Re: interop problems with getaddrinfo() address selection
Keith Moore <moore@cs.utk.edu> Sun, 09 December 2007 20:31 UTC
Return-path: <discuss-bounces@apps.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1J1SoR-0004hh-7d; Sun, 09 Dec 2007 15:31:43 -0500
Received: from discuss by megatron.ietf.org with local (Exim 4.43) id 1J1SoQ-0004hb-C4 for discuss-confirm+ok@megatron.ietf.org; Sun, 09 Dec 2007 15:31:42 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1J1SoP-0004hL-VY for discuss@apps.ietf.org; Sun, 09 Dec 2007 15:31:41 -0500
Received: from m1.imap-partners.net ([64.13.152.131]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1J1SoN-0001if-KC for discuss@apps.ietf.org; Sun, 09 Dec 2007 15:31:41 -0500
Received: from lust.indecency.org (m650f36d0.tmodns.net [208.54.15.101]) by m1.imap-partners.net (MOS 3.8.4-GA) with ESMTP id AIE70932 (AUTH admin@network-heretics.com); Sun, 9 Dec 2007 12:30:00 -0800 (PST)
Message-ID: <475C5047.3010807@cs.utk.edu>
Date: Sun, 09 Dec 2007 12:29:59 -0800
From: Keith Moore <moore@cs.utk.edu>
User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031)
MIME-Version: 1.0
To: Tony Finch <dot@dotat.at>
Subject: Re: interop problems with getaddrinfo() address selection
References: <Pine.LNX.4.64.0712061901020.24448@hermes-1.csi.cam.ac.uk> <200712062020.PAA16213@Sparkle.Rodents.Montreal.QC.CA> <Pine.LNX.4.64.0712071735070.24448@hermes-1.csi.cam.ac.uk> <475B0ABC.5090806@cs.utk.edu> <Pine.LNX.4.64.0712092000150.29087@hermes-1.csi.cam.ac.uk>
In-Reply-To: <Pine.LNX.4.64.0712092000150.29087@hermes-1.csi.cam.ac.uk>
X-Enigmail-Version: 0.95.5
OpenPGP: id=E1473978
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b4a0a5f5992e2a4954405484e7717d8c
Cc: der Mouse <mouse@Rodents.Montreal.QC.CA>, discuss@apps.ietf.org
X-BeenThere: discuss@apps.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: general discussion of application-layer protocols <discuss.apps.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@apps.ietf.org>
List-Help: <mailto:discuss-request@apps.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=subscribe>
Errors-To: discuss-bounces@apps.ietf.org
Tony Finch wrote: > On Sat, 8 Dec 2007, Keith Moore wrote: > >> this seems like an almost-inherent consequence of IPv6's expecting hosts >> to have multiple addresses and asking hosts initiating a communication >> to do address selection. it's not specific to getaddrinfo() - any API >> that tried to solve that problem would be likely to reorder addresses to >> some degree. >> > > The problem isn't specific to IPv6 - for example see the comments about > address selection for "multihomed" MXs in RFC 2821. However in practice we > ignore this possibility and treat host names with multiple IP addresses as > equally reachable at any address. I don't think IPv6 substantially changes > this situation, because most of its common extra addresses have limited > scope and will not be published in the DNS. > I think it's a stretch to assume that in the future that all IP addresses associated with a domain and advertised in DNS are equally reachable. As a start IPv4 isn't going away. So a site may need to advertise both IPv4 and IPv6 addresses in order to be widely reachable, and the party initiating a connection gets to decide which is better. >From my own experience it is a good idea for a site to advertise both 6to4 and native IPv6 addresses. A 6to4 site initiating a connection will probably do better to use the destination's 6to4 address; similarly for a native site using the destination's native address. An IPv4-to-IPv4 connection is almost certainly better than a connection between a native and 6to4 IPv6 address. Then you have ULIAs which are globally unique and globally scoped but which might not be globally reachable. As long as there's an expectation that IPv6 addresses are PA, there will be a need for ULIAs. But networks using ULIAs will interconnect with other networks including those using PA space and other networks using ULIAs. Then you have mobile IP which creates additional choices, and a growing tendency for hosts to have multiple network interfaces where more than one interface can be connected to the Internet. The notion that you can control address visibility using DNS in this world is pretty much a fantasy. >> though it should be possible for the client implementation to go through >> the list of addresses, assign a preference value to each one (based on >> address type and number of leading bits in common with one of the >> hosts's local addresses), then perform a stable sort by preference value. >> > > That's essentially what RFC 3484 recommends, and what causes the problem. > What causes the problem is the assumption that a destination can have multiple addresses, a source can have multiple addresses, and the party initiating the connection can somehow make a good decision about which address pair to use without any information from the network. As for DNS randomization, it's never been reasonable to expect an application to try each of several addresses in the order returned by DNS. The fact that many apps happened to work this way (because it was often the easiest way to do things) was an accident, not something required by the DNS protocol or the defined protocol for most of those apps. Keith
- interop problems with getaddrinfo() address selec… Tony Finch
- Re: interop problems with getaddrinfo() address s… der Mouse
- Re: interop problems with getaddrinfo() address s… Tony Finch
- Re: interop problems with getaddrinfo() address s… der Mouse
- Re: interop problems with getaddrinfo() address s… Keith Moore
- Re: interop problems with getaddrinfo() address s… Tony Finch
- Re: interop problems with getaddrinfo() address s… Keith Moore
- Re: interop problems with getaddrinfo() address s… Tony Finch
- Re: interop problems with getaddrinfo() address s… der Mouse
- Re: interop problems with getaddrinfo() address s… Tony Finch
- Re: interop problems with getaddrinfo() address s… der Mouse
- Re: interop problems with getaddrinfo() address s… Keith Moore
- Re: interop problems with getaddrinfo() address s… Stephane Bortzmeyer
- Re: interop problems with getaddrinfo() address s… Tony Finch
- Re: interop problems with getaddrinfo() address s… der Mouse
- Re: interop problems with getaddrinfo() address s… Keith Moore
- Re: interop problems with getaddrinfo() address s… Keith Moore
- Re: interop problems with getaddrinfo() address s… Keith Moore
- Re: interop problems with getaddrinfo() address s… der Mouse
- Re: interop problems with getaddrinfo() address s… Tony Finch
- Re: interop problems with getaddrinfo() address s… Keith Moore