IETF Logo Mail Archive

Re: Linux & draft-gont-6man-slaac-dns-config-issues

Jen Linkova <furry13@gmail.com> Tue, 24 March 2015 17:25 UTC

Return-Path: <furry13@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 565031AC3E4 for <ipv6@ietfa.amsl.com>; Tue, 24 Mar 2015 10:25:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a9PJvdt5QHuX for <ipv6@ietfa.amsl.com>; Tue, 24 Mar 2015 10:25:18 -0700 (PDT)
Received: from mail-wi0-x233.google.com (mail-wi0-x233.google.com [IPv6:2a00:1450:400c:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3FC4F1A92DD for <6man@ietf.org>; Tue, 24 Mar 2015 10:25:18 -0700 (PDT)
Received: by wibg7 with SMTP id g7so80793131wib.1 for <6man@ietf.org>; Tue, 24 Mar 2015 10:25:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=AgN6+D21X9O8omJFIvTNq+eBWFdbIUo4pKtMPUu0xl0=; b=xBqRW1pfE6MHYjuBnj23tDrQEyJ6M3hl1uFovr4XXCedMbt74E1BGTAGEdM5ocdB6u 63PjIbt+yfjEr+wExOd9MA29gGFSfTeN32jWvAP5XIxFzgn0ewmx3yk7gtiMnSUIlWgP NblkWMTfwffqZmiJzKmo5PTFWc2C1d8J+4Bh9q+MWtn5BC0skJS/qTt6D6JNN/BzS/Ba 6VBHYPvkYDG4ipzEef6CerIPdRRGpJl7QlzRAjLA63oK5f7r4VuL1U/rQoCCyVSk/P/B IwX4s9YMKzRCQMwZuTgqgyAnxymcMsGKBnETuM3GAoY99xqQOj7b90kJweYQ1D0IZSgr 2bqg==
X-Received: by 10.180.38.1 with SMTP id c1mr30659321wik.84.1427217917057; Tue, 24 Mar 2015 10:25:17 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.28.58.76 with HTTP; Tue, 24 Mar 2015 10:24:56 -0700 (PDT)
In-Reply-To: <55118F3B.3000308@si6networks.com>
References: <55102C6B.1060608@si6networks.com> <CAKD1Yr2XfeSuQAj94kN1AF_8cet2L+uEkJnO59NyYgtwyfXu7A@mail.gmail.com> <CAKD1Yr3YBdjSkwgoAzTXs_dvoiRnSFReE5-fAO7RggvVLwDthw@mail.gmail.com> <CAFU7BASXNe6TXWt7R2+tBjiob8n23VpBV5THV5hJxSHV-wKo5A@mail.gmail.com> <55118F3B.3000308@si6networks.com>
From: Jen Linkova <furry13@gmail.com>
Date: Tue, 24 Mar 2015 18:24:56 +0100
Message-ID: <CAFU7BAQX95WmBu1r=yp38pZ3tEBrxdEX32cvHE7A8AkLjESSEA@mail.gmail.com>
Subject: Re: Linux & draft-gont-6man-slaac-dns-config-issues
To: Fernando Gont <fgont@si6networks.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/2OES283UzRNKorlch3-WlrL-VQ8>
Cc: draft-gont-6man-slaac-dns-config-issues@tools.ietf.org, "6man@ietf.org" <6man@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Mar 2015 17:25:19 -0000

On Tue, Mar 24, 2015 at 5:22 PM, Fernando Gont <fgont@si6networks.com> wrote:
>> I agree that "<= 2x MaxRtrAdvInterval" limitation is way too strict
>> and we SHOULD fix this.
>> However I do not like the idea of sanitizing the received values and
>> limiting them to 10xMaxRtrAdvInterval.
>
> The thing here is that that's the only way (along with the change of the
> semantics of the Lifetime parameter) in which you can fix the problem on
> the client side.

Did I get it right that you are trying to solve one particular case
when people are shooting themselves in the foot?  I do not believe
that every single possible network misconfiguration case should be
solved on the client side, especially at the price of making life
harder for people who know what they are doing.

>> It really sounds like a
>> micromanaging network administrators in how they run their networks.
>> There might be valid reasons to have RDNSS/DNSSL Lifetime to be close
>> enough to how often RAs are sent (what if a router is a DNS server
>> itself? So if a router does down I don't want a client to use it).
>
> If that's de goal, then the Lifetime value should be set according to
> the "Valid Lifetime" of the RA, rather than according to MaxRtrAdvInterval

You mean Router Lifetime, don't you?
And yes, it might be equal to Router Lifetime, which might be
significantly lower than 6000 sec (1 hr 40 mins) you are proposing.

>> Actually, the wording of Sanitizing section is not accurate. Clients
>> do not know MaxRtrAdvInterval value as it's something configured on a
>> router. I assume it should be "the default MaxRtrAdvInterval value of
>> 600 sec"?
>
> Yes.

It would be nice to update the text accordingly.

-- 
SY, Jen Linkova aka Furry

v2.23.0 | Report a Bug | By Email