Re: [dhcwg] [v6ops] [EXTERNAL] Re: Question to DHCPv6 Relay Implementors regarding draft-ietf-dhc-dhcpv6-pd-relay-requirements

"Templin (US), Fred L" <Fred.L.Templin@boeing.com> Fri, 09 October 2020 00:00 UTC

Return-Path: <Fred.L.Templin@boeing.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D30093A1059; Thu, 8 Oct 2020 17:00:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=boeing.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WFxAc6mt9axN; Thu, 8 Oct 2020 16:59:59 -0700 (PDT)
Received: from clt-mbsout-01.mbs.boeing.net (clt-mbsout-01.mbs.boeing.net [130.76.144.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56D383A1058; Thu, 8 Oct 2020 16:59:59 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by clt-mbsout-01.mbs.boeing.net (8.15.2/8.15.2/DOWNSTREAM_MBSOUT) with SMTP id 098Nxuo3002159; Thu, 8 Oct 2020 19:59:57 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=boeing.com; s=boeing-s1912; t=1602201597; bh=ndlaZAw3AZz400IuhkSf2qttVQXBf833P6TuZvVZBJM=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=c9GkpSEdZpk6pmIiCTbr2ueI0xlMjK/AWpPpJuhzlNUUPvIkbZV4e2kN+wAJt2zGh Si8tGV2IY1HplAKr8Gurl7cWwRwcz40JZZebdcZVsDXYr0cXT3tI0C/LAg2ibtKZ/D mG+PHmF4UOZPDzxNY7DrMdXzqocz+wQk+KZNrhAwxjmatnSi0WeMLQQVAEmrdMTncy hovX3/dAhwpeoVRBwCqPlzPvpa4DCDRcfbeGlysh6fL1x4vHk/Y87AyNtGRWh6/ldr DWrrUw/XLJsWsDP2lnDM/aT/lwI8Mc8s+YY9UovSJJZJqKdK34RLR00KzFWwIfQNEL W2QTGN6/Ol+xw==
Received: from XCH16-07-12.nos.boeing.com (xch16-07-12.nos.boeing.com [144.115.66.114]) by clt-mbsout-01.mbs.boeing.net (8.15.2/8.15.2/8.15.2/UPSTREAM_MBSOUT) with ESMTPS id 098NxsQE002049 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=OK); Thu, 8 Oct 2020 19:59:54 -0400
Received: from XCH16-07-10.nos.boeing.com (144.115.66.112) by XCH16-07-12.nos.boeing.com (144.115.66.114) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.2044.4; Thu, 8 Oct 2020 16:59:52 -0700
Received: from XCH16-07-10.nos.boeing.com ([fe80::e065:4e77:ac47:d9a8]) by XCH16-07-10.nos.boeing.com ([fe80::e065:4e77:ac47:d9a8%2]) with mapi id 15.01.2044.004; Thu, 8 Oct 2020 16:59:52 -0700
From: "Templin (US), Fred L" <Fred.L.Templin@boeing.com>
To: Ole Troan <otroan@employees.org>
CC: dhcwg <dhcwg@ietf.org>, v6ops list <v6ops@ietf.org>, 6man <ipv6@ietf.org>
Thread-Topic: [v6ops] [EXTERNAL] Re: [dhcwg] Question to DHCPv6 Relay Implementors regarding draft-ietf-dhc-dhcpv6-pd-relay-requirements
Thread-Index: AQHWnRHm524iPz3PtEmCznTLyJxcLqmONFtwgAAJLjCAAHpQAP//i44QgAAdLpA=
Date: Thu, 8 Oct 2020 23:59:52 +0000
Message-ID: <66fcc6c4c1d243108b6b2eb19719324c@boeing.com>
References: <ff36a6d9f0834b5bbf331c6c40df16b8@boeing.com> <6373DDB1-753B-4E15-8097-9ED03F1BFC19@employees.org> <5b45336f7d9d489bb13a3559fd0a6b10@boeing.com>
In-Reply-To: <5b45336f7d9d489bb13a3559fd0a6b10@boeing.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [137.137.12.6]
x-tm-snts-smtp: 0314717583B03532B26E80B6A6DD482505929F3EF6037FB1F353B4B2079845302000:8
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-TM-AS-GCONF: 00
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/RZFQn2jgwKo_B1taMwb8foJI-9o>
Subject: Re: [dhcwg] [v6ops] [EXTERNAL] Re: Question to DHCPv6 Relay Implementors regarding draft-ietf-dhc-dhcpv6-pd-relay-requirements
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Oct 2020 00:00:01 -0000

Ole,

> I can tell you how we will do it in AERO/OMNI. R will have an OMNI interface
> neighbor cache entry (NCE) for A that links the prefix A with the link-layer
> address of A. Then, when R receives a packet from A's link-layer address it
> consults its NCE to see that A is the holder of prefix A and therefore not a
> valid source of packets with destination address in A. We will have this in
> our code soon - thanks for the catch!

On further thought, this is complicated by the multilink nature of OMNI since the
OMNI neighbor could have multiple link-layer addresses. R would then have to
very carefully check that, if a packet with IPv6 destination address 'A' arrived
from link-layer address 'a1', that it not be forwarded back via link-layer address
'a1' nor any other link-layer addresses 'a2', 'a3', 'a4', etc. It gets messy quickly.

So, why not fix the problem at the client instead of at the relay? The client could
have a simple check to make sure it does not forward a packet out the same
interface that it arrived on due to a default route. That way, the relay would
never see a packet originating from node A with a destination address A.
(BTW, it should be OK for the client to forward a packet out the same interface
it arrived on due to  a more-specific route - but not due to a default route.)

Fred