IETF Logo Mail Archive

Re: [NDP] Router autoconfiguration with RS/RA

"Silviu VLASCEANU" <silviu.vlasceanu@gmail.com> Fri, 06 June 2008 15:01 UTC

Return-Path: <ipv6-bounces@ietf.org>
X-Original-To: ipngwg-archive@lists.ietf.org
Delivered-To: ietfarch-ipngwg-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A9A843A6AC0; Fri, 6 Jun 2008 08:01:12 -0700 (PDT)
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0AEB73A68A7 for <ipv6@core3.amsl.com>; Fri, 6 Jun 2008 08:01:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CDbX2QF0duh2 for <ipv6@core3.amsl.com>; Fri, 6 Jun 2008 08:01:06 -0700 (PDT)
Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.229]) by core3.amsl.com (Postfix) with ESMTP id 905743A6AC0 for <ipv6@ietf.org>; Fri, 6 Jun 2008 08:01:06 -0700 (PDT)
Received: by wr-out-0506.google.com with SMTP id 50so439012wra.13 for <ipv6@ietf.org>; Fri, 06 Jun 2008 08:01:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender :to:subject:cc:in-reply-to:mime-version:content-type:references :x-google-sender-auth; bh=9a4se477CS7OOZ/jkIXO3J8D1ZmdeQwoZTqq5EjKF90=; b=FXcINV5UopaGDabJYefCbdQHnFyoJ1WNYJcwHE6q23YS3chv8LHHJdzXExRqxOq1dG QguYn265UqxYfWgB99CTR6VXosHnWmb8QWFo5Q5DTeG3kWVPCN6Ui/od0OLMmyoJtb6L Js9R0l6B4RxUwD/B0BWtQu93Nxlx609ZnJfRU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version :content-type:references:x-google-sender-auth; b=CxQZXT7rLY7e2OIpC+NuYYTajqFwmZlsAJIfmibab7FtnUpkHXyiyGiK7WKgaL2TO/ kGRgjZQxbNz9f/J+16vMy7SW6xMGcvkxqrCLv2hgHhAt2ZCtM+/04GNkbNO/0dDyqpZp di6y1GlVObwfCAfW6LLnOqY6CA8KokfrJLjS8=
Received: by 10.103.11.7 with SMTP id o7mr84589mui.103.1212764473040; Fri, 06 Jun 2008 08:01:13 -0700 (PDT)
Received: by 10.103.223.2 with HTTP; Fri, 6 Jun 2008 08:01:13 -0700 (PDT)
Message-ID: <3a44f430806060801n43fc7771wf55577ef643ecc25@mail.gmail.com>
Date: Fri, 06 Jun 2008 17:01:13 +0200
From: Silviu VLASCEANU <silviu.vlasceanu@gmail.com>
To: "Hemant Singh (shemant)" <shemant@cisco.com>
Subject: Re: [NDP] Router autoconfiguration with RS/RA
In-Reply-To: <B00EDD615E3C5344B0FFCBA910CF7E1D04E41CDA@xmb-rtp-20e.amer.cisco.com>
MIME-Version: 1.0
References: <3a44f430806060528o3ab46c73k863537e53e62275b@mail.gmail.com> <B00EDD615E3C5344B0FFCBA910CF7E1D04E41CDA@xmb-rtp-20e.amer.cisco.com>
X-Google-Sender-Auth: 4d1030112e559c2e
Cc: ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0674925151=="
Sender: ipv6-bounces@ietf.org
Errors-To: ipv6-bounces@ietf.org

I thank you both for the quick reaction. I generally agree. However, I have
some inline comments.

2008/6/6 Hemant Singh (shemant) <shemant@cisco.com>:

>  Silviu,
>
> A router can receive an RA on the router's upstream and use this RA to
> autoconfigure the ipv6 address on interface(s) of the router. Such a router
> interface configuration is no different from how a host interface
> statelessly autoconfigures as per ND RFC 4861 and 4862.
>

I agree and I also thought that this should be possible.


> However, ND RFC's do not mandate what does a router implementation do for
> sending RA, configuring network prefixes in the router downstream direction
> - these are conceptual variables that a router vendor is left to do what
> they want to do.
>

Noticed that too :)


>
> As to answering your question which was:
>
> "Why wouldn't a router be authorized to send Router Sollicitation
> messages?"
>

My question was related to sending Router Sollicitations on the upstream
interface.


>
> here is my reply.
>
> As far as the interface on the router has no RA configured, and the
> interface is configuring an IPv6 address using stateless autoconfiguration
> or even manual configuration, this interface is OK to send an RS in the
> router downstream.
>

As I understand, a router could configure its "downstream" interfaces by RAs
received from other routers in the "downstream". Is it correct?
This way, the notion of up/downstream would loose its sense.


>
>
However, soon as any RA configuration for router downstream is configured on
> the network interface, then ND prohibits a router to send any RS.
>

But if the downstream interface would have already been configured as
discussed previously, where is the interest of having a prefix delegated for
this downstream interface to advertise?


>
> Furthermore, I totally agree with Remi on his reply to this question of
> yours:
>
> "The same question for autoconfiguring the prefix it advertises on its
> subnets."
>

> You cannot mix router upstream and downstream operations in random fashion.
> IPv6 stateless autoconfiguration does not support prefix and router
> configuration of an upstream router. One should be careful discussing router
> downstream vs. router upstream directions for address configuration, routing
> configuration, and IPv6 ND RA configuration.
>
>

Sorry for my English, probably not the best these days.
I try not to mess things up. The reason I wrote here is that I have seen a
solution (ICMPv6 Based Prefix
Delegation<http://www.join.uni-muenster.de/Dokumente/drafts/draft-rao-ipv6-prefix-delegation-01.txt>,
expired) for delegating prefixes with (modified) NDP. In one of the
reactions at this draft, it was mentioned that routers do not send RS
messages but it wasn't mentioned why wouldn't they.

I think that the approach is interesting. I don't know if you already have
an opinion on it.


>
> Hemant
>

Thanks.

--
Silviu



>
>  ------------------------------
> *From:* ipv6-bounces@ietf.org [mailto:ipv6-bounces@ietf.org] *On Behalf Of
> *Silviu VLASCEANU
> *Sent:* Friday, June 06, 2008 8:29 AM
> *To:* ipv6@ietf.org
> *Subject:* [NDP] Router autoconfiguration with RS/RA
>
> Hello,
>
> I have been trying to figure out a response for the following questions,
> but I have only suppositions and I haven't found (yet) a document that
> accurately talks about. So I am asking here.
>
> Why wouldn't a router be authorized to send Router Sollicitation messages?
> Moreover, why couldn't a router autoconfigure its egress interface based on
> Router Advertisements received on this interface? The same question for
> autoconfiguring the prefix it advertises on its subnets.
>
> The only answer that comes in my mind is because an attack over these
> messages could render not only a host unreachable, but maybe a whole subnet.
> But apart this, is there really any other reason for not allowing this?
>
> Thank you in advance for the answers.
>
> Best regards,
> --
> Silviu
>

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email