Re: [76attendees] Rogue IPv6 RA

Arifumi Matsumoto <arifumi@nttv6.net> Mon, 09 November 2009 14:31 UTC

Return-Path: <arifumi@nttv6.net>
X-Original-To: 76attendees@core3.amsl.com
Delivered-To: 76attendees@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7A5963A693F; Mon, 9 Nov 2009 06:31:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.557
X-Spam-Level:
X-Spam-Status: No, score=-2.557 tagged_above=-999 required=5 tests=[AWL=0.043, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UWJyCY5pceBq; Mon, 9 Nov 2009 06:31:02 -0800 (PST)
Received: from mail.nttv6.net (mail.nttv6.net [IPv6:2001:fa8::25]) by core3.amsl.com (Postfix) with ESMTP id 2A61728C133; Mon, 9 Nov 2009 06:31:01 -0800 (PST)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by mail.nttv6.net (8.14.3/8.14.3) with ESMTP id nA9EVQrV018433; Mon, 9 Nov 2009 23:31:27 +0900 (JST) (envelope-from arifumi@nttv6.net)
Mime-Version: 1.0 (Apple Message framework v1076)
Content-Type: text/plain; charset="us-ascii"; format="flowed"; delsp="yes"
From: Arifumi Matsumoto <arifumi@nttv6.net>
In-Reply-To: <m2my2w9dda.wl%sekiya@wide.ad.jp>
Date: Mon, 09 Nov 2009 23:33:16 +0900
Content-Transfer-Encoding: 7bit
Message-Id: <9EC1CCE4-CB5C-4491-8339-A1497475A1D7@nttv6.net>
References: <m24op4b94l.wl%sekiya@wide.ad.jp> <66346671-3773-4A08-94CB-7A777C105631@nttv6.net> <m2my2w9dda.wl%sekiya@wide.ad.jp>
To: Yuji Sekiya <sekiya@wide.ad.jp>
X-Mailer: Apple Mail (2.1076)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (mail.nttv6.net [IPv6:::1]); Mon, 09 Nov 2009 23:31:27 +0900 (JST)
Cc: ipv6@ietf.org, 76attendees@ietf.org
Subject: Re: [76attendees] Rogue IPv6 RA
X-BeenThere: 76attendees@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <76attendees.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/76attendees>, <mailto:76attendees-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/76attendees>
List-Post: <mailto:76attendees@ietf.org>
List-Help: <mailto:76attendees-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/76attendees>, <mailto:76attendees-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2009 14:31:03 -0000

Hi,
let me CC to 6man ML,

Per RFC4861,

6.3.4.  Processing Received Router Advertisements
...
       - If the address is already present in the host's Default Router
         List and the received Router Lifetime value is zero,  
immediately
         time-out the entry as specified in Section 6.3.5.
...
6.3.5.  Timing out Prefixes and Default Routers

    Whenever the invalidation timer expires for a Prefix List entry,  
that
    entry is discarded.  No existing Destination Cache entries need be
    updated, however.  Should a reachability problem arise with an
    existing Neighbor Cache entry, Neighbor Unreachability Detection  
will
    perform any needed recovery.

    Whenever the Lifetime of an entry in the Default Router List  
expires,
    that entry is discarded.  When removing a router from the Default
    Router list, the node MUST update the Destination Cache in such a  
way
    that all entries using the router perform next-hop determination
    again rather than continue sending traffic to the (deleted) router.

I'm not sure what does "immediately time-out the entry as specified
in Section 6.3.5." mean.
Does it mean both paragraphs in 6.3.5. or just the latter paragraph ?

If the latter paragraph only should be executed, the address given
by rogue RA remains, right ?


On 2009/11/09, at 19:55, Yuji Sekiya wrote:

> At Mon, 9 Nov 2009 19:52:48 +0900,
> Arifumi Matsumoto wrote:
>
>> IIRC, routerlifetime and address lifetime is not correlated.
>>
>> So, that address can be used for the source address for
>> outgoing sessions, right ?
>
> I think some of implementation bind prefix and its default
> router, so default router is expired, the prefix is not
> selected as source address.
>
> -- Yuji Sekiya