IETF Logo Mail Archive

Re: [homenet] I-D Action: draft-haddad-homenet-multihomed-00

james woodyatt <jhw@apple.com> Tue, 23 October 2012 18:01 UTC

Return-Path: <jhw@apple.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC5ED11E8099 for <homenet@ietfa.amsl.com>; Tue, 23 Oct 2012 11:01:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Eu1H7Tea76n0 for <homenet@ietfa.amsl.com>; Tue, 23 Oct 2012 11:01:43 -0700 (PDT)
Received: from mail-out.apple.com (mail-out.apple.com [17.151.62.49]) by ietfa.amsl.com (Postfix) with ESMTP id 821E021F86AF for <homenet@ietf.org>; Tue, 23 Oct 2012 11:01:43 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; CHARSET="US-ASCII"
Received: from relay16.apple.com ([17.128.113.55]) by mail-out.apple.com (Oracle Communications Messaging Server 7u4-23.01 (7.0.4.23.0) 64bit (built Aug 10 2011)) with ESMTP id <0MCC00HVUY19T6J2@mail-out.apple.com> for homenet@ietf.org; Tue, 23 Oct 2012 11:01:39 -0700 (PDT)
X-AuditID: 11807137-b7fd56d000002bf1-06-5086db82fe06
Received: from cilantro.apple.com (cilantro.apple.com [17.128.115.18]) (using TLS with cipher RC4-MD5 (RC4-MD5/128 bits)) (Client did not present a certificate) by relay16.apple.com (Apple SCV relay) with SMTP id 32.6D.11249.28BD6805; Tue, 23 Oct 2012 11:01:39 -0700 (PDT)
Received: from kallisti.apple.com ([17.193.13.64]) by cilantro.apple.com (Oracle Communications Messaging Server 7u4-24.01 (7.0.4.24.0) 64bit (built Nov 17 2011)) with ESMTPSA id <0MCC00AJCY2QQJ30@cilantro.apple.com> for homenet@ietf.org; Tue, 23 Oct 2012 11:01:38 -0700 (PDT)
From: james woodyatt <jhw@apple.com>
In-reply-to: <5086B5A7.3040706@mtcc.com>
Date: Tue, 23 Oct 2012 11:01:37 -0700
Message-id: <0435F886-1E8B-4302-832F-C9D0269981A4@apple.com>
References: <201210011801.q91I1tfW056624@gateway1.orleans.occnc.com> <506A07D1.8050605@gmail.com> <10328E81-3C94-455B-9A37-B421200A5C38@ecs.soton.ac.uk> <EMEW3|19238916f7ff9a0ada655caf80bba8cao9AAbJ03tjc|ecs.soton.ac.uk|10328E81-3C94-455B-9A37-B421200A5C38@ecs.soton.ac.uk> <7F6EA97D-5DA8-4872-A647-D879B1955824@gmail.com> <49FCFE49-9DFB-44D2-ADAD-636A3C80F906@ecs.soton.ac.uk> <EMEW3|09bc323dc12a06be7c21e18f2752cd05o9LECn03tjc|ecs.soton.ac.uk|49FCFE49-9DFB-44D2-ADAD-636A3C80F906@ecs.soton.ac.uk> <7F4B245F-9355-4134-9176-EB7DB1634469@apple.com> <77A8749D-DF81-4816-8277-CB69861E524A@fugue.com> <C3720598-400C-4B83-9CEC-878B3FA8109E@ecs.soton.ac.uk> <EMEW3|3e5d3f7836c5b4ddbd99d74df88ecc6ao9LJ8r03tjc|ecs.soton.ac.uk|C3720598-400C-4B83-9CEC-878B3FA8109E@ecs.soton.ac.uk> <5085905A.8030206@mtcc.com> <52E31542-3B7C-4EC1-9B2C-3C9D8E6B3BB1@apple.com> <50859C1B.7070707@mtcc.com> <CAKD1Yr0v3NdN+QCj=jFiZcv0ox1S-YAj29dZyMd6kAWAv723dg@mail.gmail.com> <5086B5A7.3040706@mtcc.com>
To: "homenet@ietf.org Group" <homenet@ietf.org>
X-Mailer: Apple Mail (2.1620)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprFLMWRmVeSWpSXmKPExsUi2FAspNt8uy3A4OomJov3iw6xODB6LFny kymAMYrLJiU1J7MstUjfLoEr41JvK3vBW/aK2a9kGhiXs3UxcnBICJhItH1262LkBDLFJC7c Ww8U5uIQEpjGJPF54ykoZw6TxMWH95hAqpgFdCR6v39jBrF5BfQkpk+YyAJiCwu4Spw4uBTM ZhNQkfh2+S5YPaeAhsSBi3fZQWwWAVWJ6XP/sUPM0ZZ48u4CK8QcG4mvq7dBLXvFLjF3ySyw BSIC+hJPj/xigzhPVmLxtXXMExj5ZyG5YxaSO2YhmbuAkXkVo2BRak5ipaGZXmJBQU6qXnJ+ 7iZGcIgVmu9g3P5X7hCjAAejEg8v57G2ACHWxLLiytxDjBIczEoivNkXgUK8KYmVValF+fFF pTmpxYcYpTlYlMR5k48DpQTSE0tSs1NTC1KLYLJMHJxSDYycMwJOu89X77Rzd1y63Xu3efvW Ezd4Vq+PzEgs71tduHeNd8Feu32pf1Y8k0iwEF206OXGRS95NMNSRFTNU3ZGfxG437zd6+gl 7ecx97I3RM27ZbgvOcJrnaq7V/CHc0tWlRZbe2a2zJWfIXY6Z+8tqY/vj29dyvl3huBJ7p8/ ywoq3ze+adyoxFKckWioxVxUnAgAZx7MUS0CAAA=
Subject: Re: [homenet] I-D Action: draft-haddad-homenet-multihomed-00
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/homenet>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Oct 2012 18:01:44 -0000

On Oct 23, 2012, at 08:20 , Michael Thomas <mike@mtcc.com> wrote:
> On 10/22/2012 08:35 PM, Lorenzo Colitti wrote:
>> 
>> Can you explain why this behaviour, combined with the "prefer matching interface" rule in RFC 3484, is not sufficient? If not, then there is no problem to solve here.
> 
> Your ISP gives you 2001:xxxx:: via SLAAC. Your employer gives you 2000::,
> but also has 2001:yyyy::. You connect to a server on 2001:yyyy::. Your
> 3484 v6 stack picks 2001:xxxx for the source address. Hilarity ensues:

My IPv6 stack doesn't pick a 2001:xxxx:... address.  When the VPN client connects, it inserts a more-specific host route to 2001:yyyy::/z via the VPN pseudo-interface, so the IPv6 stack picks the interface address assigned by the VPN access concentrator as the source address for application flows to the 2001:yyyy:/z network.

Hilarity does not ensue. Happy faces on the security team.


--
james woodyatt <jhw@apple.com>
core os networking

v2.23.0 | Report a Bug | By Email