Re: [6lowpan] ND Short Address Collisions
"Samita Chakrabarti" <samitac@ipinfusion.com> Wed, 25 August 2010 22:17 UTC
Return-Path: <samitac@ipinfusion.com>
X-Original-To: 6lowpan@core3.amsl.com
Delivered-To: 6lowpan@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1E1703A6A15 for <6lowpan@core3.amsl.com>; Wed, 25 Aug 2010 15:17:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EGJkNoDkK3pS for <6lowpan@core3.amsl.com>; Wed, 25 Aug 2010 15:17:32 -0700 (PDT)
Received: from smtp101.sbc.mail.mud.yahoo.com (smtp101.sbc.mail.mud.yahoo.com [68.142.198.200]) by core3.amsl.com (Postfix) with SMTP id 6DE503A6801 for <6lowpan@ietf.org>; Wed, 25 Aug 2010 15:17:32 -0700 (PDT)
Received: (qmail 55981 invoked from network); 25 Aug 2010 22:18:05 -0000
Received: from samitacD630 (samitac@65.223.109.250 with login) by smtp101.sbc.mail.mud.yahoo.com with SMTP; 25 Aug 2010 15:18:04 -0700 PDT
X-Yahoo-SMTP: 2TubM6mswBDzS84mnP14_Gq9MWTFqPrD9YAsl.JSPFAWkA--
X-YMail-OSG: aqPho_YVM1nAZqvpkFwkh7qO2psUZgOM1vxuHpKUCIb.ldz pBhdUMW8bo5RNWdMjBpPW18PWkMHffNGJhvCw5GIaJJAJqbvzRxmSJly3.8v aD67nNRvjpUH0t5.ILmBPH0p39EyRhTJ.F8yETVIAkI2RoPdw4kNHJWu_Rrp VNBTVu19fZ2FgO086.Dp68wIUktmS6I3zby8AEp8Vbt3.jQ_JBBsv6dghZKn 4CENgDXmSafsuFJOAYnP_sLurd8Jb5a5Arccu8mjTY9lcrV9QArCL6GAkWHf N
X-Yahoo-Newman-Property: ymail-3
From: Samita Chakrabarti <samitac@ipinfusion.com>
To: 'Colin O'Flynn' <coflynn@newae.com>
References: <008701cb3e48$02545600$06fd0200$@com> <4C6B1FBE.7010202@exegin.com> <4C6B66DD.90201@gridmerge.com> <9DBCA7064887354B8452109E68616DE60194BFF9@zuk35exm20.fsl.freescale.net> <003001cb4126$58e8b700$0aba2500$@com> <4BF5DAE1-BA57-419E-938D-A7490E49645A@tzi.org>
In-Reply-To: <4BF5DAE1-BA57-419E-938D-A7490E49645A@tzi.org>
Date: Wed, 25 Aug 2010 15:18:04 -0700
Message-ID: <00a601cb44a3$63d93b50$2b8bb1f0$@com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: ActC9pPYPnBQwh4lS8y+sorgBwWv+QBpbrSQ
Content-Language: en-us
Cc: 'Carsten Bormann' <cabo@tzi.org>, '6lowpan 6lowpan' <6lowpan@ietf.org>
Subject: Re: [6lowpan] ND Short Address Collisions
X-BeenThere: 6lowpan@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Working group discussion for IPv6 over LowPan networks <6lowpan.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/6lowpan>, <mailto:6lowpan-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/6lowpan>
List-Post: <mailto:6lowpan@ietf.org>
List-Help: <mailto:6lowpan-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lowpan>, <mailto:6lowpan-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Aug 2010 22:17:40 -0000
Hi Colin and all, We have been discussing the short address and duplicate MAC address implementation issues for a while. The similar problem may happen in IPv6 today during DAD phase. My understanding is that Neighbor discovery protects the hosts from having duplicate IP-addresses while we are discussing the corner case of how to solve duplicate MAC address via 6lowpan-ND. Please note that 6lowpan-ND assumes that link is secure and each host possesses EUI-64 unique number for its interface. Thus if one turns on short MAC address (16bit MAC) feature which is not guaranteed to be unique, it is very logical to assume that uniqueness of such MAC address would be verified at the link-level during the bootstrap by checking with a network-wide authentication server or via DHCP service. ND-12 updates section 8.2 with the following text: " For the synchronous multihop DAD the 6LR performs some additional checks to ensure that it has a Neighbor Cache entry it can use to respond to the host when it receives a response from a 6LBR. This consists of checking for an already existing (Tentative or Registered) Neighbor Cache entry for the registered address with a different EUI-64. If such a Registered NCE exists, then the 6LR SHOULD respond that the address is a duplicate. If such a Tentative NCE exists, then the 6LR SHOULD silently ignore the ARO thereby relying on the host retransmitting the ARO." The IETF draft will define specification in general case, but it will not provide specification for each implementation in a specific standard development organization. By using GP16 addresses, ZigBee can specify additional constraints upon using 6lowpan-nd for deployment. But it does not require change in the IETF document. Please understand this difference. Zach provided some examples as to how to support GP16 addresses in ND phase on the mailing list. In later version, we can add one of those examples in the Appendix section of the document to clarify usage in short MAC address cases, if that is helpful for ZigBee IP implementation. Please see below. These are some of my personal comments. > -----Original Message----- > From: 6lowpan-bounces@ietf.org [mailto:6lowpan-bounces@ietf.org] On Behalf > Of Carsten Bormann > Sent: Monday, August 23, 2010 12:10 PM > To: Colin O'Flynn > Cc: 6lowpan 6lowpan > Subject: Re: [6lowpan] ND Short Address Collisions > > On Aug 21, 2010, at 13:45, Colin O'Flynn wrote: > > > putting in 6lowpan-ND that you must send from an address based on the EUI- > 64 > [SC>] Originally we had the restriction of EUI-64-based address support only. ND-simple and other previous version of 6lowpan-nd. But we relaxed that to support other types of addresses [ as mentioned by Carsten below] and ofcourse GP16 addresses. But we still require a EUI-64 bit unique number to identify an interface uniquely in ARO. In terms of SLLAO, we require SLLAO to be provided with NS because no state or NCE is created before then. This is done for maintaining generality of implementations and for double checking the uniqueness of link-layer addresses for the requested address registration. Also note that 6lowpan-nd allows a tentative NCE after receiving RS, but there is a timeout. Thanks, -Samita From: 6lowpan-bounces@ietf.org [mailto:6lowpan-bounces@ietf.org] On Behalf Of Colin O'Flynn Sent: Saturday, August 21, 2010 4:45 AM To: 'Westergreen Mads-MWEST2'; robert.cragie@gridmerge.com; 'Dario Tedeschi' Cc: 6lowpan@ietf.org Subject: Re: [6lowpan] ND Short Address Collisions Hello, Would there be support for putting in 6lowpan-ND that you must send from an address based on the EUI-64 instead of anticipated 16-bit address? I think it is more consistent with what is already in 6lowpan-ND. Consider the following: >From the assumptions section of 6lowpan-ND, we have: o EUI-64s are globally unique. o All nodes in the LLN have an EUI-64 interface identifier in order to do address auto-configuration and detect duplicate addresses. Thus 6lowpan-ND is already assuming we have a link-local address based on an EUI-64. Based on those two assumptions you could greatly simplify processing of NA by performing the following when you receive a NA message: [1] Is the EUI-64 my address? If so skip to general processing (not shown here) [2] Am I a 6LR? If so continue to step 3, otherwise abort as nothing more to do. [3] Generate an address by performing the address autoconfiguration algorithm on the EUI64 in the ARO with the link-local prefix [4] Forward the message to the address generated in step 3, recalculating ICMPv6 checksum Such a setup has the following disadvantages: -You ALWAYS transmit the registered address in the ARO on first hop, wasting 16 bytes But the following advantages: -Cannot have collision of two 802.15.4 ACK's because you are transmitting to two nodes at once -Less FLASH usage, since you have removed temporary NCE, and always use the same ARO Length which further simplifies code -Less SRAM usage, since you never need a neighbor cache entry for multi-hop DAD to complete -ARO registered address can be changed by ABR. For example if ABR notices a node is re-registering after that node reboots, the ABR could change registered address to nodes old address in NA it sends back. -Avoids "hacks" when sending last-hop NA. By "hack" I mean that people may just take registered address out of ARO, and send 802.15.4 message to lower 16 bits of registered address, since they are only every registering GP16 addresses in their case. By instead explicitly using EUI-64 to generate address, you decouple the registered IPv6 address from the MAC address used during registration. Thus the same code could in the future be used to register any address, not just GP16 addresses. It is only the final hop that knows if there should be any correlation between IPv6 address & 802.15.4 address, not intermediate nodes. -Does not need SLLAO in initial NS Comments? -Colin > (I assume, this is for 6LoWPAN-ND transactions that register/DAD a 16-bit > address.) > > One of the decisions we made on the way from ND-08 to ND-09 was to simplify > the protocol by basing more of it on the assumption of uniqueness of the > EUI-64 address. > Your proposal therefore seems like a logical consequence, as it seems it > indeed simplifies things more. > > But let's consider what we lose: > > -- the use of privacy addresses in this capacity. Since we already need to > have the EUI-64 exposed to do DAD, I see little loss. > -- the use of CGA (cryptographically generated addresses) in this capacity. > Well, maybe not. Since a CGA SHOULD be about as unique as an EUI-64, it > MIGHT be a good substitute if the keys are generated with the same care that > we think EUI-64s are instilled. > -- any other scheme that really wants to use a different kind of address for > uniqueness. > > I haven't formed an opinion yet -- I'm still in the process of trying to > understand the trade-offs. > > Gruesse, Carsten > > _______________________________________________ > 6lowpan mailing list > 6lowpan@ietf.org > https://www.ietf.org/mailman/listinfo/6lowpan
- [6lowpan] ND Short Address Collisions Colin O'Flynn
- Re: [6lowpan] ND Short Address Collisions Dario Tedeschi
- Re: [6lowpan] ND Short Address Collisions Robert Cragie
- Re: [6lowpan] ND Short Address Collisions Dario Tedeschi
- Re: [6lowpan] ND Short Address Collisions Westergreen Mads-MWEST2
- Re: [6lowpan] ND Short Address Collisions Colin O'Flynn
- Re: [6lowpan] ND Short Address Collisions Dario Tedeschi
- Re: [6lowpan] ND Short Address Collisions Carsten Bormann
- Re: [6lowpan] ND Short Address Collisions Colin O'Flynn
- Re: [6lowpan] ND Short Address Collisions Robert Cragie
- Re: [6lowpan] ND Short Address Collisions Dario Tedeschi
- Re: [6lowpan] ND Short Address Collisions Samita Chakrabarti
- Re: [6lowpan] ND Short Address Collisions Samita Chakrabarti
- Re: [6lowpan] ND Short Address Collisions Samita Chakrabarti
- Re: [6lowpan] ND Short Address Collisions Robert Cragie
- Re: [6lowpan] ND Short Address Collisions Carsten Bormann
- Re: [6lowpan] ND Short Address Collisions Colin O'Flynn
- Re: [6lowpan] ND Short Address Collisions Samita Chakrabarti
- Re: [6lowpan] ND Short Address Collisions Samita Chakrabarti
- Re: [6lowpan] ND Short Address Collisions- Proble… Samita Chakrabarti
- Re: [6lowpan] ND Short Address Collisions- Proble… Colin O'Flynn
- Re: [6lowpan] ND Short Address Collisions Erik Nordmark
- Re: [6lowpan] ND Short Address Collisions Colin O'Flynn
- Re: [6lowpan] ND Short Address Collisions Robert Cragie
- Re: [6lowpan] ND Short Address Collisions Erik Nordmark
- Re: [6lowpan] ND Short Address Collisions Erik Nordmark
- Re: [6lowpan] ND Short Address Collisions Robert Cragie