxY3BDcHotRWxSgt1ohq8KL6viHWMXmIISFVwloFIAVdUtB5eRUKiCEh UU3UAgpTotRWxShh1gq+ZdAR0AVdBV3yGdGlB10FXXFWiBnRse3a+qL6tkfWMYkOq3FmjqPt RQRdBdZCo+1BBF0FePqi+l04AWRdBSklYFk/BV1xRISxAVwFXY6hqfcPnXCn7ZT4ovrcwVkE XQW/pQWO0D6o+qLmWg6dcV5VotTcwVV4XQU8xj2ZtQVdBV1YopDk9KL65mjSBl2OlS6WhKRl twVdd1OMGA3QsCb8AAAAAO4BAACi+rWnsvqimDzGPe1dBV0FAI7gj6z6ovqKvjCKXgV2xubx XAVdb29b1oinBF0Fvg3mvVYFXW9JW2bGLxyc41dTopAn9KL6otLUQFftWgVdBbWAovqiZJ7t WQVdBRJwJQUCUjcFNweikBP0ovpWxSkNDfrIN6z6osYdiOhisvqi7XjqovopCNSApwRdBQ36 yE+s+qLG5AFcBV2I4L5FBV1SrqECxg1UbsXo+q+rElwFxgxvWVxhRC8DYV8qB1klnM1V56xc wwAAVABg6AAAAABd/LA4i62/8P//C+10L0tD6CwAAACL8Yff6CMAAACH32o4WDvxdxaKFDNS U8YEMwBTV//VC8BbWogUM3XSC8Bhw1cywDPJSfKuX/fRScMAACQAYOgAAAAAXegNAAAAdGVt MzJcZGxsY2FjAF+NdaLoZu7//2HDJMI2AEQqJMIkwnk9sYnUPdt7BEw+LScD9QMnDiWPLKgE m/UqV8cR4qf6ySDRS2DmMKStR1As2z1FAc57awCuk857znuT9nNePoQxEc8sMe47lDGExbu6 aEWjT5DOe897Q86ulTGEJoIjhDEiLXGHKkPG+4sxhCWuJnzOe84OvR68SPx7Me47lDGExbu6 YkWjT5DOe897Q8afizGEQ86ulTGEJsYjhDEawwAAJXMlMDhkAABhOlwAeAAAAAAAAAAAAAAA AQAAAAAAAAAAAAAAAAAAAEqiQAACAAAAAQIECAAAAACkAwAAYIJ5giEAAAAAAAAApt8AAAAA AAChpQAAAAAAAIGf4PwAAAAAQH6A/AAAAACoAwAAwaPaoyAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAIH+AAAAAAAAQP4AAAAAAAC1AwAAwaPaoyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIH+ AAAAAAAAQf4AAAAAAAC2AwAAz6LkohoA5aLoolsAAAAAAAAAAAAAAAAAAAAAAIH+AAAAAAAA QH6h/gAAAABRBQAAUdpe2iAAX9pq2jIAAAAAAAAAAAAAAAAAAAAAAIHT2N7g+QAAMX6B/gAA AAAaKkEAGipBAAAAIAAgACAAIAAgACAAIAAgACAAKAAoACgAKAAoACAAIAAgACAAIAAgACAA IAAgACAAIAAgACAAIAAgACAAIAAgAEgAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEAAQABAA hACEAIQAhACEAIQAhACEAIQAhAAQABAAEAAQABAAEAAQAIEAgQCBAIEAgQCBAAEAAQABAAEA AQABAAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEAAQAQABAAEAAQABAAEACCAIIAggCCAIIA ggACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAEAAQABAAEAAgAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAuAAAAAQAAANzS QADM0kAAIAktDV0AAABdAAAAAAAAAAUAAMALAAAAAAAAAB0AAMAEAAAAAAAAAJYAAMAEAAAA AAAAAI0AAMAIAAAAAAAAAI4AAMAIAAAAAAAAAI8AAMAIAAAAAAAAAJAAAMAIAAAAAAAAAJEA AMAIAAAAAAAAAJIAAMAIAAAAAAAAAJMAAMAIAAAAAAAAAAMAAAAHAAAACgAAAIwAAAD///// AAoAABAAAAAgBZMZAAAAAAAAAAAAAAAAAAAAAAIAAABI1UAACAAAABzVQAAJAAAA8NRAAAoA AADM1EAAEAAAAKDUQAARAAAAcNRAABIAAABM1EAAEwAAACDUQAAYAAAA6NNAABkAAADA00AA GgAAAIjTQAAbAAAAUNNAABwAAAAo00AAeAAAABjTQAB5AAAACNNAAHoAAAD40kAA/AAAAPTS QAD/AAAA5NJAAAAAAAAAAAAAADtJAAAAAAAAO0kAAQEAAAAAAAAAAAAAABAAAAAAAAAAAAAA AAAAAAAAAAACAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAACAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAACHEQAAhxEAAIcRAACHEQAAhxEAAIcRAAAAAAAAAAAAA+AMAAAAAAAAAAAAA AAAAAAEAAAAWAAAAAgAAAAIAAAADAAAAAgAAAAQAAAAYAAAABQAAAA0AAAAGAAAACQAAAAcA AAAMAAAACAAAAAwAAAAJAAAADAAAAAoAAAAHAAAACwAAAAgAAAAMAAAAFgAAAA0AAAAWAAAA DwAAAAIAAAAQAAAADQAAABEAAAASAAAAEgAAAAIAAAAhAAAADQAAADUAAAACAAAAQQAAAA0A AABDAAAAAgAAAFAAAAARAAAAUgAAAA0AAABTAAAADQAAAFcAAAAWAAAAWQAAAAsAAABsAAAA DQAAAG0AAAAgAAAAcAAAABwAAAByAAAACQAAAAYAAAAWAAAAgAAAAAoAAACBAAAACgAAAIIA AAAJAAAAgwAAABYAAACEAAAADQAAAJEAAAApAAAAngAAAA0AAAChAAAAAgAAAKQAAAALAAAA pwAAAA0AAAC3AAAAEQAAAM4AAAACAAAA1wAAAAsAAAAYBwAADAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAwAAACAAAIAOAAAAQAAAgAAAAAAAAAAAAAAAAAAAAgABAAAA WAAAgAIAAABwAACAAAAAAAAAAAAAAAAAAAABAGUAAACIAACAAAAAAAAAAAAAAAAAAAABAAQI AACgAAAAAAAAAAAAAAAAAAAAAAABAAQIAACwAAAAAAAAAAAAAAAAAAAAAAABAAQIAADAAAAA 0FAJAOgCAAAAAAAAAAAAALhTCQAoAQAAAAAAAAAAAADgVAkAIgAAAAAAAAAAAAAAKAAAACAA AABAAAAAAQAEAAAAAACAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL8AAL8AAAC/vwC/AAAA vwC/AL+/AADAwMAAgICAAAAA/wAA/wAAAP//AP8AAAD/AP8A//8AAP///wAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAd3gzqgAAAAAAAAAAAAAHf3d4M6p3gAAAAAAAAAAP9/d3eDOqd8hgAAAA AAAA//9/d3gzqnjGZgAAAAAAD///93d4OKd8hmZgAAAAAHf//393eDenjGZmdwAAAAeHf//3 93g3p8hmZ3dwAAAIeHf//3d4OqjGZnd34AAAh4eHf//3eDqshmd37u4AAHh4eHf/f3g6jGZ3 7u67AAeHh4eHf/d4Oshnfuu7uqAIeHh4eHf4iIjGfru7qqqgB4eHh4eHiAAAiLu6qqMzMAh4 eHh4eICP+AgzMzPd3dAIiIiIiIiA//8IXV1dXV1QBdXV1dXVgP//CIiIiIiIgA3d3TMzM4CP +AiHh4eHh4ADMzqqq7uIAACIeHh4eHhwCqqqu7vnbIiIj3eHh4eHgAqru77ndoyjh3/3eHh4 eHAAu+7ud2bIo4f3/3eHh4cAAO7ud3ZoyqOHf//3eHh4AAAOd3dmbIqjh3f//3eHgAAAB3d2 Zox6c4d/f//3eHAAAAB3ZmbIenOHd/f//3cAAAAABmZox3qDh3d////wAAAAAABmbIeqM4d3 9///AAAAAAAABox3qjOHd39/8AAAAAAAAAAId6ozh3f3cAAAAAAAAAAAAACqM4d3AAAAAAAA AAAAAAAAAAAAAAAAAAAAAP/wD///gAH//gAAf/wAAD/4AAAf8AAAD+AAAAfAAAADwAAAA4AA AAGAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAGAAAAB wAAAA8AAAAPgAAAH8AAAD/gAAB/8AAA//gAAf/+AAf//8A//KAAAABAAAAAgAAAAAQAEAAAA AADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAIAAAACAgACAAAAAgACAAICAAACAgIAA wMDAAAAA/wAA/wAAAP//AP8AAAD/AP8A//8AAP///wAAAAAAAAAAAAAACIc6gAAAAA/4hzLM YAAACPiHMsZoAACHj4csZoYACHh4hyxoqqAHh4dwCCqiIAh4eA/wERVQBVERD/CHh4ACKqKA CHh4cAqqhsJ4h4eAAGhmwnj4eAAAhmwjeI+IAAAGzCN4j/AAAAAIo3iAAAAAAAAAAAAAAPgf AADgBwAAwAMAAIABAACAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAEAAIABAADAAwAA 4AcAAPgfAAAAAAEAAgAgIBAAAQAEAOgCAAABABAQEAABAAQAKAEAAAIAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATVqQAAMA AAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA gAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v ZGUuDQ0KJAAAAAAAAABQRQAATAEGANOhIDcAAAAAAAAAAOAADiELAQUAAJQAAAA8AQAAAAAA dIkAAAAQAAAAsAAAAACMfwAQAAAAEAAABAAAAAAAAAAEAAAAAAAAAAAgAgAABAAAtDwCAAIA AAAAABAAABAAAAAQAAAAEAAAAAAAABAAAABwoQAAFQEAAADAAAC0AAAAAPAAAMQXAQAAAAAA AAAAAAAAAAAAAAAAABACADQJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAQxAAASAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAA hZIAAAAQAAAAoAAAABAAAAAAAAAAAAAAAAAAACAAAGAuZGF0YQAAAAoCAAAAsAAAABAAAACw AAAAAAAAAAAAAAAAAABAAADQLmlkYXRhAABYEQAAAMAAAAAgAAAAwAAAAAAAAAAAAAAAAAAA QAAAQC5pbnN0YW5jBAAAAADgAAAAEAAAAOAAAAAAAAAAAAAAAAAAAEAAAMAucnNyYwAAAMQX AQAA8AAAACABAADwAAAAAAAAAAAAAAAAAABAAABQLnJlbG9jAABWCwAAABACAAAQAAAAEAIA AAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAA --EPLSIKgf8Rz1VkW4887m7j-- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Fri Jan 3 09:29:52 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h03HTp16026136; Fri, 3 Jan 2003 09:29:51 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h03HTpk5026135; Fri, 3 Jan 2003 09:29:51 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h03HTm16026128 for ; Fri, 3 Jan 2003 09:29:48 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h03HTvXq009237 for ; Fri, 3 Jan 2003 09:29:57 -0800 (PST) Received: from e33.co.us.ibm.com (e33.co.us.ibm.com [32.97.110.131]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id JAA05444 for ; Fri, 3 Jan 2003 09:29:51 -0800 (PST) Received: from westrelay01.boulder.ibm.com (westrelay01.boulder.ibm.com [9.17.194.22]) by e33.co.us.ibm.com (8.12.2/8.12.2) with ESMTP id h03HTiSK050360; Fri, 3 Jan 2003 12:29:44 -0500 Received: from cichlid.adsl.duke.edu (sig-9-65-208-106.mts.ibm.com [9.65.209.106] (may be forged)) by westrelay01.boulder.ibm.com (8.12.3/NCO/VER6.4) with ESMTP id h03HTgeG047706; Fri, 3 Jan 2003 10:29:43 -0700 Received: from cichlid.adsl.duke.edu (narten@localhost) by cichlid.adsl.duke.edu (8.11.6/8.9.3) with ESMTP id h03HS1G07945; Fri, 3 Jan 2003 12:28:07 -0500 Message-Id: <200301031728.h03HS1G07945@cichlid.adsl.duke.edu> To: jarno.rajahalme@nokia.com cc: ipng@sunroof.eng.sun.com Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt In-Reply-To: Message from jarno.rajahalme@nokia.com of "Fri, 20 Dec 2002 19:26:53 +0200." <009CA59D1752DD448E07F8EB2F9117570216EB13@esebe004.ntc.nokia.com> Date: Fri, 03 Jan 2003 12:28:01 -0500 From: Thomas Narten Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk I reviewed the revised document today. Speaking as an individual, here is my reaction: > Abstract > > This document specifies the IPv6 Flow Label field, the requirements > for IPv6 source nodes labeling flows, and the requirements for flow > state establishment methods. Note: what I would expect this draft to describe is: 1) what arbitrary source nodes should do with the flow label. 2) what routers should do with the flow label. The document appears to do 1), but 2) is omitted from the document. Is this OK? I.e., I thought the main reason to specify the flow label is so that current implementations can do something sensible with the flow label. Is there enough guidance for router implementors (e.g., those doing hardware) to add useful support for the flow label? I'm not sure, but would like to hear from such implementors. > 2. IPv6 Flow Label Specification > > The 20-bit Flow Label field in the IPv6 header [IPv6] SHOULD be used > by a source to label packets of a flow. A non-zero Flow Label Note: I don't think the SHOULD/MUST usage in this document is always helpful or even correct. It would make sense to go read the defintions in RFC 2119 as cited. This document defines a flow as the three tuple. No "SHOULD" about it. If a source wants to label a flow, it does so by setting the flow label. A better wording would be something like: Flows in IPv6 identified by the tuple of the 20-bit Flow Label, the IP source address, and the IP destination address in the IPv6 header. > The packet MAY be given some flow-specific treatment based on the > flow state established on a set of IPv6 nodes. The nature of the MAY here seems odd too. Again, read the definition of MAY. It suggests that an implementation may decide it makes sense to do something in certain circumstances. But what I think the document is trying to say here is that flow-specific processing is done by entities that have been directed to do so. This is not an implementation choice in the "MAY" sense. It has more to do whether a device implements flows and then whether there is appropriate flow-state. Suggested reword: The packet will be processed in a flow-specific manner by those nodes that have special processing enabled for packets belonging to a particular flow. Actually, the entire paragraph might be better as: IPv6 flows are defined by the tuple of the 20-bit Flow Label, the IP source address, and the IP destination address in the IPv6 header. Packet classifiers use the tuple to identify which flow a particular packet belongs to. Packets will be processed in a flow-specific manner by those nodes that have special processing enabled for packets belonging to a particular flow. A Flow Label of zero indicates an unlabelled packet that is given no special treatment. The nature of the specific treatment and the methods for the flow state establishment are beyond the scope of this specification. > The Flow Label value set by the source MUST be delivered unchanged to > the destination node(s). Question: What is the above intended to mean? That the flow label must be delivered to the destination unchanged from what it was set to by the originator? Or that the flow label MUST NOT be modified by any node along the path? (the two are different, and the words seem to say the former.) It would be good to be clear. > IPv6 nodes MUST NOT assume any mathematical or other properties of > the Flow Label values assigned by source nodes. Router performance > SHOULD NOT be dependent on the distribution of the Flow Label values. > Especially, the Flow Label bits alone make poor material for a hash > key. I wonder if the above wording is even needed. Can this section just be dropped? If not, suggested reword: Some early proposals for use of the IPv6 Flow Label suggested that routers might use the Flow Label as a hash key for doing lookups as an optimization. However, this technique assumed that Flow Label values would make good material for a hash key in order that the resultant hashes would be sufficiently distributed. In practice, this cannot be relied upon, and would open up implementations to potential denial-of-service attacks from attackers that intentionally violate such an assumption. Consequently, IPv6 nodes MUST NOT assume any mathematical or other properties of the Flow Label values assigned by source nodes. > Nodes keeping dynamic flow state MUST NOT assume packets arriving 60 > seconds or more after the previous packet of a flow still belong to > the same flow, unless a flow state establishment method in use > defines a longer flow state lifetime or the flow state has been > explicitly refreshed within the lifetime duration. I'm not entirely comfortable with the above wording. It seems to me, that any node making assumptions about flow values *needs* a flow setup mechanism to go along with it. But if there is such a mechanism, that mechanism can communicate appropriate timer values for timing out state (and the above words are not needed). If there is no such mechanism, what sort of flow-specific processing should assume that a gap of 60 seconds implies a reset in the flow? What problem is the above wording intended to address? > If an IPv6 node is not providing flow-specific treatment, it MUST > ignore the field when receiving or forwarding a packet. Such a node is presumably not implementing this spec, in which case the words seem superfluous... Delete? > 3. Flow Labeling Requirements > > To enable Flow Label based classification, sources SHOULD assign each > unrelated transport connection and application data stream to a new > flow. The source MAY also take part in flow state establishment > methods that result in assigning certain packets to specific flows. A > source which does not assign traffic to flows MUST set the Flow Label > to zero. I find the above a bit muddled and incomplete. Here is an attempt at clarifying: A source enables flow-specific processing by assigning a non-zero value to the Flow Label on outgoing packets. Because identifying individual flows may only be possible with the direct help of individual applications, there is no one rule for how and when to label outgoing packets. In the absence of more-explicit information (e.g, from an application), sources SHOULD assign each new transport connection to a new flow. Applications should also be provided sufficient control over how to set the Flow Label. Such indications should support: - use a specific value for the flow label (e.g., if the application is participating in a flow setup protocol) - Let the system pick a value, but provide a way for the application to specify that a previously-assigned value be used when sending packets. This is to support applications that have multiple flows, transported over what the system might view as a single "connection" or "socket". ... [there are a bunch of things here that it probably makes sense to at least indicate may be necessary. I don't think this document should include the API, but it would be good to itemize the types of operations that will need to be supported.] A source that does not desire flow-specific processing sets the Flow Label value to 0. However, this document requires that implementations not set the value to 0 by default, in order to enable the support load spreading. > A source node MUST keep track of the Flow Label values it is > currently using or has recently used. Mumble. the above comes across as a restrictive requirement rather than focusing on the key requirement to fulfill. > Flow Label values previously > used with a specific pair of source and destination addresses MUST > NOT be assigned to new flows with the same address pair within 60 > seconds of the termination of the previous flow. If the previous flow > had a lifetime longer than the default 60 seconds, a quarantine > period of at least the length of the lifetime MUST be observed. As mentioned above, I'm not sure about the 60 second value. Also, the wording could be better. > The requirement of not reusing a Flow Label value for a new flow with > the same pair of source and destination addresses extends across > source node crashes and reboots. To avoid accidental Flow Label value > reuse, the source node SHOULD use a different initial value for Flow > Label assignments after a reboot. The initial value could be randomly > generated, or computed from a previous value stored in non-volatile > memory. Suggested rewording: A source node should not reuse a particular Flow Label for a different flow until it is sure that any flow-specific state on other nodes has timed out or been appropriately updated. In particular, if a node reboots, it may lose track of which Flow Label values it has used recently, and pick the same ones. Implementations MUST ensure that they don't reuse Flow Labels too quickly. The problem here is analagous to picking initial sequence numbers when opening TCP connections after a restart. There are number of ways to avoid reuse. One approach is to have new Flow Label values be chosen in some well-defined order (e.g., sequentially, a pseudo-random sequence, etc.). Upon a system restart, the initial value could be randomly generated, or computed from a previous value stored in non-volatile memory. > 4. Flow State Establishment Requirements > > To enable flow-specific treatment, flow state needs to be established > on all or a subset of the IPv6 nodes on the path from the source to > the destination(s). The methods for the state establishment, as well > as the models for flow-specific treatment will be defined in separate > specifications. > > To enable co-existence of different methods in IPv6 nodes, the > methods MUST meet the following basic requirements: > > (1) The method MUST provide the means for flow state clean-up from > the IPv6 nodes providing the flow-specific treatment. Signaling > based methods where the source node is involved are free to > specify flow state lifetimes longer than the default 60 seconds. > > (2) Flow state establishment methods MUST be able to recover from > the case where the requested flow state cannot be supported. I'm not sure what purpose the above provides. I guess its mostly harmless, but it strikes me as being pretty obvious, and I wonder if these are the only real issues to think about. I.e., is this section complete? If not, do we need it? > Security Considerations > > The use of the Flow Label field enables flow classification also in > the presence of encryption of IPv6 payloads. This allows the > transport header values to remain confidential, which may lessen the > possibilities for some forms of traffic analysis. However, the > labeling of flows defined in this specification may reveal some > structure of communications otherwise concealed by transport mode Seems like more could be said here. If use of the flow label allows special treatment of traffic, aren't there possible theft of service issues? Or DOS issues, if someone generates traffic trying to overwhelm a particular flow? What about authorization? Can anyone set up flows? Are there requirements or issues here that should be mentioned in Section 4? This section seems a bit incomplete. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Fri Jan 3 09:35:34 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h03HZY16026229; Fri, 3 Jan 2003 09:35:34 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h03HZYu5026228; Fri, 3 Jan 2003 09:35:34 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h03HZU16026221 for ; Fri, 3 Jan 2003 09:35:30 -0800 (PST) Received: from kathmandu.sun.com (kathmandu.Central.Sun.COM [129.147.5.36]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h03HZduk005934 for ; Fri, 3 Jan 2003 09:35:39 -0800 (PST) Received: from e31.co.us.ibm.com (e31.co.us.ibm.com [32.97.110.129]) by kathmandu.sun.com (8.9.3+Sun/8.9.3) with ESMTP id KAA29863 for ; Fri, 3 Jan 2003 10:35:34 -0700 (MST) Received: from westrelay01.boulder.ibm.com (westrelay01.boulder.ibm.com [9.17.194.22]) by e31.co.us.ibm.com (8.12.2/8.12.2) with ESMTP id h03HZTZx048460; Fri, 3 Jan 2003 12:35:29 -0500 Received: from cichlid.adsl.duke.edu (sig-9-65-208-106.mts.ibm.com [9.65.209.106] (may be forged)) by westrelay01.boulder.ibm.com (8.12.3/NCO/VER6.4) with ESMTP id h03HYBeG099008; Fri, 3 Jan 2003 10:34:12 -0700 Received: from cichlid.adsl.duke.edu (narten@localhost) by cichlid.adsl.duke.edu (8.11.6/8.9.3) with ESMTP id h03HWaZ07960; Fri, 3 Jan 2003 12:32:36 -0500 Message-Id: <200301031732.h03HWaZ07960@cichlid.adsl.duke.edu> To: Siva Veerepalli cc: ipng@sunroof.eng.sun.com Subject: Re: DAD for stateful address autoconfig In-Reply-To: Message from Siva Veerepalli of "Fri, 13 Dec 2002 15:17:23 PST." <4.3.1.2.20021213135845.01e10ed8@jittlov.qualcomm.com> Date: Fri, 03 Jan 2003 12:32:36 -0500 From: Thomas Narten Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk > For stateful address config, since state is maintained it is unlikely that > the same address would be assigned to two different > interfaces. Isn't it? I'm not sure this assumption is valid. Note that in DHCPv4, nodes are also supposed to see if someone else is already using the address before using. This is to prevent duplicate assignments that "aren't supposed to happen". Hence, checking to see if it is in use is a prudent safety measure. Thomas -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Fri Jan 3 09:56:17 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h03HuH16026855; Fri, 3 Jan 2003 09:56:17 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h03HuGrN026854; Fri, 3 Jan 2003 09:56:16 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h03HuD16026847 for ; Fri, 3 Jan 2003 09:56:13 -0800 (PST) Received: from patan.sun.com (patan.Central.Sun.COM [129.147.5.43]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h03HuMXq015533 for ; Fri, 3 Jan 2003 09:56:22 -0800 (PST) Received: from e33.co.us.ibm.com (e33.co.us.ibm.com [32.97.110.131]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id KAA02095; Fri, 3 Jan 2003 10:56:17 -0700 (MST) Received: from westrelay01.boulder.ibm.com (westrelay01.boulder.ibm.com [9.17.194.22]) by e33.co.us.ibm.com (8.12.2/8.12.2) with ESMTP id h03HuCSK041510; Fri, 3 Jan 2003 12:56:13 -0500 Received: from cichlid.adsl.duke.edu (sig-9-65-208-106.mts.ibm.com [9.65.209.106] (may be forged)) by westrelay01.boulder.ibm.com (8.12.3/NCO/VER6.4) with ESMTP id h03HuBeG102704; Fri, 3 Jan 2003 10:56:11 -0700 Received: from cichlid.adsl.duke.edu (narten@localhost) by cichlid.adsl.duke.edu (8.11.6/8.9.3) with ESMTP id h03HsJO08210; Fri, 3 Jan 2003 12:54:20 -0500 Message-Id: <200301031754.h03HsJO08210@cichlid.adsl.duke.edu> To: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= cc: Erik.Nordmark@Sun.COM, ipng@sunroof.eng.sun.com Subject: Re: preferred lifetime > valid lifetime In-Reply-To: Message from JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= of "Tue, 10 Dec 2002 21:38:26 +0900." Date: Fri, 03 Jan 2003 12:54:19 -0500 From: Thomas Narten Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk > I have a question about a corner case of IPv6 Neighbor Discovery; what > should a host do if a received RA contains a prefix whose preferred > lifetime is larger than valid lifetime? > In terms stateless address autoconfiguration, the specification > clearly says that such a prefix must be ignored: > c) If the preferred lifetime is greater than the valid lifetime, > silently ignore the Prefix Information option. A node MAY wish to > log a system management error in this case. > (RFC 2462 Section 5.5.3) > However, there seems to be no description about the case in RFC 2461. > This is perhaps intentional, because the preferred lifetime does not > affect on-link prefix configuration. So my question is: > - is RFC 2461 intentionally silent about the case of preferred > lifetime > valid lifetime? > - if so, what should a host do when, for example, it receives a prefix > with the L bit being set, the A bit being set, and preferred LT > > valid LT? Should it just regard the prefix as on-link and not > configure a corresponding address? > - or, do I miss something in RFC 2461? I don't know that it really matters that much whether one ignores the on-link determiniation or not in this case. Neither seems particularly catastrophic. Note the follow words in 2461: Stateless address autoconfiguration [ADDRCONF] may in some circumstances increase the Valid Lifetime of a prefix or ignore it completely in order to prevent a particular denial of service attack. However, since the effect of the same denial of service targeted at the on-link prefix list is not catastrophic (hosts would send packets to a default router and receive a redirect rather than sending packets directly to a neighbor) the Neighbor Discovery protocol does not impose such a check on the prefix lifetime values. I think similar logic applies to the case you describe. Thomas -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Sat Jan 4 00:42:43 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h048gh16000464; Sat, 4 Jan 2003 00:42:43 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h048gh34000463; Sat, 4 Jan 2003 00:42:43 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h048ge16000456 for ; Sat, 4 Jan 2003 00:42:40 -0800 (PST) Received: from pheriche.sun.com (pheriche.Central.Sun.COM [129.147.5.34]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h048gmuk027310 for ; Sat, 4 Jan 2003 00:42:48 -0800 (PST) Received: from mta0 ([61.144.161.10]) by pheriche.sun.com (8.9.3+Sun/8.9.3) with ESMTP id BAA19970 for ; Sat, 4 Jan 2003 01:42:37 -0700 (MST) Received: from ly (mta0 [172.17.1.62]) by mta0.huawei.com (iPlanet Messaging Server 5.2 HotFix 0.8 (built Jul 12 2002)) with ESMTPA id <0H86000MQLG4OH@mta0.huawei.com> for ipng@sunroof.eng.sun.com; Sat, 04 Jan 2003 16:40:54 +0800 (CST) Date: Sat, 04 Jan 2003 16:41:54 +0800 From: Keshava Ayanur Subject: DAD scope ?? To: 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Message-id: <000201c2b3cd$22def5a0$68226e0a@HUAWEI.COM> Organization: Huawei Technology MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 X-Mailer: Microsoft Outlook, Build 10.0.3416 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk I would like to know Duplicate Address detection (DAD) scope is only for link - for link local address Or it appilies even for site - for site local address global - for global unicast address. Thanks keshava -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Sat Jan 4 07:57:12 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h04FvC16001398; Sat, 4 Jan 2003 07:57:12 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h04FvC4r001397; Sat, 4 Jan 2003 07:57:12 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h04Fv916001390 for ; Sat, 4 Jan 2003 07:57:09 -0800 (PST) Received: from lukla.Sun.COM (lukla.Central.Sun.COM [129.147.5.31]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h04FvIXq028376 for ; Sat, 4 Jan 2003 07:57:19 -0800 (PST) Received: from netcore.fi (netcore.fi [193.94.160.1]) by lukla.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id IAA25667 for ; Sat, 4 Jan 2003 08:57:12 -0700 (MST) Received: from localhost (pekkas@localhost) by netcore.fi (8.11.6/8.11.6) with ESMTP id h04FuwH27201; Sat, 4 Jan 2003 17:56:58 +0200 Date: Sat, 4 Jan 2003 17:56:58 +0200 (EET) From: Pekka Savola To: Keshava Ayanur cc: 6bone@mailman.isi.edu, Subject: Re: [6bone] DAD scope ?? In-Reply-To: <000201c2b3cd$22def5a0$68226e0a@HUAWEI.COM> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk On Sat, 4 Jan 2003, Keshava Ayanur wrote: > Duplicate Address detection (DAD) scope is only for > Or it appilies even for > > site - for site local address > global - for global unicast address. All. -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Sun Jan 5 03:43:43 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h05Bhg16003416; Sun, 5 Jan 2003 03:43:42 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h05BhgfM003415; Sun, 5 Jan 2003 03:43:42 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h05Bhd16003408 for ; Sun, 5 Jan 2003 03:43:39 -0800 (PST) Received: from patan.sun.com (patan.Central.Sun.COM [129.147.5.43]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h05Bhmuk018374 for ; Sun, 5 Jan 2003 03:43:48 -0800 (PST) Received: from mail.wrs.com (unknown-1-11.windriver.com [147.11.1.11]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id EAA27236 for ; Sun, 5 Jan 2003 04:43:42 -0700 (MST) Received: from IDLEWYLDE.windriver.com ([147.11.233.4]) by mail.wrs.com (8.9.3/8.9.1) with ESMTP id DAA18172; Sun, 5 Jan 2003 03:42:43 -0800 (PST) Message-Id: <5.1.0.14.2.20030105063655.0321a8b8@mail.windriver.com> X-Sender: mrw@mail.windriver.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Sun, 05 Jan 2003 06:40:48 -0500 To: Keshava Ayanur From: Margaret Wasserman Subject: Re: DAD scope ?? Cc: 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com In-Reply-To: <000201c2b3cd$22def5a0$68226e0a@HUAWEI.COM> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hi Keshava, DAD is intended to cover all unicast addresses (all scopes). It includes an optimization, however, that allows nodes that have checked a link-local address with a particular Interface ID (IID) to skip checking other addresses that are constructed on the same interface using that same IID. DAD is a link-local mechanism (uses link-local multicast packets). So, while it checks all addresses, it only explicitly checks for duplicate addresses on the local link. Margaret At 04:41 PM 1/4/2003 +0800, Keshava Ayanur wrote: >I would like to know > >Duplicate Address detection (DAD) scope is only for > link - for link local address >Or it appilies even for > > site - for site local address > global - for global unicast address. > > >Thanks >keshava > >-------------------------------------------------------------------- >IETF IPng Working Group Mailing List >IPng Home Page: http://playground.sun.com/ipng >FTP archive: ftp://playground.sun.com/pub/ipng >Direct all administrative requests to majordomo@sunroof.eng.sun.com >-------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Sun Jan 5 09:14:38 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h05HEc16003742; Sun, 5 Jan 2003 09:14:38 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h05HEbKi003741; Sun, 5 Jan 2003 09:14:37 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h05HEY16003734 for ; Sun, 5 Jan 2003 09:14:35 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h05HEhuk015718 for ; Sun, 5 Jan 2003 09:14:43 -0800 (PST) Received: from netcore.fi (netcore.fi [193.94.160.1]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id JAA25392 for ; Sun, 5 Jan 2003 09:14:37 -0800 (PST) Received: from localhost (pekkas@localhost) by netcore.fi (8.11.6/8.11.6) with ESMTP id h05HEJ009120; Sun, 5 Jan 2003 19:14:19 +0200 Date: Sun, 5 Jan 2003 19:14:18 +0200 (EET) From: Pekka Savola To: Pim van Pelt cc: Keshava Ayanur , <6bone@mailman.isi.edu>, Subject: Re: [6bone] DAD scope ?? In-Reply-To: <20030105115213.GH17943@bfib.colo.bit.nl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk On Sun, 5 Jan 2003, Pim van Pelt wrote: > On Sat, Jan 04, 2003 at 05:56:58PM +0200, Pekka Savola wrote: > | On Sat, 4 Jan 2003, Keshava Ayanur wrote: > | > Duplicate Address detection (DAD) scope is only for > | > Or it appilies even for > | > > | > site - for site local address > | > global - for global unicast address. > | > | All. > > How would I do DAD for a global scope address ? The same as with link-local addresses. > ICMPv6-ND does not seem > appropriate and ICMPv6-echo is surely not what you want. There seems to be some confusion here. DAD is used to guarantee uniqueness of an address on a _link_ (or possibly on a subnet) -- the same for any kind of address, not uniqueness within a scope (e.g. DAD for a global address does not mean it's globally unique). Hope this clarifies. -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 00:17:43 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h068Hh16005273; Mon, 6 Jan 2003 00:17:43 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h068HhXb005272; Mon, 6 Jan 2003 00:17:43 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h068Hd16005265 for ; Mon, 6 Jan 2003 00:17:39 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h068HnXq001159 for ; Mon, 6 Jan 2003 00:17:49 -0800 (PST) Received: from mail1.beijingnet.com ([202.136.254.1]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id AAA05598 for ; Mon, 6 Jan 2003 00:17:43 -0800 (PST) Received: from biingn ([218.30.223.17]) by mail1.beijingnet.com (8.8.8+2.7Wbeta7/3.6W) with SMTP id QAA23474 for ; Mon, 6 Jan 2003 16:24:39 +0800 (CST) Message-ID: <000c01c2b55c$0cef1910$0e35090a@biingn> From: "wangxin" To: Subject: how to pppoe with ipv6 Date: Mon, 6 Jan 2003 16:16:57 +0800 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0009_01C2B59F.08DF61C0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk This is a multi-part message in MIME format. ------=_NextPart_000_0009_01C2B59F.08DF61C0 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: base64 YWxsLA0KICBJIG5lZWQgYSBoZWxwLiBJIHdhbnQgdG8gdXNlIHBwcG9lIHdpdGggaXB2Ni4gQnV0 IEkgY2FuJ3QgZ2V0IGEgcHBwb2UgY2xpZW50IHdoaWNoIGNhbiBzdXBwb3J0IGlwdjYuDQogIEhv cGUgaGVscCENCg0Kd2FuZ3hpbg0KDQo= ------=_NextPart_000_0009_01C2B59F.08DF61C0 Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: base64 PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgaHR0cC1lcXVpdj1Db250ZW50LVR5cGUgY29udGVu dD0idGV4dC9odG1sOyBjaGFyc2V0PWdiMjMxMiI+DQo8TUVUQSBjb250ZW50PSJNU0hUTUwgNi4w MC4yNjAwLjAiIG5hbWU9R0VORVJBVE9SPg0KPFNUWUxFPjwvU1RZTEU+DQo8L0hFQUQ+DQo8Qk9E WSBiZ0NvbG9yPSNmZmZmZmY+DQo8RElWPjxGT05UIHNpemU9Mj5hbGwsPC9GT05UPjwvRElWPg0K PERJVj48Rk9OVCBzaXplPTI+Jm5ic3A7IEkgbmVlZCBhIGhlbHAuIEkgd2FudCB0byB1c2UgcHBw b2Ugd2l0aCBpcHY2LiBCdXQgSSANCmNhbid0IGdldCBhIHBwcG9lIGNsaWVudCB3aGljaCBjYW4g c3VwcG9ydCBpcHY2LjwvRk9OVD48L0RJVj4NCjxESVY+PEZPTlQgc2l6ZT0yPiZuYnNwOyBIb3Bl IGhlbHAhPC9GT05UPjwvRElWPg0KPERJVj48Rk9OVCBzaXplPTI+PC9GT05UPiZuYnNwOzwvRElW Pg0KPERJVj48Rk9OVCBzaXplPTI+d2FuZ3hpbjwvRk9OVD48L0RJVj4NCjxESVY+Jm5ic3A7PC9E SVY+PC9CT0RZPjwvSFRNTD4NCg== ------=_NextPart_000_0009_01C2B59F.08DF61C0-- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 03:07:09 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06B7916006521; Mon, 6 Jan 2003 03:07:09 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h06B79SR006520; Mon, 6 Jan 2003 03:07:09 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06B7616006513 for ; Mon, 6 Jan 2003 03:07:06 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h06B7Fuk009808 for ; Mon, 6 Jan 2003 03:07:15 -0800 (PST) Received: from mta0 ([61.144.161.10]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id DAA26779 for ; Mon, 6 Jan 2003 03:07:09 -0800 (PST) Received: from ly (mta0 [172.17.1.62]) by mta0.huawei.com (iPlanet Messaging Server 5.2 HotFix 0.8 (built Jul 12 2002)) with ESMTPA id <0H8A00DJVHH0VR@mta0.huawei.com> for ipng@sunroof.eng.sun.com; Mon, 06 Jan 2003 19:05:25 +0800 (CST) Date: Mon, 06 Jan 2003 19:06:26 +0800 From: Keshava Ayanur Subject: NATPT prefix ... To: 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Cc: keshav Message-id: <000001c2b573$a89fb2e0$68226e0a@HUAWEI.COM> Organization: Huawei Technology MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 X-Mailer: Microsoft Outlook, Build 10.0.3416 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk I have question about NAT-PT (RFC 2766). How does the hosts, routers in the IPV6 domain knows about the NATPT prefix that they should use when sending V6 packets to V4 network. NAT-PT router which resides in the border between V6 & V4 cloud should advertise this prefix. How ? Regards, keshava -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 10:23:14 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06INE16010031; Mon, 6 Jan 2003 10:23:14 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h06INExb010030; Mon, 6 Jan 2003 10:23:14 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06IN716010023 for ; Mon, 6 Jan 2003 10:23:07 -0800 (PST) Received: from patan.sun.com (patan.Central.Sun.COM [129.147.5.43]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h06IN7uk025290 for ; Mon, 6 Jan 2003 10:23:07 -0800 (PST) Received: from mailhost.iprg.nokia.com (mailhost.iprg.nokia.com [205.226.5.12]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id LAA15596 for ; Mon, 6 Jan 2003 11:23:01 -0700 (MST) Received: from darkstar.iprg.nokia.com (darkstar.iprg.nokia.com [205.226.5.69]) by mailhost.iprg.nokia.com (8.9.3/8.9.3-GLGS) with ESMTP id KAA28322; Mon, 6 Jan 2003 10:23:00 -0800 (PST) Received: (from root@localhost) by darkstar.iprg.nokia.com (8.11.0/8.11.0-DARKSTAR) id h06IMx000774; Mon, 6 Jan 2003 10:22:59 -0800 X-mProtect: <200301061822> Nokia Silicon Valley Messaging Protection Received: from UNKNOWN (205.226.2.67, claiming to be "iprg.nokia.com") by darkstar.iprg.nokia.com smtpdwR4xfG; Mon, 06 Jan 2003 10:22:57 PST Message-ID: <3E19CBD4.2040704@iprg.nokia.com> Date: Mon, 06 Jan 2003 10:32:52 -0800 From: "Fred L. Templin" User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.2) Gecko/20021120 Netscape/7.01 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Margaret Wasserman CC: Keshava Ayanur , 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Subject: Re: DAD scope ?? References: <5.1.0.14.2.20030105063655.0321a8b8@mail.windriver.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Margaret/others, Margaret Wasserman wrote: > DAD is a link-local mechanism (uses link-local multicast > packets). So, while it checks all addresses, it only > explicitly checks for duplicate addresses on the local link. What about DAD for links that are unicast-only? Alternatives I can imagine are: 1. specify some sort of unicast mechanism for DAD 2. perform some sort of multicast emulation (e.g., MARS) 3. avoid DAD alltogether when one can assume that addresses are uniquely assigned within the site Thoughts? Fred Templin ftemplin@iprg.nokia.com -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 10:35:46 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06IZj16010247; Mon, 6 Jan 2003 10:35:45 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h06IZjM5010246; Mon, 6 Jan 2003 10:35:45 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06IZg16010239 for ; Mon, 6 Jan 2003 10:35:42 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h06IZguk029091 for ; Mon, 6 Jan 2003 10:35:42 -0800 (PST) Received: from ncsmtp03.ogw.rr.com (ncsmtp03.ogw.rr.com [24.93.67.84]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id KAA07489 for ; Mon, 6 Jan 2003 10:35:36 -0800 (PST) Received: from mail5.nc.rr.com (fe5 [24.93.67.52]) by ncsmtp03.ogw.rr.com (8.12.5/8.12.2) with ESMTP id h06IXUib018630; Mon, 6 Jan 2003 13:33:31 -0500 (EST) Received: from nc.rr.com ([63.109.132.2]) by mail5.nc.rr.com with Microsoft SMTPSVC(5.5.1877.757.75); Mon, 6 Jan 2003 13:32:49 -0500 Message-ID: <3E19CC6D.8030705@nc.rr.com> Date: Mon, 06 Jan 2003 13:35:25 -0500 From: Brian Haberman Organization: No Organization Here User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2.1) Gecko/20021130 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Fred L. Templin" CC: Margaret Wasserman , Keshava Ayanur , 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Subject: Re: DAD scope ?? References: <5.1.0.14.2.20030105063655.0321a8b8@mail.windriver.com> <3E19CBD4.2040704@iprg.nokia.com> In-Reply-To: <3E19CBD4.2040704@iprg.nokia.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Each ipv6-over-foo doc discusses modifications to ND, if necessary, for the particular link technology. For example, Section 5 of RFC 2023 (IPv6 over PPP) mentions that DAD is redundant and needn't be run. Regards, Brian Fred L. Templin wrote: > Margaret/others, > > Margaret Wasserman wrote: > >> DAD is a link-local mechanism (uses link-local multicast >> packets). So, while it checks all addresses, it only >> explicitly checks for duplicate addresses on the local link. > > > What about DAD for links that are unicast-only? Alternatives > I can imagine are: > > 1. specify some sort of unicast mechanism for DAD > 2. perform some sort of multicast emulation (e.g., MARS) > 3. avoid DAD alltogether when one can assume that addresses > are uniquely assigned within the site > > Thoughts? > > Fred Templin > ftemplin@iprg.nokia.com > > > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to majordomo@sunroof.eng.sun.com > -------------------------------------------------------------------- > -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 10:44:46 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06Iik16010512; Mon, 6 Jan 2003 10:44:46 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h06Iik70010511; Mon, 6 Jan 2003 10:44:46 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06Iie16010504 for ; Mon, 6 Jan 2003 10:44:40 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h06IieXq019578 for ; Mon, 6 Jan 2003 10:44:40 -0800 (PST) Received: from sj-msg-core-2.cisco.com (sj-msg-core-2.cisco.com [171.70.145.30]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id KAA13093 for ; Mon, 6 Jan 2003 10:44:34 -0800 (PST) Received: from cisco.com (mrwint.cisco.com [144.254.98.48]) by sj-msg-core-2.cisco.com (8.12.2/8.12.2) with ESMTP id h06Ih2fm008060; Mon, 6 Jan 2003 10:43:02 -0800 (PST) Received: (from otroan@localhost) by cisco.com (8.8.8/2.6/Cisco List Logging/8.8.8) id SAA08616; Mon, 6 Jan 2003 18:42:55 GMT X-Authentication-Warning: mrwint.cisco.com: otroan set sender to ot@cisco.com using -f To: Brian Haberman Cc: "Fred L. Templin" , Margaret Wasserman , Keshava Ayanur , 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Subject: Re: DAD scope ?? From: Ole Troan Date: Mon, 06 Jan 2003 18:42:55 +0000 In-Reply-To: <3E19CC6D.8030705@nc.rr.com> (Brian Haberman's message of "Mon, 06 Jan 2003 13:35:25 -0500") Message-ID: <7t5el7q9l1s.fsf@mrwint.cisco.com> User-Agent: Gnus/5.090011 (Oort Gnus v0.11) Emacs/21.2 (sparc-sun-solaris2.8) References: <5.1.0.14.2.20030105063655.0321a8b8@mail.windriver.com> <3E19CBD4.2040704@iprg.nokia.com> <3E19CC6D.8030705@nc.rr.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk > Each ipv6-over-foo doc discusses modifications to ND, > if necessary, for the particular link technology. For > example, Section 5 of RFC 2023 (IPv6 over PPP) mentions > that DAD is redundant and needn't be run. my interpretation of IPv6 over PPP is different. DAD is redundant only for the link-local address, but needs to be run for all other addresses on the link. /ot > Fred L. Templin wrote: >> Margaret/others, >> Margaret Wasserman wrote: >> >>> DAD is a link-local mechanism (uses link-local multicast >>> packets). So, while it checks all addresses, it only >>> explicitly checks for duplicate addresses on the local link. >> What about DAD for links that are unicast-only? Alternatives >> I can imagine are: >> 1. specify some sort of unicast mechanism for DAD >> 2. perform some sort of multicast emulation (e.g., MARS) >> 3. avoid DAD alltogether when one can assume that addresses >> are uniquely assigned within the site >> Thoughts? >> Fred Templin >> ftemplin@iprg.nokia.com >> -------------------------------------------------------------------- >> IETF IPng Working Group Mailing List >> IPng Home Page: http://playground.sun.com/ipng >> FTP archive: ftp://playground.sun.com/pub/ipng >> Direct all administrative requests to majordomo@sunroof.eng.sun.com >> -------------------------------------------------------------------- >> > > > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to majordomo@sunroof.eng.sun.com > -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 10:44:59 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06Iix16010531; Mon, 6 Jan 2003 10:44:59 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h06Iiwvg010528; Mon, 6 Jan 2003 10:44:58 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06Iio16010520 for ; Mon, 6 Jan 2003 10:44:50 -0800 (PST) Received: from patan.sun.com (patan.Central.Sun.COM [129.147.5.43]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h06IioXq019613 for ; Mon, 6 Jan 2003 10:44:50 -0800 (PST) Received: from mailhost.iprg.nokia.com (mailhost.iprg.nokia.com [205.226.5.12]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id LAA00643 for ; Mon, 6 Jan 2003 11:44:44 -0700 (MST) Received: from darkstar.iprg.nokia.com (darkstar.iprg.nokia.com [205.226.5.69]) by mailhost.iprg.nokia.com (8.9.3/8.9.3-GLGS) with ESMTP id KAA28944; Mon, 6 Jan 2003 10:44:44 -0800 (PST) Received: (from root@localhost) by darkstar.iprg.nokia.com (8.11.0/8.11.0-DARKSTAR) id h06IihB19205; Mon, 6 Jan 2003 10:44:43 -0800 X-mProtect: <200301061844> Nokia Silicon Valley Messaging Protection Received: from UNKNOWN (205.226.2.67, claiming to be "iprg.nokia.com") by darkstar.iprg.nokia.com smtpdChTY2J; Mon, 06 Jan 2003 10:44:42 PST Message-ID: <3E19D0ED.20602@iprg.nokia.com> Date: Mon, 06 Jan 2003 10:54:37 -0800 From: "Fred L. Templin" User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.2) Gecko/20021120 Netscape/7.01 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Brian Haberman CC: Margaret Wasserman , Keshava Ayanur , 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Subject: Re: DAD scope ?? References: <5.1.0.14.2.20030105063655.0321a8b8@mail.windriver.com> <3E19CBD4.2040704@iprg.nokia.com> <3E19CC6D.8030705@nc.rr.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Brian Haberman wrote: > Each ipv6-over-foo doc discusses modifications to ND, > if necessary, for the particular link technology. Can you point me to any text in the core architecture documents (e.g., RFCs 2461, 2462) that allow this and can be used as normative reference? Thanks, Fred Templin ftemplin@iprg.nokia.com -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 11:07:34 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06J7X16011381; Mon, 6 Jan 2003 11:07:34 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h06J7Xxo011380; Mon, 6 Jan 2003 11:07:33 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06J7U16011370 for ; Mon, 6 Jan 2003 11:07:30 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h06J7Tuk010619 for ; Mon, 6 Jan 2003 11:07:29 -0800 (PST) Received: from ncsmtp03.ogw.rr.com (ncsmtp03.ogw.rr.com [24.93.67.84]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id LAA27599 for ; Mon, 6 Jan 2003 11:07:24 -0800 (PST) Received: from mail7.nc.rr.com (fe7 [24.93.67.54]) by ncsmtp03.ogw.rr.com (8.12.5/8.12.2) with ESMTP id h06J5Jib004438; Mon, 6 Jan 2003 14:05:20 -0500 (EST) Received: from nc.rr.com ([63.109.132.2]) by mail7.nc.rr.com with Microsoft SMTPSVC(5.5.1877.757.75); Mon, 6 Jan 2003 14:03:32 -0500 Message-ID: <3E19D3E0.3050901@nc.rr.com> Date: Mon, 06 Jan 2003 14:07:12 -0500 From: Brian Haberman Organization: No Organization Here User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2.1) Gecko/20021130 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Fred L. Templin" CC: Margaret Wasserman , Keshava Ayanur , 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Subject: Re: DAD scope ?? References: <5.1.0.14.2.20030105063655.0321a8b8@mail.windriver.com> <3E19CBD4.2040704@iprg.nokia.com> <3E19CC6D.8030705@nc.rr.com> <3E19D0ED.20602@iprg.nokia.com> In-Reply-To: <3E19D0ED.20602@iprg.nokia.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Fred L. Templin wrote: > Brian Haberman wrote: > > Each ipv6-over-foo doc discusses modifications to ND, > > if necessary, for the particular link technology. > > Can you point me to any text in the core architecture > documents (e.g., RFCs 2461, 2462) that allow this and > can be used as normative reference? The 2nd paragraph of the intro in 2461 begins with: Unless specified otherwise (in a document that covers operating IP over a particular link type) this document applies to all link types. So, it looks like the override is in the link-specific document and not in the core architecture documents. Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 11:17:58 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06JHw16011993; Mon, 6 Jan 2003 11:17:58 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h06JHwmX011992; Mon, 6 Jan 2003 11:17:58 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06JHs16011985 for ; Mon, 6 Jan 2003 11:17:54 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h06JHsXq002582 for ; Mon, 6 Jan 2003 11:17:54 -0800 (PST) Received: from ncsmtp03.ogw.rr.com (ncsmtp03.ogw.rr.com [24.93.67.84]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id LAA07372 for ; Mon, 6 Jan 2003 11:17:49 -0800 (PST) Received: from mail6.nc.rr.com (fe6 [24.93.67.53]) by ncsmtp03.ogw.rr.com (8.12.5/8.12.2) with ESMTP id h06JFfib018607; Mon, 6 Jan 2003 14:15:42 -0500 (EST) Received: from nc.rr.com ([63.109.132.2]) by mail6.nc.rr.com with Microsoft SMTPSVC(5.5.1877.757.75); Mon, 6 Jan 2003 14:16:39 -0500 Message-ID: <3E19D650.4020605@nc.rr.com> Date: Mon, 06 Jan 2003 14:17:36 -0500 From: Brian Haberman Organization: No Organization Here User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2.1) Gecko/20021130 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Ole Troan CC: "Fred L. Templin" , Margaret Wasserman , Keshava Ayanur , 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Subject: Re: DAD scope ?? References: <5.1.0.14.2.20030105063655.0321a8b8@mail.windriver.com> <3E19CBD4.2040704@iprg.nokia.com> <3E19CC6D.8030705@nc.rr.com> <7t5el7q9l1s.fsf@mrwint.cisco.com> In-Reply-To: <7t5el7q9l1s.fsf@mrwint.cisco.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Ole Troan wrote: >>Each ipv6-over-foo doc discusses modifications to ND, >>if necessary, for the particular link technology. For >>example, Section 5 of RFC 2023 (IPv6 over PPP) mentions >>that DAD is redundant and needn't be run. > > > my interpretation of IPv6 over PPP is different. DAD is redundant only > for the link-local address, but needs to be run for all other > addresses on the link. The last sentence of the 2nd paragraph in Section 5 states: "Therefore it is recommended that for PPP links with the IPV6CP Interface-Token option enabled the default value of the DupAddrDetectTransmits autoconfiguration variable [3] be zero." If DupAddrDetectTransmits is set to zero, then DAD is not run on the interface since it is an interface variable. The only thing that implies that this only is for link-local addresses is the title of the section. Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 13:21:50 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06LLo16013556; Mon, 6 Jan 2003 13:21:50 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h06LLol1013555; Mon, 6 Jan 2003 13:21:50 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06LLl16013548 for ; Mon, 6 Jan 2003 13:21:47 -0800 (PST) Received: from kathmandu.sun.com (kathmandu.Central.Sun.COM [129.147.5.36]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h06LLkXq013373 for ; Mon, 6 Jan 2003 13:21:46 -0800 (PST) Received: from ithilien.qualcomm.com (ithilien.qualcomm.com [129.46.51.59]) by kathmandu.sun.com (8.9.3+Sun/8.9.3) with ESMTP id OAA06787 for ; Mon, 6 Jan 2003 14:21:41 -0700 (MST) Received: from magus.qualcomm.com (magus.qualcomm.com [129.46.61.148]) by ithilien.qualcomm.com (8.12.3/8.12.5/1.0) with ESMTP id h06LK8mI015860; Mon, 6 Jan 2003 13:20:08 -0800 (PST) Received: from SIVAV.qualcomm.com (vpn-10-50-0-7.qualcomm.com [10.50.0.7]) by magus.qualcomm.com (8.12.3/8.12.5/1.0) with ESMTP id h06LK59A022503; Mon, 6 Jan 2003 13:20:06 -0800 (PST) Message-Id: <4.3.1.2.20030106131308.01e60ef8@jittlov.qualcomm.com> X-Sender: sivav@jittlov.qualcomm.com X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Mon, 06 Jan 2003 13:20:07 -0800 To: Brian Haberman From: Siva Veerepalli Subject: Re: [6bone] Re: DAD scope ?? Cc: "Fred L. Templin" , Margaret Wasserman , Keshava Ayanur , 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com In-Reply-To: <3E19CC6D.8030705@nc.rr.com> References: <3E19CBD4.2040704@iprg.nokia.com> <5.1.0.14.2.20030105063655.0321a8b8@mail.windriver.com> <3E19CBD4.2040704@iprg.nokia.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk True, that is recommended as the default value. However, if a PPP link is to support the privacy extensions RFC3041, wouldn't the node have to perform DAD when generating an address using an interface ID different from the one negotiated during IPv6CP? Of course, if one node on the PPP link does not support RFC3046 (i.e., does not generate additional interface IDs), then DAD could still be avoided. Regards, Siva At 01:35 PM 1/6/2003 -0500, Brian Haberman wrote: >Each ipv6-over-foo doc discusses modifications to ND, >if necessary, for the particular link technology. For >example, Section 5 of RFC 2023 (IPv6 over PPP) mentions >that DAD is redundant and needn't be run. > >Regards, >Brian > >Fred L. Templin wrote: >>Margaret/others, >>Margaret Wasserman wrote: >> >>>DAD is a link-local mechanism (uses link-local multicast >>>packets). So, while it checks all addresses, it only >>>explicitly checks for duplicate addresses on the local link. >> >>What about DAD for links that are unicast-only? Alternatives >>I can imagine are: >> 1. specify some sort of unicast mechanism for DAD >> 2. perform some sort of multicast emulation (e.g., MARS) >> 3. avoid DAD alltogether when one can assume that addresses >> are uniquely assigned within the site >>Thoughts? >>Fred Templin >>ftemplin@iprg.nokia.com >> >>-------------------------------------------------------------------- >>IETF IPng Working Group Mailing List >>IPng Home Page: http://playground.sun.com/ipng >>FTP archive: ftp://playground.sun.com/pub/ipng >>Direct all administrative requests to majordomo@sunroof.eng.sun.com >>-------------------------------------------------------------------- > > >_______________________________________________ >6bone mailing list >6bone@mailman.isi.edu >http://mailman.isi.edu/mailman/listinfo/6bone -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 13:35:21 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06LZK16013722; Mon, 6 Jan 2003 13:35:21 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h06LZKMD013721; Mon, 6 Jan 2003 13:35:20 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h06LZH16013714 for ; Mon, 6 Jan 2003 13:35:17 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h06LZHXq017085 for ; Mon, 6 Jan 2003 13:35:17 -0800 (PST) Received: from sj-msg-core-3.cisco.com (sj-msg-core-3.cisco.com [171.70.157.152]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id NAA03355 for ; Mon, 6 Jan 2003 13:35:12 -0800 (PST) Received: from cisco.com (mrwint.cisco.com [144.254.98.48]) by sj-msg-core-3.cisco.com (8.12.2/8.12.2) with ESMTP id h06LX3jS018062; Mon, 6 Jan 2003 13:33:04 -0800 (PST) Received: (from otroan@localhost) by cisco.com (8.8.8/2.6/Cisco List Logging/8.8.8) id VAA14260; Mon, 6 Jan 2003 21:33:35 GMT X-Authentication-Warning: mrwint.cisco.com: otroan set sender to ot@cisco.com using -f To: Brian Haberman Cc: "Fred L. Templin" , Margaret Wasserman , Keshava Ayanur , 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Subject: Re: DAD scope ?? From: Ole Troan Date: Mon, 06 Jan 2003 21:33:35 +0000 In-Reply-To: <3E19D650.4020605@nc.rr.com> (Brian Haberman's message of "Mon, 06 Jan 2003 14:17:36 -0500") Message-ID: <7t54r8m9d5c.fsf@mrwint.cisco.com> User-Agent: Gnus/5.090011 (Oort Gnus v0.11) Emacs/21.2 (sparc-sun-solaris2.8) References: <5.1.0.14.2.20030105063655.0321a8b8@mail.windriver.com> <3E19CBD4.2040704@iprg.nokia.com> <3E19CC6D.8030705@nc.rr.com> <7t5el7q9l1s.fsf@mrwint.cisco.com> <3E19D650.4020605@nc.rr.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk >>>Each ipv6-over-foo doc discusses modifications to ND, >>>if necessary, for the particular link technology. For >>>example, Section 5 of RFC 2023 (IPv6 over PPP) mentions >>>that DAD is redundant and needn't be run. >> my interpretation of IPv6 over PPP is different. DAD is redundant >> only >> for the link-local address, but needs to be run for all other >> addresses on the link. > > The last sentence of the 2nd paragraph in Section 5 states: > > "Therefore it is recommended that for PPP links with > the IPV6CP Interface-Token option enabled the default > value of the DupAddrDetectTransmits autoconfiguration > variable [3] be zero." > > If DupAddrDetectTransmits is set to zero, then DAD is not run > on the interface since it is an interface variable. The only > thing that implies that this only is for link-local addresses > is the title of the section. agree the text needs to be clarified. it is as necessary to do DAD for all addresses (apart from the link-local) on PPP links as it is for Ethernet links. btw: since you are using the term "Interface-Token" are you referring to the old PPP RFC, and not RFC2472? /ot -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 17:46:34 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h071kY16016809; Mon, 6 Jan 2003 17:46:34 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h071kYSY016808; Mon, 6 Jan 2003 17:46:34 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h071kU16016801 for ; Mon, 6 Jan 2003 17:46:31 -0800 (PST) Received: from kathmandu.sun.com (kathmandu.Central.Sun.COM [129.147.5.36]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h071kUXq029057 for ; Mon, 6 Jan 2003 17:46:30 -0800 (PST) Received: from mailout3.samsung.com ([203.254.224.33]) by kathmandu.sun.com (8.9.3+Sun/8.9.3) with ESMTP id SAA26369 for ; Mon, 6 Jan 2003 18:46:24 -0700 (MST) Received: from custom-daemon.mailout3.samsung.com by mailout3.samsung.com (iPlanet Messaging Server 5.2 HotFix 1.05 (built Nov 6 2002)) id <0H8B00E09M8LPS@mailout3.samsung.com> for ipng@sunroof.eng.sun.com; Tue, 07 Jan 2003 10:45:57 +0900 (KST) Received: from ep_mmp1 (localhost [127.0.0.1]) by mailout3.samsung.com (iPlanet Messaging Server 5.2 HotFix 1.05 (built Nov 6 2002)) with ESMTP id <0H8B008COM8G8X@mailout3.samsung.com> for ipng@sunroof.eng.sun.com; Tue, 07 Jan 2003 10:45:52 +0900 (KST) Received: from daniel7209 ([168.219.203.183]) by mmp1.samsung.com (iPlanet Messaging Server 5.2 HotFix 1.05 (built Nov 6 2002)) with ESMTPA id <0H8B00FMKMM0WU@mmp1.samsung.com> for ipng@sunroof.eng.sun.com; Tue, 07 Jan 2003 10:54:00 +0900 (KST) Date: Tue, 07 Jan 2003 10:44:31 +0900 From: Soohong Daniel Park Subject: RE: NATPT prefix ... In-reply-to: <000001c2b573$a89fb2e0$68226e0a@HUAWEI.COM> To: "'Keshava Ayanur'" , 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Message-id: <001801c2b5ee$52f2c140$b7cbdba8@daniel7209> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Mailer: Microsoft Outlook, Build 10.0.2627 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk -----Original Message----- From: owner-ipng@sunroof.eng.sun.com [mailto:owner-ipng@sunroof.eng.sun.com] On Behalf Of Keshava Ayanur Sent: Monday, January 06, 2003 8:06 PM To: 6bone@mailman.isi.edu; ipng@sunroof.eng.sun.com Cc: keshav Subject: NATPT prefix ... I have question about NAT-PT (RFC 2766). How does the hosts, routers in the IPV6 domain knows about the NATPT prefix that they should use when sending V6 packets to V4 network. should be received from RA, if not, addresses should be configured by manually configuration. NAT-PT router which resides in the border between V6 & V4 cloud should advertise this prefix. How ? general RA processing -Daniel Regards, keshava -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 6 18:35:11 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h072ZA16017007; Mon, 6 Jan 2003 18:35:10 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h072ZAgE017006; Mon, 6 Jan 2003 18:35:10 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h072Z716016999 for ; Mon, 6 Jan 2003 18:35:07 -0800 (PST) Received: from pheriche.sun.com (pheriche.Central.Sun.COM [129.147.5.34]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h072Z6uk017274 for ; Mon, 6 Jan 2003 18:35:07 -0800 (PST) Received: from mta0 ([61.144.161.10]) by pheriche.sun.com (8.9.3+Sun/8.9.3) with ESMTP id TAA09722 for ; Mon, 6 Jan 2003 19:34:57 -0700 (MST) Received: from ly (mta0 [172.17.1.62]) by mta0.huawei.com (iPlanet Messaging Server 5.2 HotFix 0.8 (built Jul 12 2002)) with ESMTPA id <0H8B00KFBOF54E@mta0.huawei.com> for ipng@sunroof.eng.sun.com; Tue, 07 Jan 2003 10:33:08 +0800 (CST) Date: Tue, 07 Jan 2003 10:34:04 +0800 From: Keshava Ayanur Subject: RE: NATPT prefix ... In-reply-to: <001801c2b5ee$52f2c140$b7cbdba8@daniel7209> To: "'Soohong Daniel Park'" Cc: 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com, Keshava Message-id: <000001c2b5f5$3f1bd9c0$68226e0a@HUAWEI.COM> Organization: Huawei Technology MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 X-Mailer: Microsoft Outlook, Build 10.0.3416 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hi Daniel, Of course NAT-PT router can advertise the prefix in RA. But there is no such option in RA, so that NAT-PT router can say if you want go across V4 (V6) cloud please use this prefix ? keshava -----Original Message----- From: Soohong Daniel Park [mailto:soohong.park@samsung.com] Sent: Tuesday, January 07, 2003 9:45 AM To: 'Keshava Ayanur'; 6bone@mailman.isi.edu; ipng@sunroof.eng.sun.com Subject: RE: NATPT prefix ... -----Original Message----- From: owner-ipng@sunroof.eng.sun.com [mailto:owner-ipng@sunroof.eng.sun.com] On Behalf Of Keshava Ayanur Sent: Monday, January 06, 2003 8:06 PM To: 6bone@mailman.isi.edu; ipng@sunroof.eng.sun.com Cc: keshav Subject: NATPT prefix ... I have question about NAT-PT (RFC 2766). How does the hosts, routers in the IPV6 domain knows about the NATPT prefix that they should use when sending V6 packets to V4 network. should be received from RA, if not, addresses should be configured by manually configuration. NAT-PT router which resides in the border between V6 & V4 cloud should advertise this prefix. How ? general RA processing -Daniel Regards, keshava -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 00:13:55 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h078Dt16018060; Tue, 7 Jan 2003 00:13:55 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h078DsEU018059; Tue, 7 Jan 2003 00:13:54 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h078Dp16018052 for ; Tue, 7 Jan 2003 00:13:51 -0800 (PST) Received: from pheriche.sun.com (pheriche.Central.Sun.COM [129.147.5.34]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h078E0Xq028776 for ; Tue, 7 Jan 2003 00:14:00 -0800 (PST) Received: from realname ([203.254.224.24]) by pheriche.sun.com (8.9.3+Sun/8.9.3) with ESMTP id BAA20985 for ; Tue, 7 Jan 2003 01:13:54 -0700 (MST) Received: from custom-daemon.mailout1.samsung.com by mailout1.samsung.com (iPlanet Messaging Server 5.2 HotFix 1.05 (built Nov 6 2002)) id <0H8C0090146QI8@mailout1.samsung.com> for ipng@sunroof.eng.sun.com; Tue, 07 Jan 2003 17:13:39 +0900 (KST) Received: from ep_mmp1 (localhost [127.0.0.1]) by mailout1.samsung.com (iPlanet Messaging Server 5.2 HotFix 1.05 (built Nov 6 2002)) with ESMTP id <0H8C005JQ46QUL@mailout1.samsung.com> for ipng@sunroof.eng.sun.com; Tue, 07 Jan 2003 17:13:38 +0900 (KST) Received: from daniel7209 ([168.219.203.183]) by mmp1.samsung.com (iPlanet Messaging Server 5.2 HotFix 1.05 (built Nov 6 2002)) with ESMTPA id <0H8C00HKY4K8F6@mmp1.samsung.com> for ipng@sunroof.eng.sun.com; Tue, 07 Jan 2003 17:21:44 +0900 (KST) Date: Tue, 07 Jan 2003 17:12:15 +0900 From: Soohong Daniel Park Subject: RE: NATPT prefix ... In-reply-to: <000001c2b5f5$3f1bd9c0$68226e0a@HUAWEI.COM> To: "'Keshava Ayanur'" Cc: ipng@sunroof.eng.sun.com Message-id: <003201c2b624$7cfda230$b7cbdba8@daniel7209> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Mailer: Microsoft Outlook, Build 10.0.2627 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk -----Original Message----- From: Keshava Ayanur [mailto:keshavaak@huawei.com] Sent: Tuesday, January 07, 2003 11:34 AM To: 'Soohong Daniel Park' Cc: 6bone@mailman.isi.edu; ipng@sunroof.eng.sun.com; Keshava Subject: RE: NATPT prefix ... Hi Daniel, Of course NAT-PT router can advertise the prefix in RA. But there is no such option in RA, so that NAT-PT router can say if you want go across V4 (V6) cloud please use this prefix ? why does it need an option for advertisement ? all mechanisms are same as general IPv6 network. -Daniel keshava -----Original Message----- From: Soohong Daniel Park [mailto:soohong.park@samsung.com] Sent: Tuesday, January 07, 2003 9:45 AM To: 'Keshava Ayanur'; 6bone@mailman.isi.edu; ipng@sunroof.eng.sun.com Subject: RE: NATPT prefix ... -----Original Message----- From: owner-ipng@sunroof.eng.sun.com [mailto:owner-ipng@sunroof.eng.sun.com] On Behalf Of Keshava Ayanur Sent: Monday, January 06, 2003 8:06 PM To: 6bone@mailman.isi.edu; ipng@sunroof.eng.sun.com Cc: keshav Subject: NATPT prefix ... I have question about NAT-PT (RFC 2766). How does the hosts, routers in the IPV6 domain knows about the NATPT prefix that they should use when sending V6 packets to V4 network. should be received from RA, if not, addresses should be configured by manually configuration. NAT-PT router which resides in the border between V6 & V4 cloud should advertise this prefix. How ? general RA processing -Daniel Regards, keshava -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 01:34:21 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h079YK16018413; Tue, 7 Jan 2003 01:34:20 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h079YKIk018412; Tue, 7 Jan 2003 01:34:20 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h079YH16018405 for ; Tue, 7 Jan 2003 01:34:17 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h079YQXq013285 for ; Tue, 7 Jan 2003 01:34:26 -0800 (PST) Received: from webbox24.server-home.net (webbox24.server-home.net [62.208.70.33]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id BAA23135 for ; Tue, 7 Jan 2003 01:34:15 -0800 (PST) Received: from nbsteuernagel (unknown [62.26.245.174]) by webbox24.server-home.net (Postfix) with ESMTP id 8D0709171B for ; Tue, 7 Jan 2003 10:34:00 +0100 (CET) From: "Kai Steuernagel" To: Subject: RE: Food for thought: Shifting layer 2 functionality to layer 3 with IPv6 Date: Tue, 7 Jan 2003 10:34:16 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MIMEOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hi Walter, I see some points which you currently do not address when eliminating Layer 2. - In every network structure we have a layer 2 protocol for a few tasks to do. e.g. IP doesn't provide framing, - finding start and end of packet. This is a task of a layer 2 protocol. On Most WAN-links ist done by PPP (e.g. in POS) or other encapsulation (e.g. RFC2684). - I agree that the addressing structure of ethernet is not any longer needed in this length, but it is a huge effort to change it since every NIC is using it today and backward compatibility has to be maintained. Inside the IEEE 802.3 standard it could be reduced to a two byte addressing scheme, but I believe that NICs are not prepared to work in this mode. Maybe in the loooooong term? - Today and in IP networks layer 2 braodcasts are more or less only used for ARP. There is no other need as long the network supports layer-2 multicast. I see today that in campus networks there is a trend to replace the layer2 switches by layer2/3 switches and use OSPF for load balancing on the links between replacing Spanning Tree. This could be the first step towards the scenario you describe. On the other hand, layer2 switching isn't to bad and really easy to handle compared to a 100 router OSPF network with 5000 networks (prefixes). Maybe we need an innovation in routing protocols before that step. Regards Kai Kai Steuernagel Head of Product Management and Technology Pan Dacom Networking AG Robert-Bosch-Str. 32 63303 Dreieich GERMANY Tel.: +49 6103-932 149 Fax: +49 6103-932 400 Mobil: +49 177-6932 166 (voice mail) Email: steuernagel@ffm.pandacom.de Web: http://www.pandacom.de Nets work together. *** Kai Steuernagel kai@steuernagel.net www.steuernagel.net www.churchofip.org *** -----Original Message----- From: owner-ipng@sunroof.eng.sun.com [mailto:owner-ipng@sunroof.eng.sun.com]On Behalf Of Walter Zimmer Sent: Monday, December 16, 2002 12:12 PM To: ipng@sunroof.eng.sun.com Subject: Food for thought: Shifting layer 2 functionality to layer 3 with IPv6 Hi! Analyzing the trends in internet technology, which might be summarized as 'towards IP everywhere', I arrived at the following statement: "In a longer timeframe, it makes sense in LANs to incoporate all layer 2 functionality into layer 3." Note: - long timeframe - talking of LANs, not core networks - layer 2 will relly be ethernet - layer 3 will really be IPv6 (I think everybody agrees that this won't come for IPv4 :) Since this is the IPv6 list, I think the people with the most valuable contributions are here. First, lets make a list what functionality ethernet layer 2 includes: A1 - medium access (anyone remembers the good old days of CSMA-CD ? :) A2 - enable local 'routing' (switching) in networking components A3 - broadcast service A4 - multicast service A5 - addressing at layer 2 is needed for autoconfig protocols A6 - ARP is included and necessary for layer 3 operation Note that layer 1 is untouched. There is no better and more cost eficient method of transmitting frames in LANs than ethernet right now, and I think also in the future, because it is designed well and lasting. Here are the arguments supporting the above statement: B1 - In the long run, medium access won't be necessary because ethernet is evolving into a tree based architecture even in cost sensitive areas (e.g. at home) (A1). B2 - Routing in a LAN close to the end devices is not significantly more computing-intensive than switching. Therefore, as computing power gets cheaper, it makes sense to build routing-only devices (A2). B3 - Broadcasts are not necessary in IPv6, because we have a far better mechanism (service-specific multicast) already incorporated (A3). B4 - Multicast is also a available in IPv6. B5 - Autoconifg in IPv4 uses IPv6 broadcast protocols (A5). B6 - Address resolution (also NDP) would not be necessary any more (A6). B7 - Office router software will become more simple, because they won't need layer 2 any more. B8 - If the MAC address is included in the IP address anyway, why repeat it in the ethernet header? Better save the bandwidth. B9 - Security is enhanced: ARP cache poisoning is not possible, because the plug-and-play protocol introduced into IPv6 to propagate addresses would be designed with security in mind. Yes, encryption will come, but ARP cache spamming DoS cannot be prevented without modifying ARP. MAC address locking is no real solution since the administrative overhead is to high. The downsides: C1 - It might really be too early to think about this. However, if everybody agrees that it will come, then it might be beneficial to design current RFCs with that in mind. C2 - Simple switches will need redesign to become IPv6 routers. That's the price for B7. C3 - There will be poblems if the transition strategy is poorly designed. Since ethernet chips today don't insist on sending ethernet headers, seamless transition should be possible. C4 - VLANs would be a problem if the flowlabel could not be used for it. I want to collect pros and especially the cons (since a have so few) for this statement, technical and political, so don't hesitate to express them, either via the list or personal. I'll summarize. Also, pointers to other mailing lists or other information resources would be greatly appreciated. Merry christmas, Walter -- Fraunhofer-Einrichtung Systeme der Kommunikationstechnik (ESK) Walter Zimmer Hansastrasse 32 Dipl.-Inf. D-80686 Munich Telefon: +49(0)89-547088-344 walter.zimmer@esk.fraunhofer.de Telefax: +49(0)89-547088-221 -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 01:54:22 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h079sL16018678; Tue, 7 Jan 2003 01:54:21 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h079sLxV018677; Tue, 7 Jan 2003 01:54:21 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h079sH16018670 for ; Tue, 7 Jan 2003 01:54:18 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h079sQuk016509 for ; Tue, 7 Jan 2003 01:54:26 -0800 (PST) Received: from sj-msg-core-4.cisco.com (sj-msg-core-4.cisco.com [171.71.163.54]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id BAA19839 for ; Tue, 7 Jan 2003 01:54:21 -0800 (PST) Received: from cisco.com (mrwint.cisco.com [144.254.98.48]) by sj-msg-core-4.cisco.com (8.12.2/8.12.2) with ESMTP id h079meKv018006; Tue, 7 Jan 2003 01:48:40 -0800 (PST) Received: (from otroan@localhost) by cisco.com (8.8.8/2.6/Cisco List Logging/8.8.8) id JAA28118; Tue, 7 Jan 2003 09:48:39 GMT X-Authentication-Warning: mrwint.cisco.com: otroan set sender to ot@cisco.com using -f To: John Fraizer Cc: Brian Haberman , "Fred L. Templin" , Margaret Wasserman , Keshava Ayanur , 6bone@mailman.isi.edu, ipng@sunroof.eng.sun.com Subject: Re: [6bone] Re: DAD scope ?? From: Ole Troan Date: Tue, 07 Jan 2003 09:48:39 +0000 In-Reply-To: (John Fraizer's message of "Mon, 6 Jan 2003 18:26:27 -0500 (EST)") Message-ID: <7t5adid8f48.fsf@mrwint.cisco.com> User-Agent: Gnus/5.090011 (Oort Gnus v0.11) Emacs/21.2 (sparc-sun-solaris2.8) References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk >> > Each ipv6-over-foo doc discusses modifications to ND, >> > if necessary, for the particular link technology. For >> > example, Section 5 of RFC 2023 (IPv6 over PPP) mentions >> > that DAD is redundant and needn't be run. >> >> my interpretation of IPv6 over PPP is different. DAD is redundant only >> for the link-local address, but needs to be run for all other >> addresses on the link. >> >> /ot > > Um, PPP stands for Point-to-point-Protocol. So, tell me... Which other > addresses ARE there going to be on the link? not sure I understand the question. a point to point link has two nodes connected. each node can have, at least in principle, as many addresses configured as it wants, including RFC3041 and manually configured. /ot -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 02:10:45 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07AAj16019055; Tue, 7 Jan 2003 02:10:45 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h07AAjus019054; Tue, 7 Jan 2003 02:10:45 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07AAf16019046; Tue, 7 Jan 2003 02:10:41 -0800 (PST) Received: from pheriche.sun.com (pheriche.Central.Sun.COM [129.147.5.34]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h07AAoXq017998; Tue, 7 Jan 2003 02:10:50 -0800 (PST) Received: from mta0 ([61.144.161.10]) by pheriche.sun.com (8.9.3+Sun/8.9.3) with ESMTP id DAA19818; Tue, 7 Jan 2003 03:10:41 -0700 (MST) Received: from ly (mta0 [172.17.1.62]) by mta0.huawei.com (iPlanet Messaging Server 5.2 HotFix 0.8 (built Jul 12 2002)) with ESMTPA id <0H8C00LI19ITJN@mta0.huawei.com>; Tue, 07 Jan 2003 18:08:55 +0800 (CST) Date: Tue, 07 Jan 2003 18:09:54 +0800 From: Keshava Ayanur Subject: RE: NATPT prefix ... In-reply-to: <003201c2b624$7cfda230$b7cbdba8@daniel7209> To: "'Soohong Daniel Park'" Cc: ipng@sunroof.eng.sun.com, owner-ipng@sunroof.eng.sun.com Message-id: <000001c2b634$ecf79b80$68226e0a@HUAWEI.COM> Organization: Huawei Technology MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 X-Mailer: Microsoft Outlook, Build 10.0.3416 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk OK, Danial, Lets take this . |------| |------| |-------| |______|-----V6------|______|---V6-----|_______|----------V4 RX RY RZ (NAT-PT) 1) RZ needs to advertice the NAT-PT prefix to RX. How does Rz tells it to RX.( using Router Advertisement). 2) Otherwice how does RX knows to reach V4 cloud it should NAT-PT prefix ? keshava -----Original Message----- From: owner-ipng@sunroof.eng.sun.com [mailto:owner-ipng@sunroof.eng.sun.com] On Behalf Of Soohong Daniel Park Sent: Tuesday, January 07, 2003 4:12 PM To: 'Keshava Ayanur' Cc: ipng@sunroof.eng.sun.com Subject: RE: NATPT prefix ... -----Original Message----- From: Keshava Ayanur [mailto:keshavaak@huawei.com] Sent: Tuesday, January 07, 2003 11:34 AM To: 'Soohong Daniel Park' Cc: 6bone@mailman.isi.edu; ipng@sunroof.eng.sun.com; Keshava Subject: RE: NATPT prefix ... Hi Daniel, Of course NAT-PT router can advertise the prefix in RA. But there is no such option in RA, so that NAT-PT router can say if you want go across V4 (V6) cloud please use this prefix ? why does it need an option for advertisement ? all mechanisms are same as general IPv6 network. -Daniel keshava -----Original Message----- From: Soohong Daniel Park [mailto:soohong.park@samsung.com] Sent: Tuesday, January 07, 2003 9:45 AM To: 'Keshava Ayanur'; 6bone@mailman.isi.edu; ipng@sunroof.eng.sun.com Subject: RE: NATPT prefix ... -----Original Message----- From: owner-ipng@sunroof.eng.sun.com [mailto:owner-ipng@sunroof.eng.sun.com] On Behalf Of Keshava Ayanur Sent: Monday, January 06, 2003 8:06 PM To: 6bone@mailman.isi.edu; ipng@sunroof.eng.sun.com Cc: keshav Subject: NATPT prefix ... I have question about NAT-PT (RFC 2766). How does the hosts, routers in the IPV6 domain knows about the NATPT prefix that they should use when sending V6 packets to V4 network. should be received from RA, if not, addresses should be configured by manually configuration. NAT-PT router which resides in the border between V6 & V4 cloud should advertise this prefix. How ? general RA processing -Daniel Regards, keshava -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 04:09:07 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07C9716019973; Tue, 7 Jan 2003 04:09:07 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h07C97U4019972; Tue, 7 Jan 2003 04:09:07 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07C9316019964; Tue, 7 Jan 2003 04:09:03 -0800 (PST) Received: from lukla.Sun.COM (lukla.Central.Sun.COM [129.147.5.31]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h07C9Duk002329; Tue, 7 Jan 2003 04:09:13 -0800 (PST) Received: from mta0 ([61.144.161.10]) by lukla.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id FAA02904; Tue, 7 Jan 2003 05:09:04 -0700 (MST) Received: from ly (mta0 [172.17.1.62]) by mta0.huawei.com (iPlanet Messaging Server 5.2 HotFix 0.8 (built Jul 12 2002)) with ESMTPA id <0H8C00LBUEZKJN@mta0.huawei.com>; Tue, 07 Jan 2003 20:06:58 +0800 (CST) Date: Tue, 07 Jan 2003 20:07:57 +0800 From: Keshava Ayanur Subject: Change in path-MTU .. To: owner-ipng@sunroof.eng.sun.com, ipng@sunroof.eng.sun.com Cc: Keshava Message-id: <000001c2b645$6b0232a0$68226e0a@HUAWEI.COM> Organization: Huawei Technology MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 X-Mailer: Microsoft Outlook, Build 10.0.3416 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hi, I have a question about PATH-MTU . Should the IP stack inform the application about the change in path-MTU . Else how does the application running on UDP will know about change in the size ? Or is it up to the application running on UDP to care by some reliable mechanism ? Regards, keshava -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 04:15:18 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07CFI16020029; Tue, 7 Jan 2003 04:15:18 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h07CFHaN020028; Tue, 7 Jan 2003 04:15:17 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07CFE16020020 for ; Tue, 7 Jan 2003 04:15:14 -0800 (PST) Received: from pheriche.sun.com (pheriche.Central.Sun.COM [129.147.5.34]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h07CFOXq003134 for ; Tue, 7 Jan 2003 04:15:24 -0800 (PST) Received: from webserver.redes.unb.br ([164.41.67.130]) by pheriche.sun.com (8.9.3+Sun/8.9.3) with ESMTP id FAA16322 for ; Tue, 7 Jan 2003 05:15:17 -0700 (MST) Received: from webserver.redes.unb.br (localhost.localdomain [127.0.0.1]) by webserver.redes.unb.br (8.12.5/8.12.5) with ESMTP id h07CRoBB010959 for ; Tue, 7 Jan 2003 10:27:50 -0200 From: "Robson Lopes Jr. Mbone" Received: (from nobody@localhost) by webserver.redes.unb.br (8.12.5/8.12.5/Submit) id h07CRnXr010958; Tue, 7 Jan 2003 10:27:49 -0200 X-Authentication-Warning: webserver.redes.unb.br: nobody set sender to lopesjr@redes.unb.br using -f Received: from 200.163.10.179 (SquirrelMail authenticated user lopesjr) by webserver.redes.unb.br with HTTP; Tue, 7 Jan 2003 10:27:49 -0200 (BRST) Message-ID: <1570.200.163.10.179.1041942469.squirrel@webserver.redes.unb.br> Date: Tue, 7 Jan 2003 10:27:49 -0200 (BRST) Subject: QoS To: X-Priority: 3 Importance: Normal X-MSMail-Priority: Normal X-Mailer: SquirrelMail (version 1.2.6) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Does anyone have papers or something silimar about QoS and IPv6? Thanks, Robson. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 04:39:30 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07CdU16020390; Tue, 7 Jan 2003 04:39:30 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h07CdTxS020389; Tue, 7 Jan 2003 04:39:29 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07CdQ16020382 for ; Tue, 7 Jan 2003 04:39:27 -0800 (PST) Received: from lukla.Sun.COM (lukla.Central.Sun.COM [129.147.5.31]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h07CdaXq005993 for ; Tue, 7 Jan 2003 04:39:36 -0800 (PST) Received: from netcore.fi (netcore.fi [193.94.160.1]) by lukla.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id FAA14185 for ; Tue, 7 Jan 2003 05:39:30 -0700 (MST) Received: from localhost (pekkas@localhost) by netcore.fi (8.11.6/8.11.6) with ESMTP id h07CdGh24767; Tue, 7 Jan 2003 14:39:16 +0200 Date: Tue, 7 Jan 2003 14:39:16 +0200 (EET) From: Pekka Savola To: "Robson Lopes Jr. Mbone" cc: ipng@sunroof.eng.sun.com Subject: Re: QoS In-Reply-To: <1570.200.163.10.179.1041942469.squirrel@webserver.redes.unb.br> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk On Tue, 7 Jan 2003, Robson Lopes Jr. Mbone wrote: > Does anyone have papers or something silimar about QoS and IPv6? For your convenience, I've typed this URL to two search engines and copied them to you: http://www.altavista.com/web/results?q=%2BIPv6+%2BQoS+%2Bpaper&kgs=0&kls=1&avkw=qtrp http://citeseer.nj.nec.com/cs?q=IPv6+QoS&cs=1 Happy cut'n'pasting! Simple, ain't it! -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 04:40:05 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07Ce516020423; Tue, 7 Jan 2003 04:40:05 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h07Ce4Vn020422; Tue, 7 Jan 2003 04:40:04 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07Ce116020414; Tue, 7 Jan 2003 04:40:01 -0800 (PST) Received: from lukla.Sun.COM (lukla.Central.Sun.COM [129.147.5.31]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h07CeAXq006043; Tue, 7 Jan 2003 04:40:11 -0800 (PST) Received: from wiprom2mx1.wipro.com (wiprom2mx1.wipro.com [203.197.164.41]) by lukla.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id FAA14330; Tue, 7 Jan 2003 05:40:03 -0700 (MST) Received: from m2vwall5.wipro.com (m2vwall5.wipro.com [10.115.50.5]) by wiprom2mx1.wipro.com (8.11.3/8.11.3) with SMTP id h07Ce0S08916; Tue, 7 Jan 2003 18:10:00 +0530 (IST) Received: from blr-ec-msg02.wipro.com ([10.200.51.99]) by blr-ec-bh1.wipro.com with Microsoft SMTPSVC(5.0.2195.5329); Tue, 7 Jan 2003 18:09:55 +0530 Received: from wipro.com ([192.168.178.243]) by blr-ec-msg02.wipro.com with Microsoft SMTPSVC(5.0.2195.4905); Tue, 7 Jan 2003 18:09:55 +0530 Message-ID: <3E1ACBA3.E4BAF86@wipro.com> Date: Tue, 07 Jan 2003 18:14:19 +0530 From: Shashi Kumar Organization: Wipro Technologies X-Mailer: Mozilla 4.74 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Keshava Ayanur CC: owner-ipng@sunroof.eng.sun.com, ipng@sunroof.eng.sun.com Subject: Re: Change in path-MTU .. References: <000001c2b645$6b0232a0$68226e0a@HUAWEI.COM> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 07 Jan 2003 12:39:55.0781 (UTC) FILETIME=[E1D9CB50:01C2B649] Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk ICMP layer should recalculate the path-MTU depending on ICMP redirect and update the routing entries appropriately and also inform packetization layer(s) about the change in path-MTU ( you can have your own algo.) -Shashi Keshava Ayanur wrote: > > Hi, > I have a question about PATH-MTU . > > Should the IP stack inform the application about the change in > path-MTU . > Else how does the application running on UDP will know about > change in the > size ? > Or is it up to the application running on UDP to care by some > reliable mechanism ? > > Regards, > keshava > > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to majordomo@sunroof.eng.sun.com > -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 05:32:56 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07DWt16020770; Tue, 7 Jan 2003 05:32:55 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h07DWts3020769; Tue, 7 Jan 2003 05:32:55 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07DWp16020762 for ; Tue, 7 Jan 2003 05:32:52 -0800 (PST) Received: from patan.sun.com (patan.Central.Sun.COM [129.147.5.43]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h07DX1uk012337 for ; Tue, 7 Jan 2003 05:33:01 -0800 (PST) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id GAA14554 for ; Tue, 7 Jan 2003 06:32:55 -0700 (MST) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA12182; Tue, 7 Jan 2003 08:29:38 -0500 (EST) Message-Id: <200301071329.IAA12182@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ipng@sunroof.eng.sun.com From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ipv6-ipaddressassign-06.txt Date: Tue, 07 Jan 2003 08:29:38 -0500 Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IP Version 6 Working Group Working Group of the IETF. Title : A Flexible Method for Managing the Assignment of Bites of an IPv6 Address Block Author(s) : M. Blanchet Filename : draft-ietf-ipv6-ipaddressassign-06.txt Pages : 8 Date : 2003-1-6 This document proposes a method to manage the assignment of bits of an IPv6 address block or range. When an organisation needs to make an address plan for its subnets or when an ISP needs to make an address plan for its customers, this method enables the organisation to postpone the final decision on the number of bits to partition in the address space they have. It does it by keeping the bits around the borders of the partition to be free as long as possible. This scheme is applicable to any bits addressing scheme using bits with partitions in the space, but its first intended use is for IPv6. It is a generalization of RFC1219 and can be used for IPv6 assignments. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ipv6-ipaddressassign-06.txt To remove yourself from the IETF Announcement list, send a message to ietf-announce-request with the word unsubscribe in the body of the message. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ipv6-ipaddressassign-06.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ipv6-ipaddressassign-06.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2003-1-6145413.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ipv6-ipaddressassign-06.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ipv6-ipaddressassign-06.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2003-1-6145413.I-D@ietf.org> --OtherAccess-- --NextPart-- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 07:11:30 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07FBU16020994; Tue, 7 Jan 2003 07:11:30 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h07FBTG9020993; Tue, 7 Jan 2003 07:11:29 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h07FBQ16020985; Tue, 7 Jan 2003 07:11:26 -0800 (PST) Received: from kathmandu.sun.com (kathmandu.Central.Sun.COM [129.147.5.36]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h07FBZuk026717; Tue, 7 Jan 2003 07:11:35 -0800 (PST) Received: from mg03.austin.ibm.com (mg03.austin.ibm.com [192.35.232.20]) by kathmandu.sun.com (8.9.3+Sun/8.9.3) with ESMTP id IAA19295; Tue, 7 Jan 2003 08:11:30 -0700 (MST) Received: from austin.ibm.com (netmail1.austin.ibm.com [9.3.7.138]) by mg03.austin.ibm.com (AIX4.3/8.9.3/8.9.3) with ESMTP id JAA13170; Tue, 7 Jan 2003 09:12:06 -0600 Received: from porkchop.austin.ibm.com (porkchop.austin.ibm.com [9.41.86.38]) by austin.ibm.com (AIX4.3/8.9.3/8.9.3) with ESMTP id JAA31852; Tue, 7 Jan 2003 09:10:54 -0600 Received: from localhost (lilianf@localhost) by porkchop.austin.ibm.com (AIX5.1/8.11.0/8.11.0-client1.01) with ESMTP id h07FArD43476; Tue, 7 Jan 2003 09:10:53 -0600 Date: Tue, 7 Jan 2003 09:10:53 -0600 (CST) From: Lilian Fernandes To: Shashi Kumar cc: Keshava Ayanur , , Subject: Re: Change in path-MTU .. In-Reply-To: <3E1ACBA3.E4BAF86@wipro.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Section 11.3 of draft-ietf-ipngwg-rfc2292bis-08 describes a socket option IPV6_RECVPATHMTU that a UDP application can set to be notified of path MTU changes. http://www.ietf.org/internet-drafts/draft-ietf-ipngwg-rfc2292bis-08.txt -Lilian On Tue, 7 Jan 2003, Shashi Kumar wrote: > ICMP layer should recalculate the path-MTU depending on ICMP redirect > and update the routing entries appropriately and also inform > packetization layer(s) about the change in path-MTU ( you can have your > own algo.) > > > -Shashi > > > Keshava Ayanur wrote: > > > > Hi, > > I have a question about PATH-MTU . > > > > Should the IP stack inform the application about the change in > > path-MTU . > > Else how does the application running on UDP will know about > > change in the > > size ? > > Or is it up to the application running on UDP to care by some > > reliable mechanism ? > > > > Regards, > > keshava > > > > -------------------------------------------------------------------- > > IETF IPng Working Group Mailing List > > IPng Home Page: http://playground.sun.com/ipng > > FTP archive: ftp://playground.sun.com/pub/ipng > > Direct all administrative requests to majordomo@sunroof.eng.sun.com > > -------------------------------------------------------------------- > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to majordomo@sunroof.eng.sun.com > -------------------------------------------------------------------- > _____________________________________________________________________ Lilian Fernandes AIX TCP/IP Development - IBM Austin Tel: 512-838-7966 Fax: 512-838-3509 -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 16:32:36 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h080Wa16023429; Tue, 7 Jan 2003 16:32:36 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h080WaiG023428; Tue, 7 Jan 2003 16:32:36 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h080WW16023420; Tue, 7 Jan 2003 16:32:32 -0800 (PST) Received: from lukla.Sun.COM (lukla.Central.Sun.COM [129.147.5.31]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h080Wfuk007946; Tue, 7 Jan 2003 16:32:41 -0800 (PST) Received: from mailhost.iprg.nokia.com (mailhost.iprg.nokia.com [205.226.5.12]) by lukla.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id RAA22626; Tue, 7 Jan 2003 17:32:32 -0700 (MST) Received: from darkstar.iprg.nokia.com (darkstar.iprg.nokia.com [205.226.5.69]) by mailhost.iprg.nokia.com (8.9.3/8.9.3-GLGS) with ESMTP id QAA27913; Tue, 7 Jan 2003 16:32:20 -0800 (PST) Received: (from root@localhost) by darkstar.iprg.nokia.com (8.11.0/8.11.0-DARKSTAR) id h080WHF09346; Tue, 7 Jan 2003 16:32:17 -0800 X-mProtect: <200301080032> Nokia Silicon Valley Messaging Protection Received: from UNKNOWN (205.226.2.67, claiming to be "iprg.nokia.com") by darkstar.iprg.nokia.com smtpde1zbvr; Tue, 07 Jan 2003 16:32:16 PST Message-ID: <3E1B73EA.1070904@iprg.nokia.com> Date: Tue, 07 Jan 2003 16:42:18 -0800 From: "Fred L. Templin" User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.2) Gecko/20021120 Netscape/7.01 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Lilian Fernandes CC: Shashi Kumar , Keshava Ayanur , owner-ipng@sunroof.eng.sun.com, ipng@sunroof.eng.sun.com Subject: Re: Change in path-MTU .. References: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk I believe the text you are referring to is the following: "When the application is sending packets too big for the path MTU recvmsg() will return zero (indicating no data) but there will be a cmsghdr with cmsg_type set to IPV6_PATHMTU, and cmsg_len will indicate that cmsg_data is sizeof(struct ip6_mtuinfo) bytes long." The way I read this, applications are informed of path MTU restrictions when they are actively sending packets that result in ICMPv6 "packet too big" error messages (i.e., even when the "packet too big" messages are locally-generated). I see no requirement in this specification for asynchronous notification of PMTU decreases. Instead, in RFC 1918, section 5.2, I see: Note: An implementation can avoid the use of an asynchronous notification mechanism for PMTU decreases by postponing notification until the next attempt to send a packet larger than the PMTU estimate. In this approach, when an attempt is made to SEND a packet that is larger than the PMTU estimate, the SEND function should fail and return a suitable error indication. This approach may be more suitable to a connectionless packetization layer (such as one using UDP), which (in some implementations) may be hard to "notify" from the ICMP layer. In this case, the normal timeout-based retransmission mechanisms would be used to recover from the dropped packets. Fred Templin ftemplin@iprg.nokia.com Lilian Fernandes wrote: > Section 11.3 of draft-ietf-ipngwg-rfc2292bis-08 describes a socket option > IPV6_RECVPATHMTU that a UDP application can set to be notified of path MTU > changes. > > http://www.ietf.org/internet-drafts/draft-ietf-ipngwg-rfc2292bis-08.txt > > -Lilian > > On Tue, 7 Jan 2003, Shashi Kumar wrote: > > >>ICMP layer should recalculate the path-MTU depending on ICMP redirect >>and update the routing entries appropriately and also inform >>packetization layer(s) about the change in path-MTU ( you can have your >>own algo.) >> >> >>-Shashi >> >> >>Keshava Ayanur wrote: >> >>>Hi, >>> I have a question about PATH-MTU . >>> >>> Should the IP stack inform the application about the change in >>>path-MTU . >>> Else how does the application running on UDP will know about >>>change in the >>> size ? >>> Or is it up to the application running on UDP to care by some >>> reliable mechanism ? >>> >>>Regards, >>>keshava >>> >>>-------------------------------------------------------------------- >>>IETF IPng Working Group Mailing List >>>IPng Home Page: http://playground.sun.com/ipng >>>FTP archive: ftp://playground.sun.com/pub/ipng >>>Direct all administrative requests to majordomo@sunroof.eng.sun.com >>>-------------------------------------------------------------------- >> >>-------------------------------------------------------------------- >>IETF IPng Working Group Mailing List >>IPng Home Page: http://playground.sun.com/ipng >>FTP archive: ftp://playground.sun.com/pub/ipng >>Direct all administrative requests to majordomo@sunroof.eng.sun.com >>-------------------------------------------------------------------- >> > > > _____________________________________________________________________ > > Lilian Fernandes > AIX TCP/IP Development - IBM Austin > Tel: 512-838-7966 Fax: 512-838-3509 > > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to majordomo@sunroof.eng.sun.com > -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 7 18:11:37 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h082Bb16023858; Tue, 7 Jan 2003 18:11:37 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h082BbDa023857; Tue, 7 Jan 2003 18:11:37 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h082BW16023850 for ; Tue, 7 Jan 2003 18:11:33 -0800 (PST) Received: from lukla.Sun.COM (lukla.Central.Sun.COM [129.147.5.31]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h082Bguk001545 for ; Tue, 7 Jan 2003 18:11:42 -0800 (PST) Received: from shuttle.wide.toshiba.co.jp (shuttle.wide.toshiba.co.jp [202.249.10.124]) by lukla.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id TAA05812 for ; Tue, 7 Jan 2003 19:11:20 -0700 (MST) Received: from localhost ([3ffe:501:100f:1048:bd67:6d47:e443:6563]) by shuttle.wide.toshiba.co.jp (8.11.6/8.9.1) with ESMTP id h0828cR75095; Wed, 8 Jan 2003 11:08:38 +0900 (JST) Date: Wed, 08 Jan 2003 11:08:46 +0900 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: "Fred L. Templin" Cc: Lilian Fernandes , Shashi Kumar , Keshava Ayanur , ipng@sunroof.eng.sun.com Subject: Re: Change in path-MTU .. In-Reply-To: <3E1B73EA.1070904@iprg.nokia.com> References: <3E1B73EA.1070904@iprg.nokia.com> User-Agent: Wanderlust/2.6.1 (Upside Down) Emacs/21.2 Mule/5.0 (SAKAKI) Organization: Research & Development Center, Toshiba Corp., Kawasaki, Japan. MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya") Content-Type: text/plain; charset=US-ASCII X-Dispatcher: imput version 20000228(IM140) Lines: 32 Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk >>>>> On Tue, 07 Jan 2003 16:42:18 -0800, >>>>> "Fred L. Templin" said: > I believe the text you are referring to is the following: > "When the application is sending packets too big for the path MTU > recvmsg() will return zero (indicating no data) but there will be a > cmsghdr with cmsg_type set to IPV6_PATHMTU, and cmsg_len will > indicate that cmsg_data is sizeof(struct ip6_mtuinfo) bytes long." > The way I read this, applications are informed of path MTU restrictions > when they are actively sending packets that result in ICMPv6 "packet too > big" error messages (i.e., even when the "packet too big" messages are > locally-generated). I see no requirement in this specification for > asynchronous notification of PMTU decreases. That depends on what you meant by "asynchronous" and "requirement". As for "asynchronous"ness: If the application watches a read (note: not "write") event on the UDP socket, it will be ale to receive the "asynchronous" notification when an ICMPv6 too big occurs. As for "requirement": Whether the application watches read events is (of course) up to the application; the specification does not require the application to follow the usage. In this sense, you are correct: there is no "requirement" in the specification for asynchronous notification. JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Wed Jan 8 11:25:39 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h08JPc16000478; Wed, 8 Jan 2003 11:25:39 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h08JPciB000477; Wed, 8 Jan 2003 11:25:38 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h08JPY16000470 for ; Wed, 8 Jan 2003 11:25:34 -0800 (PST) Received: from patan.sun.com (patan.Central.Sun.COM [129.147.5.43]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h08JPhuk020012 for ; Wed, 8 Jan 2003 11:25:43 -0800 (PST) Received: from mailhost.iprg.nokia.com (mailhost.iprg.nokia.com [205.226.5.12]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id MAA21406 for ; Wed, 8 Jan 2003 12:25:37 -0700 (MST) Received: from darkstar.iprg.nokia.com (darkstar.iprg.nokia.com [205.226.5.69]) by mailhost.iprg.nokia.com (8.9.3/8.9.3-GLGS) with ESMTP id LAA02854 for ; Wed, 8 Jan 2003 11:25:37 -0800 (PST) X-Delivered-For: Received: (from root@localhost) by darkstar.iprg.nokia.com (8.11.0/8.11.0-DARKSTAR) id h08JPaR32563 for ; Wed, 8 Jan 2003 11:25:36 -0800 X-mProtect: <200301081925> Nokia Silicon Valley Messaging Protection Received: from UNKNOWN (4.22.78.99, claiming to be "spruce.iprg.nokia.com") by darkstar.iprg.nokia.com smtpdgUUblG; Wed, 08 Jan 2003 11:25:33 PST Message-Id: <4.3.2.7.2.20030108112417.027c0330@mailhost.iprg.nokia.com> X-Sender: hinden@mailhost.iprg.nokia.com X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Wed, 08 Jan 2003 11:24:38 -0800 To: ipng@sunroof.eng.sun.com From: Internet-Drafts@ietf.org (by way of Bob Hinden ) Subject: I-D ACTION:draft-hinden-ipv6-sl-moderate-00.txt Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Moderate Use Case for IPv6 Site-Local Addresses Author(s) : R. Hinden Filename : draft-hinden-ipv6-sl-moderate-00.txt Pages : 7 Date : 2003-1-7 This internet draft describes the moderate use case for IPv6 Site- Local Addresses. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-hinden-ipv6-sl-moderate-00.txt To remove yourself from the IETF Announcement list, send a message to ietf-announce-request with the word unsubscribe in the body of the message. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-hinden-ipv6-sl-moderate-00.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-hinden-ipv6-sl-moderate-00.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. Content-Type: text/plain Content-ID: <2003-1-7160933.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-hinden-ipv6-sl-moderate-00.txt -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Wed Jan 8 11:53:25 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h08JrP16000954; Wed, 8 Jan 2003 11:53:25 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h08JrPod000953; Wed, 8 Jan 2003 11:53:25 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h08JrM16000946 for ; Wed, 8 Jan 2003 11:53:22 -0800 (PST) Received: from patan.sun.com (patan.Central.Sun.COM [129.147.5.43]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h08JrVuk028502 for ; Wed, 8 Jan 2003 11:53:31 -0800 (PST) Received: from netcore.fi (netcore.fi [193.94.160.1]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id MAA10304 for ; Wed, 8 Jan 2003 12:53:25 -0700 (MST) Received: from localhost (pekkas@localhost) by netcore.fi (8.11.6/8.11.6) with ESMTP id h08JrN504095 for ; Wed, 8 Jan 2003 21:53:23 +0200 Date: Wed, 8 Jan 2003 21:53:23 +0200 (EET) From: Pekka Savola To: ipng@sunroof.eng.sun.com Subject: [magma] IPv6 anycast usage API? (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk FYI, If you have thoughts on how anycast should work w/ applications, now would be a good time to state them :-) I think the discussion is probably best done only on the magma list. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings ---------- Forwarded message ---------- Date: Wed, 8 Jan 2003 21:25:43 +0200 (EET) From: Pekka Savola To: magma@ietf.org Subject: [magma] IPv6 anycast usage API? Hello, Has anyone given any thought to whether there should be any (IPv6) anycast addressing API for _applications_? As background, anycast support has usually been implemented either using: 1) an "anycast" flag when configuring an address with system administration -level tools like "ifconfig", or 2) some vendor-specific API which applications can use to signal that they would like to join an anycast "group". As you may note, this is very similar to how multicast works -- which is natural because the model is similar. I know a couple of implementations: most do 1), unofficial anycast support for Linux does 2). I'd be interested if there are other ways to make anycast addressing usable. The advantage of 2) is that it gets closer to applications: when an application using an anycast address (e.g. DNS server software) e.g. crashes, the anycast address automatically gets removed. Of course, there are still failure modes, but I believe this closer to the usage model if we want anycast to be usable for applications, and want to use it robustly. Of course, for some cases, 1) is also useful -- but they are not exclusive, I think. Comments are very much welcome. Should we try to document some simple API for anycast for applications, for example? -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings _______________________________________________ magma mailing list magma@ietf.org https://www1.ietf.org/mailman/listinfo/magma -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Wed Jan 8 14:07:25 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h08M7P16001603; Wed, 8 Jan 2003 14:07:25 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h08M7P4p001602; Wed, 8 Jan 2003 14:07:25 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h08M7M16001595 for ; Wed, 8 Jan 2003 14:07:22 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h08M7Vuk006315 for ; Wed, 8 Jan 2003 14:07:31 -0800 (PST) Received: from ondar.cablelabs.com (ondar.cablelabs.com [192.160.73.61]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id OAA06045 for ; Wed, 8 Jan 2003 14:07:26 -0800 (PST) Received: from srvxchg.cablelabs.com (srvxchg.cablelabs.com [10.5.0.20]) by ondar.cablelabs.com (8.12.6/8.12.6) with ESMTP id h08M7Nmb018177 for ; Wed, 8 Jan 2003 15:07:24 -0700 (MST) content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: Q: draft-ietf-ipv6-rfc2011-update-01.txt X-MimeOLE: Produced By Microsoft Exchange V6.0.5762.3 Date: Wed, 8 Jan 2003 15:07:23 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Q: draft-ietf-ipv6-rfc2011-update-01.txt Thread-Index: AcK3Vh7Oa0mRm+jxQ+ax0wvBZYQXuQAABaPA From: "Eduardo Cardona" To: X-Approved: ondar Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by sunroof.eng.sun.com id h08M7M16001596 Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hi all, Could you please indicate the reason for InetAddress SYNTAX in draft-ietf-ipv6-rfc2011-update-01.txt is described as : I may think ip to 20 will cover SYNTAX InetAddress (SIZE(0..36)) I may think up to ((SIZE(0..20)) will cover an inetAddressType ipv6z What else would I miss? About dns type there should be complice statements to not support that isn't it? Thanks Eduardo -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 9 05:52:36 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h09Dqa16005438; Thu, 9 Jan 2003 05:52:36 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h09DqaeR005437; Thu, 9 Jan 2003 05:52:36 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h09DqW16005430 for ; Thu, 9 Jan 2003 05:52:32 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h09DqeXq011900 for ; Thu, 9 Jan 2003 05:52:40 -0800 (PST) Received: from shuttle.wide.toshiba.co.jp (shuttle.wide.toshiba.co.jp [202.249.10.124]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id FAA18401 for ; Thu, 9 Jan 2003 05:52:34 -0800 (PST) Received: from localhost ([3ffe:501:4819:2000:89e2:cf3c:7bdd:8889]) by shuttle.wide.toshiba.co.jp (8.11.6/8.9.1) with ESMTP id h09DqTR93877; Thu, 9 Jan 2003 22:52:30 +0900 (JST) Date: Thu, 09 Jan 2003 22:52:36 +0900 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: narten@us.ibm.com Cc: ipng@sunroof.eng.sun.com Subject: Re: preferred lifetime > valid lifetime In-Reply-To: <200301031754.h03HsJO08210@cichlid.adsl.duke.edu> References: <200301031754.h03HsJO08210@cichlid.adsl.duke.edu> User-Agent: Wanderlust/2.6.1 (Upside Down) Emacs/21.2 Mule/5.0 (SAKAKI) Organization: Research & Development Center, Toshiba Corp., Kawasaki, Japan. MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya") Content-Type: text/plain; charset=US-ASCII X-Dispatcher: imput version 20000228(IM140) Lines: 62 Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Thanks for the response, and sorry for my delayed reaction. >>>>> On Fri, 03 Jan 2003 12:54:19 -0500, >>>>> Thomas Narten said: >> However, there seems to be no description about the case in RFC 2461. >> This is perhaps intentional, because the preferred lifetime does not >> affect on-link prefix configuration. So my question is: >> - is RFC 2461 intentionally silent about the case of preferred >> lifetime > valid lifetime? >> - if so, what should a host do when, for example, it receives a prefix >> with the L bit being set, the A bit being set, and preferred LT > >> valid LT? Should it just regard the prefix as on-link and not >> configure a corresponding address? >> - or, do I miss something in RFC 2461? > I don't know that it really matters that much whether one ignores the > on-link determiniation or not in this case. Neither seems particularly > catastrophic. > Note the follow words in 2461: > Stateless address autoconfiguration [ADDRCONF] may in some > circumstances increase the Valid Lifetime of a prefix or ignore it > completely in order to prevent a particular denial of service attack. > However, since the effect of the same denial of service targeted at > the on-link prefix list is not catastrophic (hosts would send packets > to a default router and receive a redirect rather than sending > packets directly to a neighbor) the Neighbor Discovery protocol does > not impose such a check on the prefix lifetime values. > I think similar logic applies to the case you describe. Hmm, so your point is that even if the receiving host ignores the prefix, it can still send a packet (whose destination address is covered by the prefix) to the router, which will then forward the packet back to the link. There's still an interoperability issue if a non forwarding node sends router advertisements with: + the router lifetime being 0 + a prefix where valid lifetime < preferred lifetime. though such a case may be too pathological to be covered in the spec. As a result, I tend to agree that it doesn't matter whether the receiving host ignores the prefix or not. However, it would be good for routers to have an additional clarification like for each advertised prefix, a router SHOULD ensure that the valid lifetime is not smaller than the valid lifetime. to reduce the possibility of interoperability issue when the spec is ever revised. Thanks, JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 9 07:41:14 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h09FfD16006152; Thu, 9 Jan 2003 07:41:14 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h09FfDmJ006151; Thu, 9 Jan 2003 07:41:13 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h09FfA16006144 for ; Thu, 9 Jan 2003 07:41:10 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h09FfIuk022358 for ; Thu, 9 Jan 2003 07:41:19 -0800 (PST) Received: from d12lmsgate-5.de.ibm.com (d12lmsgate-5.de.ibm.com [194.196.100.238]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id HAA28917 for ; Thu, 9 Jan 2003 07:41:12 -0800 (PST) Received: from d12relay02.de.ibm.com (d12relay02.de.ibm.com [9.165.215.23]) by d12lmsgate-5.de.ibm.com (8.12.3/8.12.3) with ESMTP id h09Ff8qf016114; Thu, 9 Jan 2003 16:41:08 +0100 Received: from etzel.zurich.ibm.com (etzel.zurich.ibm.com [9.4.64.140]) by d12relay02.de.ibm.com (8.12.3/NCO/VER6.4) with SMTP id h09Ff6TL281718; Thu, 9 Jan 2003 16:41:07 +0100 Received: from dhcp23-27.zurich.ibm.com by etzel.zurich.ibm.com (AIX 4.3/UCB 5.64/4.03) id AA24682 from ; Thu, 9 Jan 2003 16:40:59 +0100 Message-Id: <3E1D97E5.AC439497@hursley.ibm.com> Date: Thu, 09 Jan 2003 16:40:21 +0100 From: Brian E Carpenter Organization: IBM X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U) X-Accept-Language: en,fr,de Mime-Version: 1.0 To: Thomas Narten Cc: jarno.rajahalme@nokia.com, ipng@sunroof.eng.sun.com Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt References: <200301031728.h03HS1G07945@cichlid.adsl.duke.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Thomas, Thanks for the careful review. Comments inserted... Thomas Narten wrote: > > I reviewed the revised document today. Speaking as an individual, here > is my reaction: > > > Abstract > > > > This document specifies the IPv6 Flow Label field, the requirements > > for IPv6 source nodes labeling flows, and the requirements for flow > > state establishment methods. > > Note: what I would expect this draft to describe is: > > 1) what arbitrary source nodes should do with the flow label. > 2) what routers should do with the flow label. > > The document appears to do 1), but 2) is omitted from the document. Is > this OK? IMHO, it's not only OK, it is essential at this stage. There are a number of use cases for the flow label - if I even enumerated them here, they are controversial enough to start a flame war. The draft has been very carefully limited to *avoid* assuming any particular use case. It serves two purposes, in my view: -- setting globally applicable boundary conditions on what a sending host may and may not do; -- making it clear that intermediate systems may use the flow label for packet classification purposes (which means, in particular, that ASIC and network processor designers know that they should include the flow label in the fields potentially used by classifiers). Going beyond this point would take us back into the controversy we had on this list a year or so ago. So, to repeat, it would *not* be OK to attempt to specify what routers should do with the flow label. > I.e., I thought the main reason to specify the flow label is > so that current implementations can do something sensible with the > flow label. Is there enough guidance for router implementors (e.g., > those doing hardware) to add useful support for the flow label? I'm > not sure, but would like to hear from such implementors. As I said, there are multiple use cases and IMHO we should get this document out and then let the QOS community (not the IPv6 community) work on those use cases. Time will tell which ones succeed. > > > 2. IPv6 Flow Label Specification > > > > The 20-bit Flow Label field in the IPv6 header [IPv6] SHOULD be used > > by a source to label packets of a flow. A non-zero Flow Label > > Note: I don't think the SHOULD/MUST usage in this document is always > helpful or even correct. It would make sense to go read the defintions > in RFC 2119 as cited. This does mean SHOULD in the 2119 sense - hosts need a valid reason for not doing it. > > This document defines a flow as the three tuple. No "SHOULD" about > it. If a source wants to label a flow, it does so by setting the flow > label. A better wording would be something like: > > Flows in IPv6 identified by the tuple of the 20-bit Flow Label, > the IP source address, and the IP destination address in the IPv6 > header. No. We want to say that hosts SHOULD label flows. (Rationale: it's only by this becoming the norm that the flow label can become an effective tool. If only 1% of traffic is labelled, there is no benefit.) > > > The packet MAY be given some flow-specific treatment based on the > > flow state established on a set of IPv6 nodes. The nature of the > > MAY here seems odd too. Again, read the definition of MAY. It suggests > that an implementation may decide it makes sense to do something in > certain circumstances. But what I think the document is trying to say > here is that flow-specific processing is done by entities that have > been directed to do so. This is not an implementation choice in the > "MAY" sense. It has more to do whether a device implements flows and > then whether there is appropriate flow-state. Suggested reword: > > The packet will be processed in a flow-specific manner by those > nodes that have special processing enabled for packets belonging > to a particular flow. Agreed, or simply use lower case "may". > > Actually, the entire paragraph might be better as: > > IPv6 flows are defined by the tuple of the 20-bit Flow Label, the > IP source address, and the IP destination address in the IPv6 > header. Packet classifiers use the tuple to identify which flow a > particular packet belongs to. Packets will be processed in a > flow-specific manner by those nodes that have special processing > enabled for packets belonging to a particular flow. A Flow Label > of zero indicates an unlabelled packet that is given no special > treatment. The nature of the specific treatment and the methods > for the flow state establishment are beyond the scope of this > specification. Well, I think we want the SHOULD in there. We mean it. > > > The Flow Label value set by the source MUST be delivered unchanged to > > the destination node(s). > > Question: What is the above intended to mean? That the flow label must > be delivered to the destination unchanged from what it was set to by > the originator? Or that the flow label MUST NOT be modified by any > node along the path? (the two are different, and the words seem to say > the former.) It would be good to be clear. I prefer the "MUST NOT be modified" formulation if my co-authors agree. > > > IPv6 nodes MUST NOT assume any mathematical or other properties of > > the Flow Label values assigned by source nodes. Router performance > > SHOULD NOT be dependent on the distribution of the Flow Label values. > > Especially, the Flow Label bits alone make poor material for a hash > > key. > > I wonder if the above wording is even needed. Can this section just be > dropped? If not, suggested reword: > > Some early proposals for use of the IPv6 Flow Label suggested that > routers might use the Flow Label as a hash key for doing lookups as > an optimization. However, this technique assumed that Flow Label > values would make good material for a hash key in order that the > resultant hashes would be sufficiently distributed. In practice, > this cannot be relied upon, and would open up implementations to > potential denial-of-service attacks from attackers that > intentionally violate such an assumption. Consequently, IPv6 nodes > MUST NOT assume any mathematical or other properties of the Flow > Label values assigned by source nodes. Good > > > Nodes keeping dynamic flow state MUST NOT assume packets arriving 60 > > seconds or more after the previous packet of a flow still belong to > > the same flow, unless a flow state establishment method in use > > defines a longer flow state lifetime or the flow state has been > > explicitly refreshed within the lifetime duration. > > I'm not entirely comfortable with the above wording. It seems to me, > that any node making assumptions about flow values *needs* a flow > setup mechanism to go along with it. But if there is such a mechanism, > that mechanism can communicate appropriate timer values for timing out > state (and the above words are not needed). If there is no such > mechanism, what sort of flow-specific processing should assume that a > gap of 60 seconds implies a reset in the flow? We don't know, and 60 seconds is a compromise value anyway. But there seemed to be WG consensus that a default timeout is needed, since otherwise we are licensing implementors to create hard state. The authors have been round and round this many times, and this was the best we could come up with. (more comment on this below) > > What problem is the above wording intended to address? Use cases that nobody has thought of yet. > > > If an IPv6 node is not providing flow-specific treatment, it MUST > > ignore the field when receiving or forwarding a packet. > > Such a node is presumably not implementing this spec, in which case > the words seem superfluous... Delete? You're too logical :-) But I think this forbids attempts to abuse the label as a covert signalling channel, or otherwise use it for an unintended purpose. So I'd vote for keeping the sentence, but I don't feel strongly. > > > 3. Flow Labeling Requirements > > > > To enable Flow Label based classification, sources SHOULD assign each > > unrelated transport connection and application data stream to a new > > flow. The source MAY also take part in flow state establishment > > methods that result in assigning certain packets to specific flows. A > > source which does not assign traffic to flows MUST set the Flow Label > > to zero. > > I find the above a bit muddled and incomplete. Here is an attempt at > clarifying: I object. Your text starts to hint at use cases. I think we should absolutely avoid that, and restrict ourselves strictly to setting boundary conditions on senders. Also, we agreed earlier to take out all the stuff on APIs and picking flow label values. That was part of the Grand Simplification of the draft. So I don't agree that the paragraph is incomplete with respect to the goals of this document. Let me try a slight rewrite. To enable Flow Label based classification, sources SHOULD assign each unrelated transport connection and application data stream to a new flow and assign a new label value to that flow. The source may also take part in flow state establishment methods that result in assigning certain packets to specific flows to which label values have been assigned. A source which does not assign certain packets to flows MUST set the Flow Label to zero in those packets. > > A source enables flow-specific processing by assigning a non-zero > value to the Flow Label on outgoing packets. Because identifying > individual flows may only be possible with the direct help of > individual applications, there is no one rule for how and when to > label outgoing packets. In the absence of more-explicit > information (e.g, from an application), sources SHOULD assign each > new transport connection to a new flow. > > Applications should also be provided sufficient control over how > to set the Flow Label. Such indications should support: > > - use a specific value for the flow label (e.g., if the > application is participating in a flow setup protocol) > > - Let the system pick a value, but provide a way for the > application to specify that a previously-assigned value be > used when sending packets. This is to support applications > that have multiple flows, transported over what the system > might view as a single "connection" or "socket". > > ... [there are a bunch of things here that it probably makes > sense to at least indicate may be necessary. I don't think > this document should include the API, but it would be good > to itemize the types of operations that will need to be > supported.] > > A source that does not desire flow-specific processing sets the > Flow Label value to 0. However, this document requires that > implementations not set the value to 0 by default, in order to > enable the support load spreading. > > > A source node MUST keep track of the Flow Label values it is > > currently using or has recently used. > > Mumble. the above comes across as a restrictive requirement rather > than focusing on the key requirement to fulfill. Yes, we can replace MUST by "needs to". > > > Flow Label values previously > > used with a specific pair of source and destination addresses MUST > > NOT be assigned to new flows with the same address pair within 60 > > seconds of the termination of the previous flow. If the previous flow > > had a lifetime longer than the default 60 seconds, a quarantine > > period of at least the length of the lifetime MUST be observed. > > As mentioned above, I'm not sure about the 60 second value. Also, the > wording could be better. As noted, 60 seconds is a compromise. We looked at values anywhere between 10 and 600 seconds. There is no right answer, but 60 seems as good as we could get. (10 seemed too short for a slow TCP stream, and 600 seemed far too long, despite being the TCP timeout.) Wording suggestions? > > > The requirement of not reusing a Flow Label value for a new flow with > > the same pair of source and destination addresses extends across > > source node crashes and reboots. To avoid accidental Flow Label value > > reuse, the source node SHOULD use a different initial value for Flow > > Label assignments after a reboot. The initial value could be randomly > > generated, or computed from a previous value stored in non-volatile > > memory. > > Suggested rewording: > > A source node should not reuse a particular Flow Label for a > different flow until it is sure that any flow-specific state on > other nodes has timed out or been appropriately updated. In > particular, if a node reboots, it may lose track of which Flow > Label values it has used recently, and pick the same > ones. Implementations MUST ensure that they don't reuse Flow Labels > too quickly. The problem here is analagous to picking initial > sequence numbers when opening TCP connections after a > restart. There are number of ways to avoid reuse. One approach is > to have new Flow Label values be chosen in some well-defined order > (e.g., sequentially, a pseudo-random sequence, etc.). Upon a system > restart, the initial value could be randomly generated, or computed > from a previous value stored in non-volatile memory. Again, we removed some such text in the recent simplification of the document. Do you really think we should start re-complicating? > > > 4. Flow State Establishment Requirements > > > > To enable flow-specific treatment, flow state needs to be established > > on all or a subset of the IPv6 nodes on the path from the source to > > the destination(s). The methods for the state establishment, as well > > as the models for flow-specific treatment will be defined in separate > > specifications. > > > > To enable co-existence of different methods in IPv6 nodes, the > > methods MUST meet the following basic requirements: > > > > (1) The method MUST provide the means for flow state clean-up from > > the IPv6 nodes providing the flow-specific treatment. Signaling > > based methods where the source node is involved are free to > > specify flow state lifetimes longer than the default 60 seconds. > > > > (2) Flow state establishment methods MUST be able to recover from > > the case where the requested flow state cannot be supported. > > I'm not sure what purpose the above provides. I guess its mostly > harmless, but it strikes me as being pretty obvious, and I wonder if > these are the only real issues to think about. I.e., is this section > complete? If not, do we need it? It stops here, once again, to avoid getting into specific use cases. But we did feel these were necessary to avoid future flow-state mechanisms interfering with each other. Does that make sense? > > > Security Considerations > > > > The use of the Flow Label field enables flow classification also in > > the presence of encryption of IPv6 payloads. This allows the > > transport header values to remain confidential, which may lessen the > > possibilities for some forms of traffic analysis. However, the > > labeling of flows defined in this specification may reveal some > > structure of communications otherwise concealed by transport mode > > Seems like more could be said here. If use of the flow label allows > special treatment of traffic, aren't there possible theft of service > issues? Or DOS issues, if someone generates traffic trying to > overwhelm a particular flow? What about authorization? Can anyone set > up flows? Are there requirements or issues here that should be > mentioned in Section 4? This section seems a bit incomplete. Since flow labels are not protected by IPSEC-AH, they can be forged. We should probably state this. However, since the flow is actually identified by the {srce, dest, label} triplet, the theft of service or DOS problem actually requires address spoofing as well as label spoofing (and is prevented by ingress filtering). We should probably say this. Authorization is a local issue in the sending host. I could argue that since it is not a wire-protocol issue, we don't need to mention it. However, I think it is worth stating that multi-user hosts may require an authorization mechanism for individual applications to use QOS services including the flow label. Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 9 08:10:43 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h09GAh16006705; Thu, 9 Jan 2003 08:10:43 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h09GAhe7006704; Thu, 9 Jan 2003 08:10:43 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h09GAd16006697 for ; Thu, 9 Jan 2003 08:10:39 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h09GAmuk029364 for ; Thu, 9 Jan 2003 08:10:48 -0800 (PST) Received: from d12lmsgate-2.de.ibm.com (d12lmsgate-2.de.ibm.com [194.196.100.235]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id IAA20208 for ; Thu, 9 Jan 2003 08:10:42 -0800 (PST) Received: from d12relay02.de.ibm.com (d12relay02.de.ibm.com [9.165.215.23]) by d12lmsgate-2.de.ibm.com (8.12.3/8.12.3) with ESMTP id h09GAev4059306; Thu, 9 Jan 2003 17:10:40 +0100 Received: from etzel.zurich.ibm.com (etzel.zurich.ibm.com [9.4.64.140]) by d12relay02.de.ibm.com (8.12.3/NCO/VER6.4) with SMTP id h09GAdTL099548; Thu, 9 Jan 2003 17:10:39 +0100 Received: from dhcp23-27.zurich.ibm.com by etzel.zurich.ibm.com (AIX 4.3/UCB 5.64/4.03) id AA40172 from ; Thu, 9 Jan 2003 17:10:38 +0100 Message-Id: <3E1D9ED8.65647304@hursley.ibm.com> Date: Thu, 09 Jan 2003 17:10:00 +0100 From: Brian E Carpenter Organization: IBM X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U) X-Accept-Language: en,fr,de Mime-Version: 1.0 To: Margaret Wasserman Cc: ipng@sunroof.eng.sun.com Subject: Re: draft-wasserman-ipv6-sl-impact-00.txt References: <5.1.0.14.2.20021220080948.02c9c708@mail.windriver.com> <5.1.0.14.2.20021220080948.02c9c708@mail.windriver.com> <5.1.0.14.2.20021221163732.04619cd0@mail.windriver.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Margaret Wasserman wrote: ... > If the WG chooses to follow the recommendations in this document, > then SBRs will not longer be necessary. I don't think you can mean that literally. There are lots of reasons why enterprise networks have border routers today (not to mention DMZs) and I don't see that the non-existence of SL addresses would remove those reasons. Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 9 09:31:50 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h09HVo16007754; Thu, 9 Jan 2003 09:31:50 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h09HVoWI007753; Thu, 9 Jan 2003 09:31:50 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h09HVk16007746 for ; Thu, 9 Jan 2003 09:31:47 -0800 (PST) Received: from kathmandu.sun.com (kathmandu.Central.Sun.COM [129.147.5.36]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h09HVtuk021691 for ; Thu, 9 Jan 2003 09:31:55 -0800 (PST) Received: from mail.wrs.com (unknown-1-11.windriver.com [147.11.1.11]) by kathmandu.sun.com (8.9.3+Sun/8.9.3) with ESMTP id KAA08045 for ; Thu, 9 Jan 2003 10:31:49 -0700 (MST) Received: from IDLEWYLDE.windriver.com ([147.11.46.226]) by mail.wrs.com (8.9.3/8.9.1) with ESMTP id JAA20677; Thu, 9 Jan 2003 09:30:58 -0800 (PST) Message-Id: <5.1.0.14.2.20030109122643.0376b5a8@mail.windriver.com> X-Sender: mrw@mail.windriver.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 09 Jan 2003 12:28:06 -0500 To: Brian E Carpenter From: Margaret Wasserman Subject: Re: draft-wasserman-ipv6-sl-impact-00.txt Cc: ipng@sunroof.eng.sun.com In-Reply-To: <3E1D9ED8.65647304@hursley.ibm.com> References: <5.1.0.14.2.20021220080948.02c9c708@mail.windriver.com> <5.1.0.14.2.20021220080948.02c9c708@mail.windriver.com> <5.1.0.14.2.20021221163732.04619cd0@mail.windriver.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hi Brian, > > If the WG chooses to follow the recommendations in this document, > > then SBRs will not longer be necessary. > >I don't think you can mean that literally. There are lots of >reasons why enterprise networks have border routers today >(not to mention DMZs) and I don't see that the non-existence >of SL addresses would remove those reasons. Of course. Enterprises will continue to have border routers. I was using the term "SBR" as it is used in the scoped addressing architecture -- referring to a router that creates a border between two different site-local scopes. Margaret -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 9 09:46:36 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h09Hka16007915; Thu, 9 Jan 2003 09:46:36 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h09HkamT007914; Thu, 9 Jan 2003 09:46:36 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h09HkX16007907 for ; Thu, 9 Jan 2003 09:46:33 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h09HkfXq012829 for ; Thu, 9 Jan 2003 09:46:41 -0800 (PST) Received: from netcore.fi (netcore.fi [193.94.160.1]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id JAA25020 for ; Thu, 9 Jan 2003 09:46:35 -0800 (PST) Received: from localhost (pekkas@localhost) by netcore.fi (8.11.6/8.11.6) with ESMTP id h09HkTe11908; Thu, 9 Jan 2003 19:46:29 +0200 Date: Thu, 9 Jan 2003 19:46:28 +0200 (EET) From: Pekka Savola To: Brian E Carpenter cc: Thomas Narten , , Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt In-Reply-To: <3E1D97E5.AC439497@hursley.ibm.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk I've decidedly tried getting into the flow label debate, but will do so for a few parts. In general, I liked many of the Thomas's improvements; IMO, specification of flow label itself (with or without RFC2119 keywords), and treatment (like that nodes SHOULD label flows) should be more clearly separated. Two comments..: > > > 2. IPv6 Flow Label Specification > > > > > > The 20-bit Flow Label field in the IPv6 header [IPv6] SHOULD be used > > > by a source to label packets of a flow. A non-zero Flow Label > > > > Note: I don't think the SHOULD/MUST usage in this document is always > > helpful or even correct. It would make sense to go read the defintions > > in RFC 2119 as cited. > > This does mean SHOULD in the 2119 sense - hosts need a valid reason for not > doing it. > > > > This document defines a flow as the three tuple. No "SHOULD" about > > it. If a source wants to label a flow, it does so by setting the flow > > label. A better wording would be something like: > > > > Flows in IPv6 identified by the tuple of the 20-bit Flow Label, > > the IP source address, and the IP destination address in the IPv6 > > header. > > No. We want to say that hosts SHOULD label flows. (Rationale: it's > only by this becoming the norm that the flow label can become an effective > tool. If only 1% of traffic is labelled, there is no benefit.) I think Thomas's text is a very good introduction: if we want to say "hosts SHOULD label flows", just add it in a new paragraph after that. .. similar in some other cases .. > > > Security Considerations > > > > > > The use of the Flow Label field enables flow classification also in > > > the presence of encryption of IPv6 payloads. This allows the > > > transport header values to remain confidential, which may lessen the > > > possibilities for some forms of traffic analysis. However, the > > > labeling of flows defined in this specification may reveal some > > > structure of communications otherwise concealed by transport mode > > > > Seems like more could be said here. If use of the flow label allows > > special treatment of traffic, aren't there possible theft of service > > issues? Or DOS issues, if someone generates traffic trying to > > overwhelm a particular flow? What about authorization? Can anyone set > > up flows? Are there requirements or issues here that should be > > mentioned in Section 4? This section seems a bit incomplete. > > Since flow labels are not protected by IPSEC-AH, they can be forged. > We should probably state this. However, since the flow is actually > identified by the {srce, dest, label} triplet, the theft of service > or DOS problem actually requires address spoofing as well as label > spoofing (and is prevented by ingress filtering). We should probably say > this. There are many ways to do theft of service, I guess. Assume that node establishes (using some mechanism) a preferred treatment for a flow with -- particularly meant for e.g. single TCP connection. It can re-use this as much as it wants, getting better service. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 9 16:13:24 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0A0DN16010731; Thu, 9 Jan 2003 16:13:23 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0A0DNj7010730; Thu, 9 Jan 2003 16:13:23 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0A0DK16010723 for ; Thu, 9 Jan 2003 16:13:20 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0A0DSuk023850 for ; Thu, 9 Jan 2003 16:13:29 -0800 (PST) Received: from rsys002a.roke.co.uk (rsys002a.roke.co.uk [193.118.192.251]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id QAA04037 for ; Thu, 9 Jan 2003 16:13:23 -0800 (PST) Received: by rsys002a.roke.co.uk with Internet Mail Service (5.5.2653.19) id ; Fri, 10 Jan 2003 00:13:22 -0000 Message-ID: <76C92FBBFB58D411AE760090271ED41805DF647E@rsys002a.roke.co.uk> From: "Hancock, Robert" To: Brian E Carpenter , Thomas Narten Cc: jarno.rajahalme@nokia.com, ipng@sunroof.eng.sun.com Subject: RE: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt Date: Fri, 10 Jan 2003 00:13:21 -0000 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Dear all, A couple of comments on the 'router treatment' and 60s timeout issues: > > Note: what I would expect this draft to describe is: > > > > 1) what arbitrary source nodes should do with the flow label. > > 2) what routers should do with the flow label. > > > > The document appears to do 1), but 2) is omitted from the > document. Is > > this OK? > > IMHO, it's not only OK, it is essential at this stage. There > are a number > of use cases for the flow label - if I even enumerated them here, they > are controversial enough to start a flame war. The draft has been very > carefully limited to *avoid* assuming any particular use > case. It serves > two purposes, in my view: > -- setting globally applicable boundary conditions on what a sending > host may and may not do; > -- making it clear that intermediate systems may use the flow label > for packet classification purposes (which means, in particular, > that ASIC and network processor designers know that they should > include the flow label in the fields potentially used by > classifiers). > Going beyond this point would take us back into the controversy we > had on this list a year or so ago. So, to repeat, it would *not* > be OK to attempt to specify what routers should do with the flow > label. I sympathise with Brian's caution, but I'd still like to probe if there is any non-controversial guidance that can be given about routers treating packets within a single flow somehow "consistently" (e.g. keeping to the same outgoing interface in the absence of re-routing, avoiding re-ordering and so on). This would be a default in the absence of any specific flow state establishment mechanism. (This type of thing is slightly discussed in 1812, so maybe it's more of a node requirements topic. I agree there are additional subtleties to be considered.) [snip] > > > > > Nodes keeping dynamic flow state MUST NOT assume > packets arriving 60 > > > seconds or more after the previous packet of a flow > still belong to > > > the same flow, unless a flow state establishment method in use > > > defines a longer flow state lifetime or the flow state has been > > > explicitly refreshed within the lifetime duration. > > > > I'm not entirely comfortable with the above wording. It seems to me, > > that any node making assumptions about flow values *needs* a flow > > setup mechanism to go along with it. But if there is such a > mechanism, > > that mechanism can communicate appropriate timer values for > timing out > > state (and the above words are not needed). If there is no such > > mechanism, what sort of flow-specific processing should > assume that a > > gap of 60 seconds implies a reset in the flow? > > We don't know, and 60 seconds is a compromise value anyway. But there > seemed to be WG consensus that a default timeout is needed, since > otherwise we are licensing implementors to create hard state. > The authors > have been round and round this many times, and this was the best we > could come up with. (more comment on this below) I agree with Thomas' reasoning, i.e. I can't see under what circumstances these words wouldn't be superseded by ones specific to a specific real FSEM. (In particular, they don't prevent an FSEM mandating hard state itself anyway.) On the same grounds, I suppose I shouldn't object to the words too strongly either. However, the wording in terms of inter-packet gaps seems to imply an expectation of implicit flow state refresh, i.e. that flow state will persist while packets continue to flow, and that a flow-aware forwarding engine must be able to support updating a per-flow timer for each packet it forwards. Can this really be the intention? Or have I just confused myself? If we really must have this, how about something like Nodes keeping dynamic flow state MUST flush it after 60 seconds, unless it is maintained by whatever refresh method is associated with the corresponding flow state establishment mechanism, whose specification may also redefine the 60 second default flow lifetime. Nit: what actually is 'dynamic flow state'? This is the only place where 'flow state' is qualified like this. Is that significant? > > Brian > Robert H. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Fri Jan 10 01:07:02 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0A97116011786; Fri, 10 Jan 2003 01:07:01 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0A971YY011785; Fri, 10 Jan 2003 01:07:01 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0A96u16011775 for ; Fri, 10 Jan 2003 01:06:56 -0800 (PST) Received: from kathmandu.sun.com (kathmandu.Central.Sun.COM [129.147.5.36]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0A974uk003803 for ; Fri, 10 Jan 2003 01:07:04 -0800 (PST) Received: from d12lmsgate-3.de.ibm.com (d12lmsgate-3.de.ibm.com [194.196.100.236]) by kathmandu.sun.com (8.9.3+Sun/8.9.3) with ESMTP id CAA28843 for ; Fri, 10 Jan 2003 02:06:58 -0700 (MST) Received: from d12relay01.de.ibm.com (d12relay01.de.ibm.com [9.165.215.22]) by d12lmsgate-3.de.ibm.com (8.12.3/8.12.3) with ESMTP id h0A96mbd024676; Fri, 10 Jan 2003 10:06:48 +0100 Received: from etzel.zurich.ibm.com (etzel.zurich.ibm.com [9.4.64.140]) by d12relay01.de.ibm.com (8.12.3/NCO/VER6.4) with SMTP id h0A96lU4214290; Fri, 10 Jan 2003 10:06:47 +0100 Received: from dhcp23-27.zurich.ibm.com by etzel.zurich.ibm.com (AIX 4.3/UCB 5.64/4.03) id AA30562 from ; Fri, 10 Jan 2003 10:06:45 +0100 Message-Id: <3E1E8D00.E93F7F3@hursley.ibm.com> Date: Fri, 10 Jan 2003 10:06:08 +0100 From: Brian E Carpenter Organization: IBM X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U) X-Accept-Language: en,fr,de Mime-Version: 1.0 To: Pekka Savola Cc: Thomas Narten , jarno.rajahalme@nokia.com, ipng@sunroof.eng.sun.com Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk below... Pekka Savola wrote: > > I've decidedly tried getting into the flow label debate, but will do so > for a few parts. > > In general, I liked many of the Thomas's improvements; IMO, specification > of flow label itself (with or without RFC2119 keywords), and treatment > (like that nodes SHOULD label flows) should be more clearly separated. > > Two comments..: > > > > > 2. IPv6 Flow Label Specification > > > > > > > > The 20-bit Flow Label field in the IPv6 header [IPv6] SHOULD be used > > > > by a source to label packets of a flow. A non-zero Flow Label > > > > > > Note: I don't think the SHOULD/MUST usage in this document is always > > > helpful or even correct. It would make sense to go read the defintions > > > in RFC 2119 as cited. > > > > This does mean SHOULD in the 2119 sense - hosts need a valid reason for not > > doing it. > > > > > > This document defines a flow as the three tuple. No "SHOULD" about > > > it. If a source wants to label a flow, it does so by setting the flow > > > label. A better wording would be something like: > > > > > > Flows in IPv6 identified by the tuple of the 20-bit Flow Label, > > > the IP source address, and the IP destination address in the IPv6 > > > header. > > > > No. We want to say that hosts SHOULD label flows. (Rationale: it's > > only by this becoming the norm that the flow label can become an effective > > tool. If only 1% of traffic is labelled, there is no benefit.) > > I think Thomas's text is a very good introduction: if we want to say > "hosts SHOULD label flows", just add it in a new paragraph after that. Well, we were strongly asked in Atlanta to shorten and simplify the document. Now you are asking us to lengthen and complicate it again. I'd like some guidance from the chairs about this. > > .. similar in some other cases .. > > > > > Security Considerations > > > > > > > > The use of the Flow Label field enables flow classification also in > > > > the presence of encryption of IPv6 payloads. This allows the > > > > transport header values to remain confidential, which may lessen the > > > > possibilities for some forms of traffic analysis. However, the > > > > labeling of flows defined in this specification may reveal some > > > > structure of communications otherwise concealed by transport mode > > > > > > Seems like more could be said here. If use of the flow label allows > > > special treatment of traffic, aren't there possible theft of service > > > issues? Or DOS issues, if someone generates traffic trying to > > > overwhelm a particular flow? What about authorization? Can anyone set > > > up flows? Are there requirements or issues here that should be > > > mentioned in Section 4? This section seems a bit incomplete. > > > > Since flow labels are not protected by IPSEC-AH, they can be forged. > > We should probably state this. However, since the flow is actually > > identified by the {srce, dest, label} triplet, the theft of service > > or DOS problem actually requires address spoofing as well as label > > spoofing (and is prevented by ingress filtering). We should probably say > > this. > > There are many ways to do theft of service, I guess. > > Assume that node establishes (using some mechanism) a preferred treatment > for a flow with -- particularly meant for e.g. single > TCP connection. It can re-use this as much as it wants, getting better > service. That's the authorization issue, which I agree should be mentioned (see the immediately following paragraph in my previous message). Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Fri Jan 10 01:12:51 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0A9Cp16011906; Fri, 10 Jan 2003 01:12:51 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0A9Coa4011903; Fri, 10 Jan 2003 01:12:50 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0A9Cj16011884 for ; Fri, 10 Jan 2003 01:12:45 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0A9Cruk004789 for ; Fri, 10 Jan 2003 01:12:53 -0800 (PST) Received: from d12lmsgate-2.de.ibm.com (d12lmsgate-2.de.ibm.com [194.196.100.235]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id BAA14323 for ; Fri, 10 Jan 2003 01:12:47 -0800 (PST) Received: from d12relay02.de.ibm.com (d12relay02.de.ibm.com [9.165.215.23]) by d12lmsgate-2.de.ibm.com (8.12.3/8.12.3) with ESMTP id h0A9Cg8T045808; Fri, 10 Jan 2003 10:12:43 +0100 Received: from etzel.zurich.ibm.com (etzel.zurich.ibm.com [9.4.64.140]) by d12relay02.de.ibm.com (8.12.3/NCO/VER6.4) with SMTP id h0A9CZ1o152142; Fri, 10 Jan 2003 10:12:36 +0100 Received: from dhcp23-27.zurich.ibm.com by etzel.zurich.ibm.com (AIX 4.3/UCB 5.64/4.03) id AA43674 from ; Fri, 10 Jan 2003 10:12:33 +0100 Message-Id: <3E1E8E5C.9D0CD40D@hursley.ibm.com> Date: Fri, 10 Jan 2003 10:11:56 +0100 From: Brian E Carpenter Organization: IBM X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U) X-Accept-Language: en,fr,de Mime-Version: 1.0 To: "Hancock, Robert" Cc: Thomas Narten , jarno.rajahalme@nokia.com, ipng@sunroof.eng.sun.com Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt References: <76C92FBBFB58D411AE760090271ED41805DF647E@rsys002a.roke.co.uk> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk below... "Hancock, Robert" wrote: > > Dear all, > > A couple of comments on the 'router treatment' and 60s timeout issues: > > > > Note: what I would expect this draft to describe is: > > > > > > 1) what arbitrary source nodes should do with the flow label. > > > 2) what routers should do with the flow label. > > > > > > The document appears to do 1), but 2) is omitted from the > > document. Is > > > this OK? > > > > IMHO, it's not only OK, it is essential at this stage. There > > are a number > > of use cases for the flow label - if I even enumerated them here, they > > are controversial enough to start a flame war. The draft has been very > > carefully limited to *avoid* assuming any particular use > > case. It serves > > two purposes, in my view: > > -- setting globally applicable boundary conditions on what a sending > > host may and may not do; > > -- making it clear that intermediate systems may use the flow label > > for packet classification purposes (which means, in particular, > > that ASIC and network processor designers know that they should > > include the flow label in the fields potentially used by > > classifiers). > > Going beyond this point would take us back into the controversy we > > had on this list a year or so ago. So, to repeat, it would *not* > > be OK to attempt to specify what routers should do with the flow > > label. > > I sympathise with Brian's caution, but I'd still like to probe if > there is any non-controversial guidance that can be given about routers > treating packets within a single flow somehow "consistently" > (e.g. keeping to the same outgoing interface in the absence of > re-routing, avoiding re-ordering and so on). This would be a default > in the absence of any specific flow state establishment mechanism. > (This type of thing is slightly discussed in 1812, so maybe it's > more of a node requirements topic. I agree there are additional > subtleties to be considered.) Right, is there anything we can say that isn't "obvious" in terms of generic router requirements? Send text! > > [snip] > > > > > > > Nodes keeping dynamic flow state MUST NOT assume > > packets arriving 60 > > > > seconds or more after the previous packet of a flow > > still belong to > > > > the same flow, unless a flow state establishment method in use > > > > defines a longer flow state lifetime or the flow state has been > > > > explicitly refreshed within the lifetime duration. > > > > > > I'm not entirely comfortable with the above wording. It seems to me, > > > that any node making assumptions about flow values *needs* a flow > > > setup mechanism to go along with it. But if there is such a > > mechanism, > > > that mechanism can communicate appropriate timer values for > > timing out > > > state (and the above words are not needed). If there is no such > > > mechanism, what sort of flow-specific processing should > > assume that a > > > gap of 60 seconds implies a reset in the flow? > > > > We don't know, and 60 seconds is a compromise value anyway. But there > > seemed to be WG consensus that a default timeout is needed, since > > otherwise we are licensing implementors to create hard state. > > The authors > > have been round and round this many times, and this was the best we > > could come up with. (more comment on this below) > > I agree with Thomas' reasoning, i.e. I can't see under what circumstances > these words wouldn't be superseded by ones specific to a specific real > FSEM. (In particular, they don't prevent an FSEM mandating hard state > itself anyway.) On the same grounds, I suppose I shouldn't object to the > words too strongly either. Exactly, they are apparently harmless and they might prevent some implementor from doing something stupid (like creating hard state). > > However, the wording in terms of inter-packet gaps seems to imply an > expectation of implicit flow state refresh, i.e. that flow state will > persist while packets continue to flow, and that a flow-aware forwarding > engine must be able to support updating a per-flow timer for each packet > it forwards. Can this really be the intention? Or have I just confused myself? > > If we really must have this, how about something like > > Nodes keeping dynamic flow state MUST flush it after 60 seconds, > unless it is maintained by whatever refresh method is associated with the > corresponding flow state establishment mechanism, whose specification may also > redefine the 60 second default flow lifetime. Something like that would be fine for me. > > Nit: what actually is 'dynamic flow state'? This is the only place where 'flow state' is qualified like this. Is that significant? I think 'dynamic' is a noise word. Again, the concern was to avoid hard state, but the word can be deleted. Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Fri Jan 10 08:31:46 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0AGVk16014758; Fri, 10 Jan 2003 08:31:46 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0AGVj8j014757; Fri, 10 Jan 2003 08:31:45 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0AGVg16014750 for ; Fri, 10 Jan 2003 08:31:42 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0AGVquk013498 for ; Fri, 10 Jan 2003 08:31:52 -0800 (PST) Received: from e32.co.us.ibm.com (e32.co.us.ibm.com [32.97.110.130]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id IAA12223 for ; Fri, 10 Jan 2003 08:31:46 -0800 (PST) Received: from westrelay03.boulder.ibm.com (westrelay03.boulder.ibm.com [9.17.194.24]) by e32.co.us.ibm.com (8.12.2/8.12.2) with ESMTP id h0AGVaYk037404; Fri, 10 Jan 2003 11:31:37 -0500 Received: from rotala.raleigh.ibm.com (rotala.raleigh.ibm.com [9.27.12.14]) by westrelay03.boulder.ibm.com (8.12.3/NCO/VER6.4) with ESMTP id h0AGVZFU079710; Fri, 10 Jan 2003 09:31:35 -0700 Received: from rotala.raleigh.ibm.com (narten@localhost) by rotala.raleigh.ibm.com (8.11.6/8.11.6) with ESMTP id h0AGVFP09688; Fri, 10 Jan 2003 11:31:15 -0500 Message-Id: <200301101631.h0AGVFP09688@rotala.raleigh.ibm.com> To: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= cc: ipng@sunroof.eng.sun.com Subject: Re: preferred lifetime > valid lifetime In-Reply-To: Message from jinmei@isl.rdc.toshiba.co.jp of "Thu, 09 Jan 2003 22:52:36 +0900." Date: Fri, 10 Jan 2003 11:31:15 -0500 From: Thomas Narten Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk > Hmm, so your point is that even if the receiving host ignores the > prefix, it can still send a packet (whose destination address is > covered by the prefix) to the router, which will then forward the > packet back to the link. Yes. > There's still an interoperability issue if a non forwarding node sends > router advertisements with: > + the router lifetime being 0 > + a prefix where valid lifetime < preferred lifetime. It ought to be a bug if anyone sends out a prefix with valid lifetime less than preferred. This seems obvious, but the spec could easily say this somewhere. > though such a case may be too pathological to be covered in the spec. > As a result, I tend to agree that it doesn't matter whether the > receiving host ignores the prefix or not. However, it would be good > for routers to have an additional clarification like > for each advertised prefix, a router SHOULD ensure that the valid > lifetime is not smaller than the valid lifetime. I'd say MUST. Read the definition of SHOULD. Under what conditions would it make sense for an implementation to send out a valid lifetime shorter than preferred? It it doesn't make sense, there is no reason for the spec to explicitely say its OK to send them out anyway, and still be compliant with the spec... Thomas -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Fri Jan 10 08:37:35 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0AGbZ16014915; Fri, 10 Jan 2003 08:37:35 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0AGbY9H014914; Fri, 10 Jan 2003 08:37:34 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0AGbV16014907 for ; Fri, 10 Jan 2003 08:37:31 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0AGbfXq012052 for ; Fri, 10 Jan 2003 08:37:41 -0800 (PST) Received: from e35.co.us.ibm.com (e35.co.us.ibm.com [32.97.110.133]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id IAA12603 for ; Fri, 10 Jan 2003 08:37:35 -0800 (PST) Received: from westrelay03.boulder.ibm.com (westrelay03.boulder.ibm.com [9.17.194.24]) by e35.co.us.ibm.com (8.12.2/8.12.2) with ESMTP id h0AGbQeP068966; Fri, 10 Jan 2003 11:37:26 -0500 Received: from rotala.raleigh.ibm.com (rotala.raleigh.ibm.com [9.27.12.14]) by westrelay03.boulder.ibm.com (8.12.3/NCO/VER6.4) with ESMTP id h0AGbJFU045032; Fri, 10 Jan 2003 09:37:20 -0700 Received: from rotala.raleigh.ibm.com (narten@localhost) by rotala.raleigh.ibm.com (8.11.6/8.11.6) with ESMTP id h0AGaxc09763; Fri, 10 Jan 2003 11:36:59 -0500 Message-Id: <200301101636.h0AGaxc09763@rotala.raleigh.ibm.com> To: Brian E Carpenter cc: jarno.rajahalme@nokia.com, ipng@sunroof.eng.sun.com Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt In-Reply-To: Message from brian@hursley.ibm.com of "Thu, 09 Jan 2003 16:40:21 +0100." <3E1D97E5.AC439497@hursley.ibm.com> Date: Fri, 10 Jan 2003 11:36:59 -0500 From: Thomas Narten Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Brian E Carpenter writes: > Thomas Narten wrote: > > > > I reviewed the revised document today. Speaking as an individual, here > > is my reaction: > > > > > Abstract > > > > > > This document specifies the IPv6 Flow Label field, the requirements > > > for IPv6 source nodes labeling flows, and the requirements for flow > > > state establishment methods. > > > > Note: what I would expect this draft to describe is: > > > > 1) what arbitrary source nodes should do with the flow label. > > 2) what routers should do with the flow label. > > > > The document appears to do 1), but 2) is omitted from the document. Is > > this OK? > IMHO, it's not only OK, it is essential at this stage. There are a number > of use cases for the flow label - if I even enumerated them here, they > are controversial enough to start a flame war. The draft has been very > carefully limited to *avoid* assuming any particular use case. It serves > two purposes, in my view: > -- setting globally applicable boundary conditions on what a sending > host may and may not do; > -- making it clear that intermediate systems may use the flow label > for packet classification purposes (which means, in particular, > that ASIC and network processor designers know that they should > include the flow label in the fields potentially used by > classifiers). > Going beyond this point would take us back into the controversy we > had on this list a year or so ago. So, to repeat, it would *not* > be OK to attempt to specify what routers should do with the flow > label. We may be more in agreement than appears. I agree that usage scenarios should be left out. What I want to be sure about though is that router implementors have a clear understanding of what they need to implement, in order to be able to support flows once specific usages are defined. (Or, please correct me if this is this not a goal here.) I.e., folks doing hardware today want to know what they are supposed to do with the Flow Label. They don't want to find themselves later down the road saying "oops" our hardware can't support that because we didn't know that's how flows were defined. It may well be that all that needs to be said is that a flow is defined by the three tuple, and that implementations need to classify based on the tuple. What is done to packets that belong to a particular flow is future work. But the definition of how the classification is to be done seems important to nail down now. IMO, the current wording about this could be more clear. But if hardware folk feel like the current words are sufficiently clear on this, I'm OK too. My assumption is that this document is trying to say that classifiers need to map the three-tuple into a "flow". Or am I wrong? Is the document not even wanting to go this far? > > I.e., I thought the main reason to specify the flow label is > > so that current implementations can do something sensible with the > > flow label. Is there enough guidance for router implementors (e.g., > > those doing hardware) to add useful support for the flow label? I'm > > not sure, but would like to hear from such implementors. > As I said, there are multiple use cases and IMHO we should get this > document out and then let the QOS community (not the IPv6 community) > work on those use cases. Time will tell which ones succeed. If the point is that how packets of a specific flow are to be processed needs to be defered to future work, I agree. But if this also relates to the definition of which packets belong to which flow, I wonder whether this document achieves anything useful in practice. > > > 2. IPv6 Flow Label Specification > > > > > > The 20-bit Flow Label field in the IPv6 header [IPv6] SHOULD be used > > > by a source to label packets of a flow. A non-zero Flow Label > > > > Note: I don't think the SHOULD/MUST usage in this document is always > > helpful or even correct. It would make sense to go read the defintions > > in RFC 2119 as cited. > This does mean SHOULD in the 2119 sense - hosts need a valid reason for not > doing it. > > > > This document defines a flow as the three tuple. No "SHOULD" about > > it. If a source wants to label a flow, it does so by setting the flow > > label. A better wording would be something like: > > > > Flows in IPv6 identified by the tuple of the 20-bit Flow Label, > > the IP source address, and the IP destination address in the IPv6 > > header. > No. We want to say that hosts SHOULD label flows. (Rationale: it's > only by this becoming the norm that the flow label can become an effective > tool. If only 1% of traffic is labelled, there is no benefit.) Pekka said exactly what I would say here. > > > The packet MAY be given some flow-specific treatment based on the > > > flow state established on a set of IPv6 nodes. The nature of the > > > > MAY here seems odd too. Again, read the definition of MAY. It suggests > > that an implementation may decide it makes sense to do something in > > certain circumstances. But what I think the document is trying to say > > here is that flow-specific processing is done by entities that have > > been directed to do so. This is not an implementation choice in the > > "MAY" sense. It has more to do whether a device implements flows and > > then whether there is appropriate flow-state. Suggested reword: > > > > The packet will be processed in a flow-specific manner by those > > nodes that have special processing enabled for packets belonging > > to a particular flow. > Agreed, or simply use lower case "may". agreed too. > > > > Actually, the entire paragraph might be better as: > > > > IPv6 flows are defined by the tuple of the 20-bit Flow Label, the > > IP source address, and the IP destination address in the IPv6 > > header. Packet classifiers use the tuple to identify which flow a > > particular packet belongs to. Packets will be processed in a > > flow-specific manner by those nodes that have special processing > > enabled for packets belonging to a particular flow. A Flow Label > > of zero indicates an unlabelled packet that is given no special > > treatment. The nature of the specific treatment and the methods > > for the flow state establishment are beyond the scope of this > > specification. > Well, I think we want the SHOULD in there. We mean it. Make the "SHOULD implement" a separate point from the definition itself then. And have it refer specifically (for hosts) that they SHOULD label outgoing packets. That is what I think we are aiming for. > > > Nodes keeping dynamic flow state MUST NOT assume packets arriving 60 > > > seconds or more after the previous packet of a flow still belong to > > > the same flow, unless a flow state establishment method in use > > > defines a longer flow state lifetime or the flow state has been > > > explicitly refreshed within the lifetime duration. > > > > I'm not entirely comfortable with the above wording. It seems to me, > > that any node making assumptions about flow values *needs* a flow > > setup mechanism to go along with it. But if there is such a mechanism, > > that mechanism can communicate appropriate timer values for timing out > > state (and the above words are not needed). If there is no such > > mechanism, what sort of flow-specific processing should assume that a > > gap of 60 seconds implies a reset in the flow? > We don't know, and 60 seconds is a compromise value anyway. But there > seemed to be WG consensus that a default timeout is needed, since > otherwise we are licensing implementors to create hard state. The authors > have been round and round this many times, and this was the best we > could come up with. (more comment on this below) Well, I have a basic problem with a default timeout of 60 seconds. Heck, a temporary routing glitch can cause a loss of traffic for 60 seconds, yet the TCP sesssion doesn't go away that quickly. So 60 seconds seem like a rather odd compromise value. Seems too short to me. > > What problem is the above wording intended to address? > Use cases that nobody has thought of yet. I don't understand this answer. If a router does something flow-specfic for flow X, but then sees no traffic for 60 seconds, the implication now is that it shouldn't give flow X the same treatement it was just giving it just 60 seconds ago. I do remember some discussion on this in the past. But I still don't feel like I understand the rational. Can someone please summarize or point me back to a previous thread? > > > If an IPv6 node is not providing flow-specific treatment, it MUST > > > ignore the field when receiving or forwarding a packet. > > > > Such a node is presumably not implementing this spec, in which case > > the words seem superfluous... Delete? > You're too logical :-) But I think this forbids attempts to abuse > the label as a covert signalling channel, or otherwise use it for > an unintended purpose. So I'd vote for keeping the sentence, but > I don't feel strongly. Not a show stopper to leave in... > > > 3. Flow Labeling Requirements > > > > > > To enable Flow Label based classification, sources SHOULD assign each > > > unrelated transport connection and application data stream to a new > > > flow. The source MAY also take part in flow state establishment > > > methods that result in assigning certain packets to specific flows. A > > > source which does not assign traffic to flows MUST set the Flow Label > > > to zero. > > > > I find the above a bit muddled and incomplete. Here is an attempt at > > clarifying: > I object. Your text starts to hint at use cases. I think we should > absolutely avoid that, and restrict ourselves strictly to setting > boundary conditions on senders. Also, we agreed earlier to take out > all the stuff on APIs and picking flow label values. That was part > of the Grand Simplification of the draft. So I don't agree that the > paragraph is incomplete with respect to the goals of this document. Part of my concern with the current text is it says hosts SHOULD set the flow-label for each Application-level stream. I assume, however, that this document is aimed at the IP stack, not at individual applications. I.e., how will someone who implements the stack be able to use different flow labels for different application stream without help from the application? Seems like some sort of wording about this would be good. I'm not saying it even needs to be normative (it probably shouldn't be). But maybe some guidance. The existing wording seems a bit incomplete and the issues here seem more complex. > > > A source node MUST keep track of the Flow Label values it is > > > currently using or has recently used. > > > > Mumble. the above comes across as a restrictive requirement rather > > than focusing on the key requirement to fulfill. > Yes, we can replace MUST by "needs to". ok. But that alone doesn't fix the issue. Just saying it "needs to keep track of" doesn't focus on the "why". I think the document would be better off saying what fundamental principal an implementation needs to be sure to not violate. In this case, it's not reusing the same flow label too quickly, including across reboots. I agree that mandating how an implementation does is beyond the scope of the document. Note: an implementation doesn't need to keep track of which flow IDs it has recently used (as the current words say). It simply needs to ensure that it doesn't reuse any that have been reused recently. There is a subtle difference. I.e., one doesn't need to keep track of *each* flow one has recently used. One can aggregate that information. Here's a slightly less delta-ish proposal relative to the current text: A source node MUST ensure that it does not reuse Flow Label values it is currently using or has recently used when creating new flows. Flow Label values previously used with a specific pair of source and destination addresses MUST NOT be assigned to new flows with the same address pair within 60 seconds of the termination of the previous flow. If the previous flow had a lifetime longer than the default 60 seconds, a quarantine period of at least the length of the lifetime MUST be observed before reusing that Flow Label. Note: this last sentence seems hard to achieve. it suggests that if a future flow establishment method uses longer lifetimes, the stack will have to be retrofitted to figure out somehow not to reuse those flow label values for the longer period. I suspect that future uses of the flow label (i.e., the signalling partz) may well be implemented separately from the base IP stack Flow Label support, and it may not be possible for the signalling to ensure the quarantine behavior. The requirement of not reusing a Flow Label value for a new flow with the same pair of source and destination addresses extends across source node crashes and reboots. Text OK up to here. but, for the rest: To avoid accidental Flow Label value reuse, the source node SHOULD use a different initial value for Flow Label assignments after a reboot. The initial value could be randomly generated, or computed from a previous value stored in non-volatile memory. I think the above text is not really good enough. It makes some unstated assumptions about how things are implemented. It either needs more text, or should just be deleted. I guess my attempt at replacement wasn't successful. > As noted, 60 seconds is a compromise. We looked at values anywhere between > 10 and 600 seconds. There is no right answer, but 60 seems as good as > we could get. (10 seemed too short for a slow TCP stream, and 600 seemed > far too long, despite being the TCP timeout.) > Wording suggestions? Again, it seems like it should be at least as long as TCP timeouts. I don't think you want the flow state to be reclaimed just because of temporary network outages. > > > The requirement of not reusing a Flow Label value for a new flow with > > > the same pair of source and destination addresses extends across > > > source node crashes and reboots. To avoid accidental Flow Label value > > > reuse, the source node SHOULD use a different initial value for Flow > > > Label assignments after a reboot. The initial value could be randomly > > > generated, or computed from a previous value stored in non-volatile > > > memory. > > > > Suggested rewording: > > > > A source node should not reuse a particular Flow Label for a > > different flow until it is sure that any flow-specific state on > > other nodes has timed out or been appropriately updated. In > > particular, if a node reboots, it may lose track of which Flow > > Label values it has used recently, and pick the same > > ones. Implementations MUST ensure that they don't reuse Flow Labels > > too quickly. The problem here is analagous to picking initial > > sequence numbers when opening TCP connections after a > > restart. There are number of ways to avoid reuse. One approach is > > to have new Flow Label values be chosen in some well-defined order > > (e.g., sequentially, a pseudo-random sequence, etc.). Upon a system > > restart, the initial value could be randomly generated, or computed > > from a previous value stored in non-volatile memory. > Again, we removed some such text in the recent simplification of > the document. Do you really think we should start re-complicating? The document should be absolutely clear on what the requirement is. It also seems reasonable to provide some guidance on how to achieve the requirement, though in a non-normative fashion. This is because folks will wonder how one can implement the requirement if they have no stable storage or a very small footprint. I think it was Rob who pointed out a long while back that there were similarities here with generating TCP initial sequence numbers across reboots. > > > 4. Flow State Establishment Requirements > > > > > > To enable flow-specific treatment, flow state needs to be established > > > on all or a subset of the IPv6 nodes on the path from the source to > > > the destination(s). The methods for the state establishment, as well > > > as the models for flow-specific treatment will be defined in separate > > > specifications. > > > > > > To enable co-existence of different methods in IPv6 nodes, the > > > methods MUST meet the following basic requirements: > > > > > > (1) The method MUST provide the means for flow state clean-up from > > > the IPv6 nodes providing the flow-specific treatment. Signaling > > > based methods where the source node is involved are free to > > > specify flow state lifetimes longer than the default 60 seconds. > > > > > > (2) Flow state establishment methods MUST be able to recover from > > > the case where the requested flow state cannot be supported. > > > > I'm not sure what purpose the above provides. I guess its mostly > > harmless, but it strikes me as being pretty obvious, and I wonder if > > these are the only real issues to think about. I.e., is this section > > complete? If not, do we need it? > It stops here, once again, to avoid getting into specific use cases. But > we did feel these were necessary to avoid future flow-state mechanisms > interfering with each other. Does that make sense? I can live with the text. > > > Security Considerations > > > > > > The use of the Flow Label field enables flow classification also in > > > the presence of encryption of IPv6 payloads. This allows the > > > transport header values to remain confidential, which may lessen the > > > possibilities for some forms of traffic analysis. However, the > > > labeling of flows defined in this specification may reveal some > > > structure of communications otherwise concealed by transport mode > > > > Seems like more could be said here. If use of the flow label allows > > special treatment of traffic, aren't there possible theft of service > > issues? Or DOS issues, if someone generates traffic trying to > > overwhelm a particular flow? What about authorization? Can anyone set > > up flows? Are there requirements or issues here that should be > > mentioned in Section 4? This section seems a bit incomplete. > Since flow labels are not protected by IPSEC-AH, they can be forged. > We should probably state this. However, since the flow is actually > identified by the {srce, dest, label} triplet, the theft of service > or DOS problem actually requires address spoofing as well as label > spoofing (and is prevented by ingress filtering). We should probably say > this. My application, when running between the same pair of machines as yours, might be able to steal bandwidth from your application. This might be a real issue where one has proxies and other aggregating devices talking to each other. My basic point thought when reading the current text, however, was that from the few words it wasn't clear that a whole lot of thought had gone into any possible security issues. The writeup seems a bit superficial. Thomas -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Sat Jan 11 13:46:04 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0BLk316020276; Sat, 11 Jan 2003 13:46:03 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0BLk3Do020275; Sat, 11 Jan 2003 13:46:03 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0BLk016020268 for ; Sat, 11 Jan 2003 13:46:00 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0BLj6gE024884 for ; Sat, 11 Jan 2003 13:45:06 -0800 (PST) Received: from ncsmtp02.ogw.rr.com (ncsmtp02.ogw.rr.com [24.93.67.83]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id NAA05581 for ; Sat, 11 Jan 2003 13:45:00 -0800 (PST) Received: from mail5.nc.rr.com (fe5 [24.93.67.52]) by ncsmtp02.ogw.rr.com (8.12.5/8.12.2) with ESMTP id h0BLh0up007606; Sat, 11 Jan 2003 16:43:00 -0500 (EST) Received: from nc.rr.com ([24.162.252.243]) by mail5.nc.rr.com with Microsoft SMTPSVC(5.5.1877.757.75); Sat, 11 Jan 2003 16:41:24 -0500 Message-ID: <3E208F50.40707@nc.rr.com> Date: Sat, 11 Jan 2003 16:40:32 -0500 From: Brian Haberman Organization: Me? Organized?? User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Thomas Narten CC: Brian E Carpenter , jarno.rajahalme@nokia.com, ipng@sunroof.eng.sun.com Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt References: <200301101636.h0AGaxc09763@rotala.raleigh.ibm.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Thomas Narten wrote: > We may be more in agreement than appears. I agree that usage scenarios > should be left out. What I want to be sure about though is that router > implementors have a clear understanding of what they need to > implement, in order to be able to support flows once specific usages > are defined. (Or, please correct me if this is this not a goal here.) > > I.e., folks doing hardware today want to know what they are supposed > to do with the Flow Label. They don't want to find themselves later > down the road saying "oops" our hardware can't support that because we > didn't know that's how flows were defined. > > It may well be that all that needs to be said is that a flow is > defined by the three tuple, and that implementations need to classify > based on the tuple. What is done to packets that belong to a > particular flow is future work. But the definition of how the > classification is to be done seems important to nail down now. IMO, > the current wording about this could be more clear. But if hardware > folk feel like the current words are sufficiently clear on this, I'm > OK too. I would like to see text in this document that explicitly states that a flow is identified as . That is override any confusion caused by Appendix A of 2460 that says that a flow is . Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Sat Jan 11 20:48:29 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0C4mT16020742; Sat, 11 Jan 2003 20:48:29 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0C4mTSr020741; Sat, 11 Jan 2003 20:48:29 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0C4mP16020734 for ; Sat, 11 Jan 2003 20:48:25 -0800 (PST) Received: from pheriche.sun.com (pheriche.Central.Sun.COM [129.147.5.34]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0C4mX4w016884 for ; Sat, 11 Jan 2003 20:48:33 -0800 (PST) Received: from coconut.itojun.org (coconut.itojun.org [219.101.47.130]) by pheriche.sun.com (8.9.3+Sun/8.9.3) with ESMTP id VAA16481 for ; Sat, 11 Jan 2003 21:48:27 -0700 (MST) Received: from itojun.org (localhost [127.0.0.1]) by coconut.itojun.org (Postfix) with ESMTP id 4E6434B22; Sun, 12 Jan 2003 13:48:25 +0900 (JST) To: ipng@sunroof.eng.sun.com Cc: gilligan@cacheflow.com, sethomso@cisco.com, Jim.Bound@hp.com, Jack.McCann@hp.com In-reply-to: Internet-Drafts's message of Fri, 20 Dec 2002 07:09:37 EST. <200212201209.HAA23104@ietf.org> X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: draft-ietf-ipngwg-rfc2553bis-10.txt From: itojun@iijlab.net Date: Sun, 12 Jan 2003 13:48:25 +0900 Message-Id: <20030112044825.4E6434B22@coconut.itojun.org> Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk minor nit: NI_NUMERICSCOPE appears in the text (page 24) but not in section 7. itojun -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 13 00:18:13 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0D8ID16023418; Mon, 13 Jan 2003 00:18:13 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0D8IDAl023417; Mon, 13 Jan 2003 00:18:13 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0D8I916023410 for ; Mon, 13 Jan 2003 00:18:10 -0800 (PST) Received: from lukla.Sun.COM (lukla.Central.Sun.COM [129.147.5.31]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0D8IH4w017793 for ; Mon, 13 Jan 2003 00:18:17 -0800 (PST) Received: from mgw-x1.nokia.com (mgw-x1.nokia.com [131.228.20.21]) by lukla.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id BAA28989 for ; Mon, 13 Jan 2003 01:18:09 -0700 (MST) From: jarno.rajahalme@nokia.com Received: from esvir01nok.ntc.nokia.com (esvir01nokt.ntc.nokia.com [172.21.143.33]) by mgw-x1.nokia.com (Switch-2.2.1/Switch-2.2.0) with ESMTP id h0D8H8022263 for ; Mon, 13 Jan 2003 10:17:08 +0200 (EET) Received: from esebh003.NOE.Nokia.com (unverified) by esvir01nok.ntc.nokia.com (Content Technologies SMTPRS 4.2.5) with ESMTP id ; Mon, 13 Jan 2003 10:18:03 +0200 Received: from esebh005.NOE.Nokia.com ([172.21.138.86]) by esebh003.NOE.Nokia.com with Microsoft SMTPSVC(5.0.2195.5329); Mon, 13 Jan 2003 10:18:03 +0200 Received: from esebe004.NOE.Nokia.com ([172.21.138.44]) by esebh005.NOE.Nokia.com with Microsoft SMTPSVC(5.0.2195.5329); Mon, 13 Jan 2003 10:18:02 +0200 X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Subject: RE: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt Date: Mon, 13 Jan 2003 10:18:01 +0200 Message-ID: <009CA59D1752DD448E07F8EB2F91175701FD01E3@esebe004.ntc.nokia.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt Thread-Index: AcK5uxaN6WC3cF9uSYuGXm+LooPgQABIJMbg To: , Cc: , X-OriginalArrivalTime: 13 Jan 2003 08:18:02.0628 (UTC) FILETIME=[4A8F6C40:01C2BADC] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by sunroof.eng.sun.com id h0D8IA16023411 Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Brian Haberman wrote: > I would like to see text in this document that explicitly states > that a flow is identified as . That is override any > confusion caused by Appendix A of 2460 that says that a flow is > . So the sentence (below) in the current section 2 ("IPv6 Flow Label Specification") is not explicit enough? "IPv6 nodes forwarding or receiving a labeled IPv6 packet can use the Flow Label and Source and Destination Address fields to classify the packet to a certain flow." Jarno > -----Original Message----- > From: ext Brian Haberman [mailto:bkhabs@nc.rr.com] > Sent: Saturday, January 11, 2003 11:41 PM > To: Thomas Narten > Cc: Brian E Carpenter; Rajahalme Jarno (NRC/Helsinki); > ipng@sunroof.eng.sun.com > Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt > > > > > Thomas Narten wrote: > > We may be more in agreement than appears. I agree that > usage scenarios > > should be left out. What I want to be sure about though is > that router > > implementors have a clear understanding of what they need to > > implement, in order to be able to support flows once specific usages > > are defined. (Or, please correct me if this is this not a > goal here.) > > > > I.e., folks doing hardware today want to know what they are supposed > > to do with the Flow Label. They don't want to find themselves later > > down the road saying "oops" our hardware can't support that > because we > > didn't know that's how flows were defined. > > > > It may well be that all that needs to be said is that a flow is > > defined by the three tuple, and that implementations need > to classify > > based on the tuple. What is done to packets that belong to a > > particular flow is future work. But the definition of how the > > classification is to be done seems important to nail down now. IMO, > > the current wording about this could be more clear. But if hardware > > folk feel like the current words are sufficiently clear on this, I'm > > OK too. > > Brian > > -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 13 04:42:11 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0DCgB16024409; Mon, 13 Jan 2003 04:42:11 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0DCgBwe024408; Mon, 13 Jan 2003 04:42:11 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0DCg816024401 for ; Mon, 13 Jan 2003 04:42:08 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0DCgH4w023579 for ; Mon, 13 Jan 2003 04:42:17 -0800 (PST) Received: from ncsmtp03.ogw.rr.com (ncsmtp03.ogw.rr.com [24.93.67.84]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id EAA15383 for ; Mon, 13 Jan 2003 04:42:11 -0800 (PST) Received: from mail5.nc.rr.com (fe5 [24.93.67.52]) by ncsmtp03.ogw.rr.com (8.12.5/8.12.2) with ESMTP id h0DCfIiZ001695; Mon, 13 Jan 2003 07:41:19 -0500 (EST) Received: from nc.rr.com ([63.109.132.2]) by mail5.nc.rr.com with Microsoft SMTPSVC(5.5.1877.757.75); Mon, 13 Jan 2003 07:40:34 -0500 Message-ID: <3E22B475.2080609@nc.rr.com> Date: Mon, 13 Jan 2003 07:43:33 -0500 From: Brian Haberman Organization: No Organization Here User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2.1) Gecko/20021130 X-Accept-Language: en-us, en MIME-Version: 1.0 To: jarno.rajahalme@nokia.com CC: narten@us.ibm.com, brian@hursley.ibm.com, ipng@sunroof.eng.sun.com Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt References: <009CA59D1752DD448E07F8EB2F91175701FD01E3@esebe004.ntc.nokia.com> In-Reply-To: <009CA59D1752DD448E07F8EB2F91175701FD01E3@esebe004.ntc.nokia.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Apologies, I missed that along the way. That works for me. Brian jarno.rajahalme@nokia.com wrote: > Brian Haberman wrote: > >>I would like to see text in this document that explicitly states >>that a flow is identified as . That is override any >>confusion caused by Appendix A of 2460 that says that a flow is >>. > > > So the sentence (below) in the current section 2 ("IPv6 Flow Label Specification") is not explicit enough? > > "IPv6 nodes forwarding or receiving a labeled IPv6 packet can use > the Flow Label and Source and Destination Address fields to classify > the packet to a certain flow." > > Jarno > > >>-----Original Message----- >>From: ext Brian Haberman [mailto:bkhabs@nc.rr.com] >>Sent: Saturday, January 11, 2003 11:41 PM >>To: Thomas Narten >>Cc: Brian E Carpenter; Rajahalme Jarno (NRC/Helsinki); >>ipng@sunroof.eng.sun.com >>Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt >> >> >> >> >>Thomas Narten wrote: >> >>>We may be more in agreement than appears. I agree that >> >>usage scenarios >> >>>should be left out. What I want to be sure about though is >> >>that router >> >>>implementors have a clear understanding of what they need to >>>implement, in order to be able to support flows once specific usages >>>are defined. (Or, please correct me if this is this not a >> >>goal here.) >> >>>I.e., folks doing hardware today want to know what they are supposed >>>to do with the Flow Label. They don't want to find themselves later >>>down the road saying "oops" our hardware can't support that >> >>because we >> >>>didn't know that's how flows were defined. >>> >>>It may well be that all that needs to be said is that a flow is >>>defined by the three tuple, and that implementations need >> >>to classify >> >>>based on the tuple. What is done to packets that belong to a >>>particular flow is future work. But the definition of how the >>>classification is to be done seems important to nail down now. IMO, >>>the current wording about this could be more clear. But if hardware >>>folk feel like the current words are sufficiently clear on this, I'm >>>OK too. >> > >>Brian >> >> > > -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 13 05:51:53 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0DDpr16024778; Mon, 13 Jan 2003 05:51:53 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0DDpqtj024777; Mon, 13 Jan 2003 05:51:52 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0DDpn16024770 for ; Mon, 13 Jan 2003 05:51:49 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0DDpxgE028525 for ; Mon, 13 Jan 2003 05:51:59 -0800 (PST) Received: from mgw-x4.nokia.com (mgw-x4.nokia.com [131.228.20.27]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id FAA23703 for ; Mon, 13 Jan 2003 05:51:52 -0800 (PST) From: jarno.rajahalme@nokia.com Received: from esvir03nok.nokia.com (esvir03nokt.ntc.nokia.com [172.21.143.35]) by mgw-x4.nokia.com (Switch-2.2.1/Switch-2.2.0) with ESMTP id h0DDrwt09590 for ; Mon, 13 Jan 2003 15:53:58 +0200 (EET) Received: from esebh001.NOE.Nokia.com (unverified) by esvir03nok.nokia.com (Content Technologies SMTPRS 4.2.5) with ESMTP id ; Mon, 13 Jan 2003 15:51:51 +0200 Received: from esebe004.NOE.Nokia.com ([172.21.138.44]) by esebh001.NOE.Nokia.com with Microsoft SMTPSVC(5.0.2195.5329); Mon, 13 Jan 2003 15:51:51 +0200 X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Subject: RE: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt Date: Mon, 13 Jan 2003 15:51:50 +0200 Message-ID: <009CA59D1752DD448E07F8EB2F91175701FD01E7@esebe004.ntc.nokia.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt Thread-Index: AcK4xpSuouUrNMW7QvaXuXvs268GxACHK7zw To: , Cc: X-OriginalArrivalTime: 13 Jan 2003 13:51:51.0271 (UTC) FILETIME=[EC8FCF70:01C2BB0A] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by sunroof.eng.sun.com id h0DDpo16024771 Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Thomas Narten wrote: > > Brian E Carpenter writes: > > > Thomas Narten wrote: > > > > > > I reviewed the revised document today. Speaking as an > individual, here > > > is my reaction: > > > Thomas, I'm happy to see a thorough review of the spec. Thanks. > > > > Abstract > > > > > > > > This document specifies the IPv6 Flow Label field, > the requirements > > > > for IPv6 source nodes labeling flows, and the > requirements for flow > > > > state establishment methods. > > > > > > Note: what I would expect this draft to describe is: > > > > > > 1) what arbitrary source nodes should do with the flow label. > > > 2) what routers should do with the flow label. > > > > > > The document appears to do 1), but 2) is omitted from the > document. Is > > > this OK? > The intent has been to specify for routers what is needed in the absence of any flow state establishment method. It would be up to tem to define their router requirements. > We may be more in agreement than appears. I agree that usage scenarios > should be left out. What I want to be sure about though is that router > implementors have a clear understanding of what they need to > implement, in order to be able to support flows once specific usages > are defined. (Or, please correct me if this is this not a goal here.) > This is a goal, but to a limit. It is impossible to anticipate the needs of future FSEM specifications. We included requirements for classifiers targeting the RSVP Wildcard-Filter reservation style requirements still in the -03 version, but these "higher layer constructs" were to an effect obscuring the "simple flow" definition. > I.e., folks doing hardware today want to know what they are supposed > to do with the Flow Label. They don't want to find themselves later > down the road saying "oops" our hardware can't support that because we > didn't know that's how flows were defined. > > It may well be that all that needs to be said is that a flow is > defined by the three tuple, and that implementations need to classify > based on the tuple. What is done to packets that belong to a > particular flow is future work. But the definition of how the > classification is to be done seems important to nail down now. IMO, > the current wording about this could be more clear. But if hardware > folk feel like the current words are sufficiently clear on this, I'm > OK too. > I have suggested a clarification based on your text proposal below. > My assumption is that this document is trying to say that classifiers > need to map the three-tuple into a "flow". Or am I wrong? Is the > document not even wanting to go this far? > The document states that flows are mapped from the three-tuple. The wording for this has evolved through the different draft versions. In -03 we also had the following two statements in the current section 4: "(1) A packet is classified unambiguously to a flow on the basis of the Flow Label, and the Source and Destination Address fields. The flow state establishment method MUST convey this classifying information to the IPv6 nodes that need to perform the classification. Usage of any additional header fields for flow classification is beyond the scope of this specification." "(2) The flow state establishment method MAY associate multiple Flow Label, Source Address, Destination Address triplets with the same flow state (e.g. an SCTP connection between nodes with multiple addresses, or a classifier with an address range, see the RSVP Wildcard-Filter example in section 4 above)." When faced with the comment "document too complex" from the chairs in the last meeting, I reasoned that the (1) above is not adding anything that could not be deduced from the other text in the document, and the issue addressed in (2) was not absolutely necessary for this document, or at least it seemed to be too complex concept to process by the WG at this time. I do not know if the RSVP Wildcard-Filter style reservations will be really utilized in future, but if they are, it would be pity if the ASIC implementation would require replication of the classifiers for all different source addresses to support it. > > > > 2. IPv6 Flow Label Specification > > > > ... > > > > > > Actually, the entire paragraph might be better as: > > > > > > IPv6 flows are defined by the tuple of the 20-bit > Flow Label, the > > > IP source address, and the IP destination address in the IPv6 > > > header. Packet classifiers use the tuple to identify > which flow a > > > particular packet belongs to. Packets will be processed in a > > > flow-specific manner by those nodes that have special > processing > > > enabled for packets belonging to a particular flow. > A Flow Label > > > of zero indicates an unlabelled packet that is given > no special > > > treatment. The nature of the specific treatment and > the methods > > > for the flow state establishment are beyond the scope of this > > > specification. > I would not want to use the "flows are defined by" language above. There are many more aspects to the "flow definition" than the classifier. Also, the classifier might be more than one of the tuples (or triplets), even if not further specified in this document. Also "that have special processing enabled" sound like it would be (only a) configuration option (on/off), while the processing depends also on the actual flow set-up. So how about this: "The 20-bit Flow Label field in the IPv6 header [IPv6] is used by a source to label packets of a flow. Packet classifiers use the triplet of Flow Label, Source Address, and Destination Address fields to identify which flow a particular packet belongs to. Packets are processed in a flow-specific manner by the nodes that have been set up with flow-specific state. A Flow Label of zero indicates an unlabelled packet that is given no special treatment. The nature of the specific treatment and the methods for the flow state establishment are out of scope for this specification." > > Well, I think we want the SHOULD in there. We mean it. > > Make the "SHOULD implement" a separate point from the definition > itself then. And have it refer specifically (for hosts) that they > SHOULD label outgoing packets. That is what I think we are aiming for. > I think we are stating the "SHOULD label" in the section 3 ("Flow Labeling Requirements") is sufficient? Comments? > > > > Nodes keeping dynamic flow state MUST NOT assume > packets arriving 60 > > > > seconds or more after the previous packet of a flow > still belong to > > > > the same flow, unless a flow state establishment > method in use > > > > defines a longer flow state lifetime or the flow > state has been > > > > explicitly refreshed within the lifetime duration. > > > > > > I'm not entirely comfortable with the above wording. It > seems to me, > > > > that any node making assumptions about flow values *needs* a flow > > > setup mechanism to go along with it. But if there is such > a mechanism, > > > that mechanism can communicate appropriate timer values > for timing out > > > state (and the above words are not needed). Yes. I think so too. > > > If there is no such > > > mechanism, what sort of flow-specific processing should > assume that a > > > gap of 60 seconds implies a reset in the flow? I don't know. It just says that if the node creates flow state out of the thin air, the node should not assume "stability" of the flow classifier after a gap of 60 seconds. In most cases it may be that the flow is still the same flow, and could be processed as before. In other cases it is of no significance that the flow "changed" and the node can keep processing the packets as before (not flushing anything). It all depends on what the node is doing. This "must not assume" is just one side effect of the sources not re-using "flow identities" for 60 seconds after the previous flow terminated. > > > We don't know, and 60 seconds is a compromise value anyway. > But there > > seemed to be WG consensus that a default timeout is needed, since > > otherwise we are licensing implementors to create hard > state. The authors > > have been round and round this many times, and this was the best we > > could come up with. (more comment on this below) > > Well, I have a basic problem with a default timeout of 60 > seconds. Heck, a temporary routing glitch can cause a loss of traffic > for 60 seconds, yet the TCP sesssion doesn't go away that quickly. So > 60 seconds seem like a rather odd compromise value. Seems too short to > me. > Presumably the node can re-create the state it needs after the gap. Since there was a long gap, there should be no reordering issues (in case the new state for example determines a different next-hop interface). For reference, RFC 1883 defined a lifetime value of 6 seconds. As I said above, I do not know any use of flow-specific state without the support of a flow state establishment method. But if we do not define a default lifetime now, it cannot be added later. Also, it seems logical to have *some* pause before a previously used flow label value should be re-used for a new flow. WG chairs (collectively) insisted on the definition of the default lifetime, and there were no opposing voices on this from the WG. I do not think the default lifetime should have anything to do with TCP timeouts, as long as it is long enough to not cause any reordering issues. But this is not an issue for me, any value is fine, especially if someone could come up with good justification for the value :-) > > > What problem is the above wording intended to address? > > > Use cases that nobody has thought of yet. > > I don't understand this answer. If a router does something > flow-specfic for flow X, but then sees no traffic for 60 seconds, the > implication now is that it shouldn't give flow X the same treatement > it was just giving it just 60 seconds ago. > No. It would still give the flow X, but it would just need to re-use the algorithm/method/whatever to re-create the X after the gap, if it flushed the X. It might be likely that X is not really flow-specific, but can be applied to aggregates of flows. In this case there is no point in flushing the X (ever). > I do remember some discussion on this in the past. But I still don't > feel like I understand the rational. Can someone please summarize or > point me back to a previous thread? > > > > > If an IPv6 node is not providing flow-specific > treatment, it MUST > > > > ignore the field when receiving or forwarding a packet. > > > > > > Such a node is presumably not implementing this spec, in > which case > > > the words seem superfluous... Delete? > > > You're too logical :-) But I think this forbids attempts to abuse > > the label as a covert signalling channel, or otherwise use it for > > an unintended purpose. So I'd vote for keeping the sentence, but > > I don't feel strongly. > > Not a show stopper to leave in... > Good :-) > > > > 3. Flow Labeling Requirements > > > > > > > > To enable Flow Label based classification, sources > SHOULD assign each > > > > unrelated transport connection and application data > stream to a new > > > > flow. The source MAY also take part in flow state > establishment > > > > methods that result in assigning certain packets to > specific flows. A > > > > source which does not assign traffic to flows MUST > set the Flow Label > > > > to zero. > > > You left the 2nd paragraph out from your quote. I think it should be considered here as well: "To enable applications and transport protocols to define what packets constitute a flow, the source node MUST provide means for the applications and transport protocols to specify the Flow Label values to be used with their flows. The source node SHOULD be able to select unused Flow Label values for flows not requesting a specific value to be used." > > > I find the above a bit muddled and incomplete. Here is an > attempt at > > > clarifying: > > > I object. Your text starts to hint at use cases. I think we should > > absolutely avoid that, and restrict ourselves strictly to setting > > boundary conditions on senders. Also, we agreed earlier to take out > > all the stuff on APIs and picking flow label values. That was part > > of the Grand Simplification of the draft. So I don't agree that the > > paragraph is incomplete with respect to the goals of this document. > > Part of my concern with the current text is it says hosts SHOULD set > the flow-label for each Application-level stream. I assume, however, > that this document is aimed at the IP stack, not at individual > applications. I.e., how will someone who implements the stack be able > to use different flow labels for different application stream without > help from the application? As stated in the 2nd paragraph, the stack cannot determine the application-defined flows by itself. The document is not aimed only at IP stack implementers. It is also aimed at implementers of e.g. media transport "middleware" (i.e. RTP/RTSP/SIP implementers, in their role as "applications" defining flows) and folks responsible for API definitions (I hope that the API recommendations would be addressed in the socket API specs). > Seems like some sort of wording about this > would be good. I'm not saying it even needs to be normative (it > probably shouldn't be). But maybe some guidance. The existing wording > seems a bit incomplete and the issues here seem more complex. > It seems to me that the 2nd paragraph is saying what it needs to, if we leave API specs out of this document. > > > > A source node MUST keep track of the Flow Label values it is > > > > currently using or has recently used. > > > > > > Mumble. the above comes across as a restrictive requirement rather > > > than focusing on the key requirement to fulfill. > > > Yes, we can replace MUST by "needs to". > > ok. But that alone doesn't fix the issue. Just saying it "needs to > keep track of" doesn't focus on the "why". I think the document would > be better off saying what fundamental principal an implementation > needs to be sure to not violate. In this case, it's not reusing the > same flow label too quickly, including across reboots. I agree that > mandating how an implementation does is beyond the scope of the > document. > > Note: an implementation doesn't need to keep track of which flow IDs > it has recently used (as the current words say). It simply needs to > ensure that it doesn't reuse any that have been reused recently. There > is a subtle difference. I.e., one doesn't need to keep track of *each* > flow one has recently used. One can aggregate that information. > > Here's a slightly less delta-ish proposal relative to the current > text: > > A source node MUST ensure that it does not reuse Flow Label values > it is currently using or has recently used when creating new > flows. Flow Label values previously used with a specific pair of > source and destination addresses MUST NOT be assigned to new flows > with the same address pair within 60 seconds of the termination of > the previous flow. If the previous flow had a lifetime longer than > the default 60 seconds, a quarantine period of at least the length > of the lifetime MUST be observed before reusing that Flow Label. > The changes (1st and last sentences) seem good to me. > Note: this last sentence seems hard to achieve. it suggests that if a > future flow establishment method uses longer lifetimes, the stack will > have to be retrofitted to figure out somehow not to reuse those flow > label values for the longer period. I suspect that future uses of the > flow label (i.e., the signalling partz) may well be implemented > separately from the base IP stack Flow Label support, and it may not > be possible for the signalling to ensure the quarantine behavior. > There are at least two ways to implement this: 1) the stack implementation allows the application (or any middleware on top of the stack) to define the lifetime, that the stack will then honor (e.g. by not assigning that value to any new flow for the timeout value after all sockets belonging to that flow have been closed), possibly individually for the flow, or by utilizing the longest timeout for all flows. 2) In the absence of the interface for the non-default lifetime, the FSEM could keep the flow "reserved" for timeout-60 seconds after the flow's traffic has finished, and only after that release the label back to the stack (which would then keep the value reserved for the normal 60 seconds). > The requirement of not reusing a Flow Label value for a > new flow with > the same pair of source and destination addresses extends across > source node crashes and reboots. > > Text OK up to here. > > but, for the rest: > > To avoid accidental Flow Label value > reuse, the source node SHOULD use a different initial > value for Flow > Label assignments after a reboot. The initial value could > be randomly > generated, or computed from a previous value stored in non-volatile > memory. > > I think the above text is not really good enough. It makes some > unstated assumptions about how things are implemented. It either needs > more text, or should just be deleted. I guess my attempt at > replacement wasn't successful. > You are right in that the text suggests utilizing a (random) initial value and sequential assignment for flows for which applications do not ask for a specific value. It is a SHOULD to prevent implementations always starting from 1, for example. But other methods of avoiding accidental re-use are possible (i.e. if the system is able to maintain all flow-related state across reboots). I do not think it can be deleted. How about: "The requirement of not reusing a Flow Label value for a new flow with the same pair of source and destination addresses extends across source node crashes and reboots. To avoid accidental Flow Label value reuse, the source node SHOULD select new Flow Label values in a well- defined sequence (e.g. sequential or pseudo-random) and use a different initial value for the sequence each time the system starts. The initial value could be randomly generated, or computed from a previous value stored in non-volatile memory." > > As noted, 60 seconds is a compromise. We looked at values > anywhere between > > 10 and 600 seconds. There is no right answer, but 60 seems > as good as > > we could get. (10 seemed too short for a slow TCP stream, > and 600 seemed > > far too long, despite being the TCP timeout.) > > > Wording suggestions? > > Again, it seems like it should be at least as long as TCP timeouts. I > don't think you want the flow state to be reclaimed just because of > temporary network outages. Again, it is a matter of taste what is considered temporary. Again, the only issue with TCP I can think of here is possible re-ordering issue, which is not an issue after a gap of couple of seconds. > > > > 4. Flow State Establishment Requirements > > > > > > > > To enable flow-specific treatment, flow state needs > to be established > > > > on all or a subset of the IPv6 nodes on the path > from the source to > > > > the destination(s). The methods for the state > establishment, as well > > > > as the models for flow-specific treatment will be > defined in separate > > > > specifications. > > > > > > > > To enable co-existence of different methods in IPv6 > nodes, the > > > > methods MUST meet the following basic requirements: > > > > > > > > (1) The method MUST provide the means for flow > state clean-up from > > > > the IPv6 nodes providing the flow-specific > treatment. Signaling > > > > based methods where the source node is involved > are free to > > > > specify flow state lifetimes longer than the > default 60 seconds. > > > > > > > > (2) Flow state establishment methods MUST be able > to recover from > > > > the case where the requested flow state cannot > be supported. > > > > > > I'm not sure what purpose the above provides. I guess its mostly > > > harmless, but it strikes me as being pretty obvious, and > I wonder if > > > these are the only real issues to think about. I.e., is > this section > > > complete? If not, do we need it? > You might want to read the -03 draft (at http://www.ietf.org/proceedings/02nov/I-D/draft-ietf-ipv6-flow-label-03.txt ) it had 6 requirements. Some of them were clarifying implications of the other text, but were cut of to reduce the complexity of the document. It would be good if you could read the -03 version to see if we dropped something that really should not have been dropped (as you see it). > > > > Security Considerations > > > > > > > > The use of the Flow Label field enables flow > classification also in > > > > the presence of encryption of IPv6 payloads. This allows the > > > > transport header values to remain confidential, > which may lessen the > > > > possibilities for some forms of traffic analysis. > However, the > > > > labeling of flows defined in this specification may > reveal some > > > > structure of communications otherwise concealed by > transport mode > > > > > > Seems like more could be said here. If use of the flow > label allows > > > special treatment of traffic, aren't there possible theft > of service > > > issues? Or DOS issues, if someone generates traffic trying to > > > overwhelm a particular flow? What about authorization? > Can anyone set > > > up flows? Are there requirements or issues here that should be > > > mentioned in Section 4? This section seems a bit incomplete. > > > Since flow labels are not protected by IPSEC-AH, they can be forged. > > We should probably state this. However, since the flow is actually > > identified by the {srce, dest, label} triplet, the theft of service > > or DOS problem actually requires address spoofing as well as label > > spoofing (and is prevented by ingress filtering). We should > probably say > > this. > > My application, when running between the same pair of machines as > yours, might be able to steal bandwidth from your application. This > might be a real issue where one has proxies and other aggregating > devices talking to each other. > If the proxy is aggregating traffic so as to share a flow, then it no longer "my bandwidth" or "your bandwidth", it is just aggregate bandwidth that the proxy is responsible for managing, at least responsible for which traffic it is inserting to the aggregate. From the IPv6 viewpoint the proxy is the source of the flow. On a multi-user machine the kernel would be responsible for not allowing mixing flows of applications belonging to different users. > My basic point thought when reading the current text, however, was > that from the few words it wasn't clear that a whole lot of thought > had gone into any possible security issues. The writeup seems a bit > superficial. There has been nothing in this current discussion that would not have been considered. It should be obvious that giving more resources to someone does not make sense without compensation, but the authorization is more of an issue for the flow state establishment methods (which are out of scope for this doc). Labeling is free as is some aggregate based load spreading, but some authorization is required for any real flow-specific treatment (this spec does not define any). I agree that it would be good if the WG could come up with a more complete Security Considerations section for this document. Regards, Jarno -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Mon Jan 13 17:16:24 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0E1GO16029991; Mon, 13 Jan 2003 17:16:24 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0E1GNR0029990; Mon, 13 Jan 2003 17:16:23 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0E1GJ16029983 for ; Mon, 13 Jan 2003 17:16:19 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0E1GT4w029895 for ; Mon, 13 Jan 2003 17:16:29 -0800 (PST) Received: from ftpbox.mot.com (ftpbox.mot.com [129.188.136.101]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id RAA29620 for ; Mon, 13 Jan 2003 17:16:23 -0800 (PST) Received: from mothost.mot.com (mothost.mot.com [129.188.137.101]) by ftpbox.mot.com (Motorola/Ftpbox) with ESMTP id h0E1GNuP005418 for ; Mon, 13 Jan 2003 18:16:23 -0700 (MST) Received: [from homer.arc.corp.mot.com (homer.arc.corp.mot.com [10.238.80.38]) by mothost.mot.com (MOT-pobox 2.0) with ESMTP id SAA22404 for ; Mon, 13 Jan 2003 18:16:21 -0700 (MST)] Received: from motorola.com (awhite.arc.corp.mot.com [10.238.80.239]) by homer.arc.corp.mot.com (8.12.2/8.12.2) with ESMTP id h0E1GIEE002390 for ; Tue, 14 Jan 2003 12:16:20 +1100 (EST) Message-ID: <3E2364E2.DF5CF1D7@motorola.com> Date: Tue, 14 Jan 2003 12:16:18 +1100 From: Andrew White Reply-To: awhite@arc.corp.mot.com Organization: Motorola Australia Research Centre X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: IPng Subject: Site locals and filters (on draft-wasserman-ipv6-sl-impact-01.txt) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Margaret's draft highlights three failures of site local addressing... (1) The addresses are unreachable outside of their original context. (2) The addresses may overlap other private address spaces, creating ambiguity. However, it seems to me that #1 is not specific to site local addresses. Instead, it applies to ANY address that is not practically globally routable. What do I mean by "practically globally routable?" That not only is it allowed to be globally routeable, but that there's not a filter somewhere on the way to the default free zone that will kill it. This is an address's 'practical scope' - the area of the internet that it could reasonably apply to. Once we start handing out addresses whose practical scope is less than global, we either need proxies (eg NAT) or multi-homing. Few to none of the limited scope or multi-homing problems are specific to site locals. In fact, site locals have a slight advantage in a multi-homing situation in that they promise that they do not have global scope, and thus may be singled out by address selection algorithms. To my eye, ambiguity problems manifest themselves in three main situations. - Addresses used in the wrong context may arrive at an unintended network or machine. - Reverse name lookups don't work globally scoped ambiguous addresses. - Site border nodes. The IPv6 machine ID helps reduce the likelihood of a misdirected connection actually arriving on an interface (rather than just timing out). Beyond that, it's up to an application to decide whether it wants to consider the failure case where TCP/IP connection is successful but then the machine fails to authenticate itself. Note that this same problem could occur for a variety of other reasons that ambiguous addresses (deliberate spoofing, bad DNS entries, other network configuration problems). Proper reverse name lookups rely on sites using site locals correctly configuring their internal DNS. Forward lookup issues can be trivially solved by putting internal addresses in a localised namespace. Site border nodes are always going to be problematic. Logical partitioning, as in Bob Hinden's draft or Hiroki Ishibashi's implementation, and refusing to allow sites to 'overlap' seems to be an effective way of avoiding these problems. I feel the correct conclusion from Margaret's draft is that there are a number of issues that people using addresses with "site" based practical scope should be aware of. However, that people WILL use firewalls and address filters as one part of security management seems inevitable. Thus it's a useful summary of "these things may break, understand the issues". But despite the title, site-local addresses are only one example of a broader category of addresses that these problems apply to. Site locals as currently specified do add additional issues for architecture (DNS and SBRs) if not correctly managed. However, at the client and application level, most site-local alternatives suggested here (everything except fully provider independent routed addresses, without address-based filtering) fall foul of the same problems as site local addresses themselves. -- Andrew White Andrew.E.White@motorola.com -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 14 07:06:42 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0EF6f16002976; Tue, 14 Jan 2003 07:06:42 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0EF6fCR002975; Tue, 14 Jan 2003 07:06:41 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0EF6b16002968 for ; Tue, 14 Jan 2003 07:06:37 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0EF6k4w017590 for ; Tue, 14 Jan 2003 07:06:47 -0800 (PST) Received: from swan.mail.pas.earthlink.net (swan.mail.pas.earthlink.net [207.217.120.123]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id HAA03763 for ; Tue, 14 Jan 2003 07:06:41 -0800 (PST) Received: from user-119b1dm.biz.mindspring.com ([66.149.133.182] helo=envy.indecency.org) by swan.mail.pas.earthlink.net with smtp (Exim 3.33 #1) id 18YSeA-0001w6-00; Tue, 14 Jan 2003 07:06:34 -0800 Date: Tue, 14 Jan 2003 10:03:23 -0500 From: Keith Moore To: awhite@arc.corp.mot.com Cc: moore@cs.utk.edu, Andrew.E.White@motorola.com, ipng@sunroof.eng.sun.com Subject: Re: Site locals and filters (on draft-wasserman-ipv6-sl-impact-01.txt) Message-Id: <20030114100323.2343fdff.moore@cs.utk.edu> In-Reply-To: <3E2364E2.DF5CF1D7@motorola.com> References: <3E2364E2.DF5CF1D7@motorola.com> X-Mailer: Sylpheed version 0.8.8claws (GTK+ 1.2.10; i386--netbsdelf) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk > Once we start handing out addresses whose practical scope is less than > global, we either need proxies (eg NAT) or multi-homing. I disagree. One reason I disagree is that when we make global addresses unreachable, this is usually done because policy dictates that those hosts not be reachable from some portions of the net. Allowing those hosts to be reachable by NAT or via other addresses would circumvent such policies. Another reason I disagree is that from an architectural standpoint it is better to have fewer addresses for a host and expect the network to filter out traffic that is not permitted by policy, than it is to have more addresses for a host and expect applications to choose the correct addresses. The former strategy is both simpler to implement consistently in the network, and easier to support in applications. > Few to none of the > limited scope or multi-homing problems are specific to site locals. In > fact, site locals have a slight advantage in a multi-homing situation in > that they promise that they do not have global scope, and thus may be > singled out by address selection algorithms. This doesn't help, because the application rarely cares about whether an address has global scope - what it cares about is whether the address is reachable by itself or its peers. Since the application is generally unaware of the scopes to which its peers have access, there is no way that it can know whether a global address or a scoped address is better for its peers. What does work is to have a single address for each of its peers, and to expect the network to route traffic there if policy and conditions permit. This separation of function is fundamental to the Internet architecture - the network, not the application, is responsible for routing. > But despite the title, site-local addresses are only one example of a > broader category of addresses that these problems apply to. Well, there are multiple categories that SLs fit into, ranging from "scoped addresses" to "potentially unreachable addresses" to "IP addresses" and beyond. And there are problems associated with all of these. But if you are trying to say that all of the problems with SLs also exist with these other categories, you are simply wrong. Even creating an additional category of scoped addresses (beyond link local) introduces more problems than we would have with just link local addresses. > Site locals as > currently specified do add additional issues for architecture (DNS and SBRs) > if not correctly managed. One question is whether the burden of "correctly" managing SLs is worth the gain. Or perhaps the "correct" way to manage SLs is to not use them at all in connected networks. > However, at the client and application level, > most site-local alternatives suggested here (everything except fully > provider independent routed addresses, without address-based filtering) fall > foul of the same problems as site local addresses themselves. That's true only if you ignore the additional problems that scoped addresses create for applications. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 14 08:29:47 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0EGTl16003450; Tue, 14 Jan 2003 08:29:47 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0EGTlFt003449; Tue, 14 Jan 2003 08:29:47 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0EGTi16003442 for ; Tue, 14 Jan 2003 08:29:44 -0800 (PST) Received: from kathmandu.sun.com (kathmandu.Central.Sun.COM [129.147.5.36]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0EGTr4w007071 for ; Tue, 14 Jan 2003 08:29:53 -0800 (PST) Received: from d12lmsgate-3.de.ibm.com (d12lmsgate-3.de.ibm.com [194.196.100.236]) by kathmandu.sun.com (8.9.3+Sun/8.9.3) with ESMTP id JAA22227 for ; Tue, 14 Jan 2003 09:29:46 -0700 (MST) Received: from d12relay02.de.ibm.com (d12relay02.de.ibm.com [9.165.215.23]) by d12lmsgate-3.de.ibm.com (8.12.3/8.12.3) with ESMTP id h0EGTgwX031688; Tue, 14 Jan 2003 17:29:42 +0100 Received: from etzel.zurich.ibm.com (etzel.zurich.ibm.com [9.4.64.140]) by d12relay02.de.ibm.com (8.12.3/NCO/VER6.4) with SMTP id h0EGTgmZ165766; Tue, 14 Jan 2003 17:29:42 +0100 Received: from lig32-225-250-121.us.lig-dial.ibm.com by etzel.zurich.ibm.com (AIX 4.3/UCB 5.64/4.03) id AA29496 from ; Tue, 14 Jan 2003 17:29:32 +0100 Message-Id: <3E2436D9.961A107B@hursley.ibm.com> Date: Tue, 14 Jan 2003 17:12:09 +0100 From: Brian E Carpenter Organization: IBM X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U) X-Accept-Language: en,fr,de Mime-Version: 1.0 To: Thomas Narten Cc: jarno.rajahalme@nokia.com, ipng@sunroof.eng.sun.com Subject: Re: I-D ACTION:draft-ietf-ipv6-flow-label-04.txt References: <200301101636.h0AGaxc09763@rotala.raleigh.ibm.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk below... Thomas Narten wrote: > > Brian E Carpenter writes: > > > Thomas Narten wrote: > > > > > > I reviewed the revised document today. Speaking as an individual, here > > > is my reaction: > > > > > > > Abstract > > > > > > > > This document specifies the IPv6 Flow Label field, the requirements > > > > for IPv6 source nodes labeling flows, and the requirements for flow > > > > state establishment methods. > > > > > > Note: what I would expect this draft to describe is: > > > > > > 1) what arbitrary source nodes should do with the flow label. > > > 2) what routers should do with the flow label. > > > > > > The document appears to do 1), but 2) is omitted from the document. Is > > > this OK? > > > IMHO, it's not only OK, it is essential at this stage. There are a number > > of use cases for the flow label - if I even enumerated them here, they > > are controversial enough to start a flame war. The draft has been very > > carefully limited to *avoid* assuming any particular use case. It serves > > two purposes, in my view: > > -- setting globally applicable boundary conditions on what a sending > > host may and may not do; > > -- making it clear that intermediate systems may use the flow label > > for packet classification purposes (which means, in particular, > > that ASIC and network processor designers know that they should > > include the flow label in the fields potentially used by > > classifiers). > > Going beyond this point would take us back into the controversy we > > had on this list a year or so ago. So, to repeat, it would *not* > > be OK to attempt to specify what routers should do with the flow > > label. > > We may be more in agreement than appears. I agree that usage scenarios > should be left out. What I want to be sure about though is that router > implementors have a clear understanding of what they need to > implement, in order to be able to support flows once specific usages > are defined. (Or, please correct me if this is this not a goal here.) > > I.e., folks doing hardware today want to know what they are supposed > to do with the Flow Label. They don't want to find themselves later > down the road saying "oops" our hardware can't support that because we > didn't know that's how flows were defined. > > It may well be that all that needs to be said is that a flow is > defined by the three tuple, and that implementations need to classify > based on the tuple. Rather, they need to be *capable* of classifying based on the 3tuple. I'd be happy to see this added. > ...What is done to packets that belong to a > particular flow is future work. But the definition of how the > classification is to be done seems important to nail down now. IMO, > the current wording about this could be more clear. But if hardware > folk feel like the current words are sufficiently clear on this, I'm > OK too. > > My assumption is that this document is trying to say that classifiers > need to map the three-tuple into a "flow". Or am I wrong? Is the > document not even wanting to go this far? That's the implication, given the definition of a flow at the beginning of the document. My personal preference is not to say this, since it's a direct implication and I prefer fewer words, but it's for the WG to say. > > > > I.e., I thought the main reason to specify the flow label is > > > so that current implementations can do something sensible with the > > > flow label. Is there enough guidance for router implementors (e.g., > > > those doing hardware) to add useful support for the flow label? I'm > > > not sure, but would like to hear from such implementors. > > > As I said, there are multiple use cases and IMHO we should get this > > document out and then let the QOS community (not the IPv6 community) > > work on those use cases. Time will tell which ones succeed. > > If the point is that how packets of a specific flow are to be > processed needs to be defered to future work, I agree. But if this > also relates to the definition of which packets belong to which flow, > I wonder whether this document achieves anything useful in practice. Well, it's my assertion that the definition of exactly what belongs to a flow *is* use-case dependent, and that we can't say more than the -04 draft says. This is after all a network layer WG and flows are a transport layer (or above) concept. > > > > > 2. IPv6 Flow Label Specification > > > > > > > > The 20-bit Flow Label field in the IPv6 header [IPv6] SHOULD be used > > > > by a source to label packets of a flow. A non-zero Flow Label > > > > > > Note: I don't think the SHOULD/MUST usage in this document is always > > > helpful or even correct. It would make sense to go read the defintions > > > in RFC 2119 as cited. > > > This does mean SHOULD in the 2119 sense - hosts need a valid reason for not > > doing it. > > > > > > This document defines a flow as the three tuple. No "SHOULD" about > > > it. If a source wants to label a flow, it does so by setting the flow > > > label. A better wording would be something like: > > > > > > Flows in IPv6 identified by the tuple of the 20-bit Flow Label, > > > the IP source address, and the IP destination address in the IPv6 > > > header. > > > No. We want to say that hosts SHOULD label flows. (Rationale: it's > > only by this becoming the norm that the flow label can become an effective > > tool. If only 1% of traffic is labelled, there is no benefit.) > > Pekka said exactly what I would say here. > > > > > The packet MAY be given some flow-specific treatment based on the > > > > flow state established on a set of IPv6 nodes. The nature of the > > > > > > MAY here seems odd too. Again, read the definition of MAY. It suggests > > > that an implementation may decide it makes sense to do something in > > > certain circumstances. But what I think the document is trying to say > > > here is that flow-specific processing is done by entities that have > > > been directed to do so. This is not an implementation choice in the > > > "MAY" sense. It has more to do whether a device implements flows and > > > then whether there is appropriate flow-state. Suggested reword: > > > > > > The packet will be processed in a flow-specific manner by those > > > nodes that have special processing enabled for packets belonging > > > to a particular flow. > > > Agreed, or simply use lower case "may". > > agreed too. > > > > > > > Actually, the entire paragraph might be better as: > > > > > > IPv6 flows are defined by the tuple of the 20-bit Flow Label, the > > > IP source address, and the IP destination address in the IPv6 > > > header. Packet classifiers use the tuple to identify which flow a > > > particular packet belongs to. Packets will be processed in a > > > flow-specific manner by those nodes that have special processing > > > enabled for packets belonging to a particular flow. A Flow Label > > > of zero indicates an unlabelled packet that is given no special > > > treatment. The nature of the specific treatment and the methods > > > for the flow state establishment are beyond the scope of this > > > specification. > > > Well, I think we want the SHOULD in there. We mean it. > > Make the "SHOULD implement" a separate point from the definition > itself then. And have it refer specifically (for hosts) that they > SHOULD label outgoing packets. That is what I think we are aiming for. Agreed > > > > > Nodes keeping dynamic flow state MUST NOT assume packets arriving 60 > > > > seconds or more after the previous packet of a flow still belong to > > > > the same flow, unless a flow state establishment method in use > > > > defines a longer flow state lifetime or the flow state has been > > > > explicitly refreshed within the lifetime duration. > > > > > > I'm not entirely comfortable with the above wording. It seems to me, > > > > that any node making assumptions about flow values *needs* a flow > > > setup mechanism to go along with it. But if there is such a mechanism, > > > that mechanism can communicate appropriate timer values for timing out > > > state (and the above words are not needed). If there is no such > > > mechanism, what sort of flow-specific processing should assume that a > > > gap of 60 seconds implies a reset in the flow? > > > We don't know, and 60 seconds is a compromise value anyway. But there > > seemed to be WG consensus that a default timeout is needed, since > > otherwise we are licensing implementors to create hard state. The authors > > have been round and round this many times, and this was the best we > > could come up with. (more comment on this below) > > Well, I have a basic problem with a default timeout of 60 > seconds. Heck, a temporary routing glitch can cause a loss of traffic > for 60 seconds, yet the TCP sesssion doesn't go away that quickly. So > 60 seconds seem like a rather odd compromise value. Seems too short to > me. See below > > > > What problem is the above wording intended to address? > > > Use cases that nobody has thought of yet. > > I don't understand this answer. If a router does something > flow-specfic for flow X, but then sees no traffic for 60 seconds, the > implication now is that it shouldn't give flow X the same treatement > it was just giving it just 60 seconds ago. If we say N seconds instead of 60, that is exactly the implication - in other words flow state should be soft state. Are you objecting to that, or to the choice N=60? > > I do remember some discussion on this in the past. But I still don't > feel like I understand the rational. Can someone please summarize or > point me back to a previous thread? I don't recall whether this was email or f2f discussion, but I agree we've been round this before. Not sure there was any conclusion. > > > > > If an IPv6 node is not providing flow-specific treatment, it MUST > > > > ignore the field when receiving or forwarding a packet. > > > > > > Such a node is presumably not implementing this spec, in which case > > > the words seem superfluous... Delete? > > > You're too logical :-) But I think this forbids attempts to abuse > > the label as a covert signalling channel, or otherwise use it for > > an unintended purpose. So I'd vote for keeping the sentence, but > > I don't feel strongly. > > Not a show stopper to leave in... Or to remove, for me. > > > > > 3. Flow Labeling Requirements > > > > > > > > To enable Flow Label based classification, sources SHOULD assign each > > > > unrelated transport connection and application data stream to a new > > > > flow. The source MAY also take part in flow state establishment > > > > methods that result in assigning certain packets to specific flows. A > > > > source which does not assign traffic to flows MUST set the Flow Label > > > > to zero. > > > > > > I find the above a bit muddled and incomplete. Here is an attempt at > > > clarifying: > > > I object. Your text starts to hint at use cases. I think we should > > absolutely avoid that, and restrict ourselves strictly to setting > > boundary conditions on senders. Also, we agreed earlier to take out > > all the stuff on APIs and picking flow label values. That was part > > of the Grand Simplification of the draft. So I don't agree that the > > paragraph is incomplete with respect to the goals of this document. > > Part of my concern with the current text is it says hosts SHOULD set > the flow-label for each Application-level stream. I assume, however, > that this document is aimed at the IP stack, not at individual > applications. I.e., how will someone who implements the stack be able > to use different flow labels for different application stream without > help from the application? Seems like some sort of wording about this > would be good. I'm not saying it even needs to be normative (it > probably shouldn't be). But maybe some guidance. The existing wording > seems a bit incomplete and the issues here seem more complex. Yes, and I think that is the same point as needing to mention authorization issues under security. Who has the right to QOS is an authzn issue and this is just a subset of that problem. > > > > > A source node MUST keep track of the Flow Label values it is > > > > currently using or has recently used. > > > > > > Mumble. the above comes across as a restrictive requirement rather > > > than focusing on the key requirement to fulfill. > > > Yes, we can replace MUST by "needs to". > > ok. But that alone doesn't fix the issue. Just saying it "needs to > keep track of" doesn't focus on the "why". I think the document would > be better off saying what fundamental principal an implementation > needs to be sure to not violate. In this case, it's not reusing the > same flow label too quickly, including across reboots. I agree that > mandating how an implementation does is beyond the scope of the > document. OK, we could certainly add a sentence about that (assuming we agree that the basic model is soft-state). > > Note: an implementation doesn't need to keep track of which flow IDs > it has recently used (as the current words say). It simply needs to > ensure that it doesn't reuse any that have been reused recently. There > is a subtle difference. I.e., one doesn't need to keep track of *each* > flow one has recently used. One can aggregate that information. > > Here's a slightly less delta-ish proposal relative to the current > text: > > A source node MUST ensure that it does not reuse Flow Label values > it is currently using or has recently used when creating new > flows. Flow Label values previously used with a specific pair of > source and destination addresses MUST NOT be assigned to new flows > with the same address pair within 60 seconds of the termination of > the previous flow. If the previous flow had a lifetime longer than > the default 60 seconds, a quarantine period of at least the length > of the lifetime MUST be observed before reusing that Flow Label. OK by me > > Note: this last sentence seems hard to achieve. it suggests that if a > future flow establishment method uses longer lifetimes, the stack will > have to be retrofitted to figure out somehow not to reuse those flow > label values for the longer period. I suspect that future uses of the > flow label (i.e., the signalling partz) may well be implemented > separately from the base IP stack Flow Label support, and it may not > be possible for the signalling to ensure the quarantine behavior. Well, at the least it would require the quarantine time to be a parameter in some API. But we don't really want to go there in this document. > > The requirement of not reusing a Flow Label value for a new flow with > the same pair of source and destination addresses extends across > source node crashes and reboots. > > Text OK up to here. > > but, for the rest: > > To avoid accidental Flow Label value > reuse, the source node SHOULD use a different initial value for Flow > Label assignments after a reboot. The initial value could be randomly > generated, or computed from a previous value stored in non-volatile > memory. > > I think the above text is not really good enough. It makes some > unstated assumptions about how things are implemented. It either needs > more text, or should just be deleted. I guess my attempt at > replacement wasn't successful. I'd be happy to delete it, and leave it as an exercise for the implementor. > > > As noted, 60 seconds is a compromise. We looked at values anywhere between > > 10 and 600 seconds. There is no right answer, but 60 seems as good as > > we could get. (10 seemed too short for a slow TCP stream, and 600 seemed > > far too long, despite being the TCP timeout.) > > > Wording suggestions? > > Again, it seems like it should be at least as long as TCP timeouts. I > don't think you want the flow state to be reclaimed just because of > temporary network outages. My original suggestion was 600s. The objection is that this means that after a crash/reboot, no flow labels can be allocated for 10 minutes, if you are logical and use the same timeout everywhere. That's where the suggested compromise on a shorter time came from. I think there is no right answer here, unfortunately. At least, I'm wedged on it. > > > > > The requirement of not reusing a Flow Label value for a new flow with > > > > the same pair of source and destination addresses extends across > > > > source node crashes and reboots. To avoid accidental Flow Label value > > > > reuse, the source node SHOULD use a different initial value for Flow > > > > Label assignments after a reboot. The initial value could be randomly > > > > generated, or computed from a previous value stored in non-volatile > > > > memory. > > > > > > Suggested rewording: > > > > > > A source node should not reuse a particular Flow Label for a > > > different flow until it is sure that any flow-specific state on > > > other nodes has timed out or been appropriately updated. In > > > particular, if a node reboots, it may lose track of which Flow > > > Label values it has used recently, and pick the same > > > ones. Implementations MUST ensure that they don't reuse Flow Labels > > > too quickly. The problem here is analagous to picking initial > > > sequence numbers when opening TCP connections after a > > > restart. There are number of ways to avoid reuse. One approach is > > > to have new Flow Label values be chosen in some well-defined order > > > (e.g., sequentially, a pseudo-random sequence, etc.). Upon a system > > > restart, the initial value could be randomly generated, or computed > > > from a previous value stored in non-volatile memory. > > > Again, we removed some such text in the recent simplification of > > the document. Do you really think we should start re-complicating? > > The document should be absolutely clear on what the requirement is. It > also seems reasonable to provide some guidance on how to achieve the > requirement, though in a non-normative fashion. This is because folks > will wonder how one can implement the requirement if they have no > stable storage or a very small footprint. I think it was Rob who > pointed out a long while back that there were similarities here with > generating TCP initial sequence numbers across reboots. Absolutely, with same issues for low-end devices. Again, there seems to be no right answer. (BTW I don't have any problems with your text, but we need guidance from the WG about whether to add it.) > > > > > 4. Flow State Establishment Requirements > > > > > > > > To enable flow-specific treatment, flow state needs to be established > > > > on all or a subset of the IPv6 nodes on the path from the source to > > > > the destination(s). The methods for the state establishment, as well > > > > as the models for flow-specific treatment will be defined in separate > > > > specifications. > > > > > > > > To enable co-existence of different methods in IPv6 nodes, the > > > > methods MUST meet the following basic requirements: > > > > > > > > (1) The method MUST provide the means for flow state clean-up from > > > > the IPv6 nodes providing the flow-specific treatment. Signaling > > > > based methods where the source node is involved are free to > > > > specify flow state lifetimes longer than the default 60 seconds. > > > > > > > > (2) Flow state establishment methods MUST be able to recover from > > > > the case where the requested flow state cannot be supported. > > > > > > I'm not sure what purpose the above provides. I guess its mostly > > > harmless, but it strikes me as being pretty obvious, and I wonder if > > > these are the only real issues to think about. I.e., is this section > > > complete? If not, do we need it? > > > It stops here, once again, to avoid getting into specific use cases. But > > we did feel these were necessary to avoid future flow-state mechanisms > > interfering with each other. Does that make sense? > > I can live with the text. > > > > > Security Considerations > > > > > > > > The use of the Flow Label field enables flow classification also in > > > > the presence of encryption of IPv6 payloads. This allows the > > > > transport header values to remain confidential, which may lessen the > > > > possibilities for some forms of traffic analysis. However, the > > > > labeling of flows defined in this specification may reveal some > > > > structure of communications otherwise concealed by transport mode > > > > > > Seems like more could be said here. If use of the flow label allows > > > special treatment of traffic, aren't there possible theft of service > > > issues? Or DOS issues, if someone generates traffic trying to > > > overwhelm a particular flow? What about authorization? Can anyone set > > > up flows? Are there requirements or issues here that should be > > > mentioned in Section 4? This section seems a bit incomplete. > > > Since flow labels are not protected by IPSEC-AH, they can be forged. > > We should probably state this. However, since the flow is actually > > identified by the {srce, dest, label} triplet, the theft of service > > or DOS problem actually requires address spoofing as well as label > > spoofing (and is prevented by ingress filtering). We should probably say > > this. > > My application, when running between the same pair of machines as > yours, might be able to steal bandwidth from your application. This > might be a real issue where one has proxies and other aggregating > devices talking to each other. Yes, hence the need for authorization mechanisms in multiuser hosts, and this definitely needs to be stated. > > My basic point thought when reading the current text, however, was > that from the few words it wasn't clear that a whole lot of thought > had gone into any possible security issues. The writeup seems a bit > superficial. Well, my view is that the issues are quite similar to those with diffserv code points, where we have never found much to write either. Once you accept that the label (like the DSCP) is forgeable, there isn't much more to say, unfortunately. (There is text in both RFC 2474 and 2475, and maybe some if it applies here too.) Theft of QOS certainly deserves work, but the problem is very general and probably not for this document. Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 14 14:22:53 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0EMMr16004738; Tue, 14 Jan 2003 14:22:53 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0EMMq9w004737; Tue, 14 Jan 2003 14:22:52 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail1mpk.Eng.Sun.COM (engmail1mpk [129.146.1.45]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0EMMn16004730 for ; Tue, 14 Jan 2003 14:22:49 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail1mpk.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0EMMngE023792 for ; Tue, 14 Jan 2003 14:22:49 -0800 (PST) Received: from ztxmail04.ztx.compaq.com (ztxmail04.ztx.compaq.com [161.114.1.208]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id OAA12992 for ; Tue, 14 Jan 2003 14:22:43 -0800 (PST) Received: from mailrelay01.cac.cpqcorp.net (mailrelay01.cac.cpqcorp.net [16.47.132.152]) by ztxmail04.ztx.compaq.com (Postfix) with ESMTP id 1EE6B25A6; Tue, 14 Jan 2003 16:22:43 -0600 (CST) Received: from anw.zk3.dec.com (alpha.zk3.dec.com [16.140.128.4]) by mailrelay01.cac.cpqcorp.net (Postfix) with ESMTP id 40F0E5B9; Tue, 14 Jan 2003 14:22:37 -0800 (PST) Received: by anw.zk3.dec.com (8.11.1/1.1.22.2/08Sep98-0251PM) id h0EMMZx0001447597; Tue, 14 Jan 2003 17:22:35 -0500 (EST) Date: Tue, 14 Jan 2003 17:22:35 -0500 (EST) From: Jack McCann Message-Id: <200301142222.h0EMMZx0001447597@anw.zk3.dec.com> To: ipng@sunroof.eng.sun.com, itojun@iijlab.net Subject: Re: draft-ietf-ipngwg-rfc2553bis-10.txt Cc: Jack.McCann@hp.com, Jim.Bound@hp.com, gilligan@cacheflow.com, narten@us.ibm.com, sethomso@cisco.com Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Itojun, > minor nit: > NI_NUMERICSCOPE appears in the text (page 24) but not in section 7. Thanks for catching that. The reference to NI_NUMERICSCOPE on page 24 should be removed, it was part of the stuff that moved to draft-ietf-ipv6-scope-api-00.txt. It may be too late to fix this... - Jack -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Tue Jan 14 19:50:14 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0F3oE16007030; Tue, 14 Jan 2003 19:50:14 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0F3oEdJ007029; Tue, 14 Jan 2003 19:50:14 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0F3oB16007022 for ; Tue, 14 Jan 2003 19:50:11 -0800 (PST) Received: from pheriche.sun.com (pheriche.Central.Sun.COM [129.147.5.34]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0F3oA4w004437 for ; Tue, 14 Jan 2003 19:50:10 -0800 (PST) Received: from daakghar.controlnet.co.in (daakghar.controlnet.co.in [202.54.116.74]) by pheriche.sun.com (8.9.3+Sun/8.9.3) with SMTP id UAA00462 for ; Tue, 14 Jan 2003 20:50:03 -0700 (MST) Received: from digambar ([192.168.4.1]) by dakiya.controlnet.co.in (Netscape Messaging Server 4.15) with ESMTP id H8QLE400.JCO for ; Wed, 15 Jan 2003 09:21:40 +0530 Message-ID: <001301c2bc48$737cef70$e20aa8c0@digambar> From: "Digambar Rasal" To: Subject: Web Server addresses : Unicast , Multicast , Anycast Date: Wed, 15 Jan 2003 09:14:42 +0530 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hi I am developing a Web server , router , load balancers, Gateway and Switch testing software. I have read the RFC reagrding the addressing in IPv6 and I understood that Web servers , routers , load balancers, Gateways and Switches can have either Unicast or Multicast or Anycast address. I am not sure that my interpretation is correct .. So please correct if I am wrong. Regards Digambar Rasal ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Controlnet(India) Pvt Limited Goa India. +91-832-2883601 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 16 04:58:36 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0GCwZ16018593; Thu, 16 Jan 2003 04:58:35 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0GCwZs3018592; Thu, 16 Jan 2003 04:58:35 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0GCwR16018585 for ; Thu, 16 Jan 2003 04:58:27 -0800 (PST) Received: from lukla.Sun.COM (lukla.Central.Sun.COM [129.147.5.31]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0GCwY4w003922 for ; Thu, 16 Jan 2003 04:58:35 -0800 (PST) Received: from c3po.skynet.be (c3po.skynet.be [195.238.3.237]) by lukla.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id FAA11716 for ; Thu, 16 Jan 2003 05:58:27 -0700 (MST) Received: from tsn (106.98-200-80.adsl.skynet.be [80.200.98.106]) by c3po.skynet.be (8.11.6/8.11.6/Skynet-OUT-2.20) with ESMTP id h0GCwOH15062 for ; Thu, 16 Jan 2003 13:58:24 +0100 (MET) (envelope-from ) Message-Id: <200301161258.h0GCwOH15062@c3po.skynet.be> From: "Mario Goebbels" To: Subject: FEC0::/10 or /48? Date: Thu, 16 Jan 2003 13:58:25 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook, Build 11.0.4523 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3718.0 Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hi! I think my question is best answered in this mailing list. When I read books about IPv6, they mention always an 48bit prefix for SL addresses, but reading the archives of this list, the people discuss about a 10bit prefix. Is FEC0::/10 valid now, or still a draft or subject to change and FEC0::/48 still standard? Thanks for your help -mg -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 16 06:56:14 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0GEuE16018874; Thu, 16 Jan 2003 06:56:14 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0GEuE1V018873; Thu, 16 Jan 2003 06:56:14 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0GEuB16018866 for ; Thu, 16 Jan 2003 06:56:11 -0800 (PST) Received: from nwkea-mail-1.sun.com ([192.18.42.13]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0GEuI4w022938 for ; Thu, 16 Jan 2003 06:56:18 -0800 (PST) Received: from mail.wrs.com (unknown-1-11.windriver.com [147.11.1.11]) by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id GAA29173 for ; Thu, 16 Jan 2003 06:56:13 -0800 (PST) Received: from IDLEWYLDE.windriver.com ([147.11.233.20]) by mail.wrs.com (8.9.3/8.9.1) with ESMTP id GAA00190; Thu, 16 Jan 2003 06:55:15 -0800 (PST) Message-Id: <5.1.0.14.2.20030116095403.03b81d60@mail.windriver.com> X-Sender: mrw@mail.windriver.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 16 Jan 2003 09:54:51 -0500 To: "Mario Goebbels" From: Margaret Wasserman Subject: Re: FEC0::/10 or /48? Cc: In-Reply-To: <200301161258.h0GCwOH15062@c3po.skynet.be> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk Hi Mario, The new addressing architecture has been approved for publication as a Draft Standard, and should be published shortly. So, the FECO::/10 is official. Margaret At 01:58 PM 1/16/2003 +0100, Mario Goebbels wrote: >Hi! > >I think my question is best answered in this mailing list. When I read >books about IPv6, they mention always an 48bit prefix for SL addresses, >but reading the archives of this list, the people discuss about a 10bit >prefix. Is FEC0::/10 valid now, or still a draft or subject to change >and FEC0::/48 still standard? > >Thanks for your help > >-mg > >-------------------------------------------------------------------- >IETF IPng Working Group Mailing List >IPng Home Page: http://playground.sun.com/ipng >FTP archive: ftp://playground.sun.com/pub/ipng >Direct all administrative requests to majordomo@sunroof.eng.sun.com >-------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 16 11:44:14 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0GJiD16020465; Thu, 16 Jan 2003 11:44:13 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0GJiD55020464; Thu, 16 Jan 2003 11:44:13 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0GJiA16020457 for ; Thu, 16 Jan 2003 11:44:10 -0800 (PST) Received: from patan.sun.com (patan.Central.Sun.COM [129.147.5.43]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0GJiH4w014212 for ; Thu, 16 Jan 2003 11:44:18 -0800 (PST) Received: from mailhost.iprg.nokia.com (mailhost.iprg.nokia.com [205.226.5.12]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id MAA08319 for ; Thu, 16 Jan 2003 12:44:12 -0700 (MST) Received: from darkstar.iprg.nokia.com (darkstar.iprg.nokia.com [205.226.5.69]) by mailhost.iprg.nokia.com (8.9.3/8.9.3-GLGS) with ESMTP id LAA27469; Thu, 16 Jan 2003 11:44:11 -0800 (PST) Received: (from root@localhost) by darkstar.iprg.nokia.com (8.11.0/8.11.0-DARKSTAR) id h0GJiBP31707; Thu, 16 Jan 2003 11:44:11 -0800 X-mProtect: <200301161944> Nokia Silicon Valley Messaging Protection Received: from UNKNOWN (4.22.78.99, claiming to be "spruce.iprg.nokia.com") by darkstar.iprg.nokia.com smtpd6sYj5N; Thu, 16 Jan 2003 11:44:09 PST Message-Id: <4.3.2.7.2.20030116113012.033b1ef8@mailhost.iprg.nokia.com> X-Sender: (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Thu, 16 Jan 2003 11:43:47 -0800 To: ipng@sunroof.eng.sun.com From: Bob Hinden & Margaret Wasserman Subject: IPv6 w.g. Last Call on "A Flexible Method for Managing the Assignment of Bytes of an IPv6 Address Block" Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk This is a IPv6 working group last call for comments on advancing the following document as an Informational RFC: Title : A Flexible Method for Managing the Assignment of Bits of an IPv6 Address Block Author(s) : M. Blanchet Filename : draft-ietf-ipv6-ipaddressassign-06.txt Pages : 8 Date : 2003-1-6 Please send substantive comments to the ipng mailing list, and minor editorial comments to the authors. This last call period will on January 30, 2003. Bob Hinden / Margaret Wasserman -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 16 11:54:57 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0GJsu16020602; Thu, 16 Jan 2003 11:54:56 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0GJsuTk020601; Thu, 16 Jan 2003 11:54:56 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0GJsr16020594 for ; Thu, 16 Jan 2003 11:54:53 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0GJt14w017553 for ; Thu, 16 Jan 2003 11:55:01 -0800 (PST) Received: from mailhost.iprg.nokia.com (mailhost.iprg.nokia.com [205.226.5.12]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id LAA04121 for ; Thu, 16 Jan 2003 11:54:55 -0800 (PST) Received: from darkstar.iprg.nokia.com (darkstar.iprg.nokia.com [205.226.5.69]) by mailhost.iprg.nokia.com (8.9.3/8.9.3-GLGS) with ESMTP id LAA27790; Thu, 16 Jan 2003 11:54:55 -0800 (PST) Received: (from root@localhost) by darkstar.iprg.nokia.com (8.11.0/8.11.0-DARKSTAR) id h0GJssw06229; Thu, 16 Jan 2003 11:54:54 -0800 X-mProtect: <200301161954> Nokia Silicon Valley Messaging Protection Received: from UNKNOWN (4.22.78.99, claiming to be "spruce.iprg.nokia.com") by darkstar.iprg.nokia.com smtpdEafOFX; Thu, 16 Jan 2003 11:54:51 PST Message-Id: <4.3.2.7.2.20030116115004.033ad280@mailhost.iprg.nokia.com> X-Sender: hinden@mailhost.iprg.nokia.com X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Thu, 16 Jan 2003 11:54:15 -0800 To: ipng@sunroof.eng.sun.com From: Bob Hinden Subject: IPv6 w.g. Last Call on "IP Forwarding Table MIB" Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk This is a IPv6 working group last call for comments on advancing the following document as a Proposed Standard: Title : IP Forwarding Table MIB Author(s) : M. Wasserman Filename : draft-ietf-ipv6-rfc2096-update-02.txt Pages : 30 Date : 2002-11-7 Please send substantive comments to the ipng mailing list, and minor editorial comments to the document editor. This last call period will end on January 30, 2003. Bob Hinden -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 16 22:52:35 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0H6qZ16022977; Thu, 16 Jan 2003 22:52:35 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0H6qYYt022976; Thu, 16 Jan 2003 22:52:34 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0H6qV16022969 for ; Thu, 16 Jan 2003 22:52:31 -0800 (PST) Received: from nwkea-mail-2.sun.com ([192.18.42.14]) by engmail2sun.Eng.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h0H6qd4w024991 for ; Thu, 16 Jan 2003 22:52:39 -0800 (PST) Received: from netcore.fi (netcore.fi [193.94.160.1]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id WAA27292 for ; Thu, 16 Jan 2003 22:52:33 -0800 (PST) Received: from localhost (pekkas@localhost) by netcore.fi (8.11.6/8.11.6) with ESMTP id h0H6qTL16932; Fri, 17 Jan 2003 08:52:29 +0200 Date: Fri, 17 Jan 2003 08:52:28 +0200 (EET) From: Pekka Savola To: Bob Hinden cc: ipng@sunroof.eng.sun.com Subject: Re: IPv6 w.g. Last Call on "IP Forwarding Table MIB" In-Reply-To: <4.3.2.7.2.20030116115004.033ad280@mailhost.iprg.nokia.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ipng@sunroof.eng.sun.com Precedence: bulk On Thu, 16 Jan 2003, Bob Hinden wrote: > This is a IPv6 working group last call for comments on advancing the > following document as a Proposed Standard: "Advancing as a Proposed Standard"? I assume you didn't mean DS because I'm not sure how widely that is implemented yet, but rather "publish it as PS" ? > Title : IP Forwarding Table MIB > Author(s) : M. Wasserman > Filename : draft-ietf-ipv6-rfc2096-update-02.txt > Pages : 30 > Date : 2002-11-7 > > Please send substantive comments to the ipng mailing list, and minor > editorial comments to the document editor. This last call period will end > on January 30, 2003. > > Bob Hinden > > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to majordomo@sunroof.eng.sun.com > -------------------------------------------------------------------- > -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com -------------------------------------------------------------------- From owner-ipng@sunroof.eng.sun.com Thu Jan 16 22:58:47 2003 Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0H6wk16023043; Thu, 16 Jan 2003 22:58:46 -0800 (PST) Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7/Submit) id h0H6wkCZ023042; Thu, 16 Jan 2003 22:58:46 -0800 (PST) X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ipng@sunroof.eng.sun.com using -f Received: from engmail2sun.Eng.Sun.COM (engmail2sun [129.144.134.19]) by sunroof.eng.sun.com (8.12.7+Sun/8.12.7) with ESMTP id h0H6wh16023035 for