Re: RFC3484 and ORCHID addresses (fwd)
Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 19 March 2008 23:49 UTC
Return-Path: <ipv6-bounces@ietf.org>
X-Original-To: ietfarch-ipv6-archive@core3.amsl.com
Delivered-To: ietfarch-ipv6-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 38D6328C1A7; Wed, 19 Mar 2008 16:49:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.626
X-Spam-Level:
X-Spam-Status: No, score=-100.626 tagged_above=-999 required=5 tests=[AWL=-0.189, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wUYb9n5XvU2x; Wed, 19 Mar 2008 16:49:35 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E32E73A6A7F; Wed, 19 Mar 2008 16:49:34 -0700 (PDT)
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E2B6D3A6974 for <ipv6@core3.amsl.com>; Wed, 19 Mar 2008 16:49:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XOKDZZjBle4C for <ipv6@core3.amsl.com>; Wed, 19 Mar 2008 16:49:33 -0700 (PDT)
Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.181]) by core3.amsl.com (Postfix) with ESMTP id 003713A6A7F for <ipv6@ietf.org>; Wed, 19 Mar 2008 16:49:32 -0700 (PDT)
Received: by wa-out-1112.google.com with SMTP id k40so791575wah.25 for <ipv6@ietf.org>; Wed, 19 Mar 2008 16:47:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:organization:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; bh=7JMFLmQSWI3+vz6WJqwkkOID6XpGIafwxeXs30VzHV8=; b=a769VcFQbKeW1LR5fZhSko8cYQTlBBU3m+BgesYT8a+cPX8AdffrMkOfO0fkOgtnWbBHhHYN4tbdsAeRZwq+GQDyknIBd3VPdjomA4jIpf7Q8MUQ1+1ZJvtNXmjV4KIbk2uAiezh6BeJCMOpfJcsXjLkZFwRRNAwuUNvExH7fo0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:organization:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=pmhg/TnsMDcsYChjd3KF7FsSxDmYfeEfe/jHPxAKlWfkFZEAoGtRwGzNakpfG7RPaiTPbajBy6aNGoDgIX03rTw+Xiwv20Mnngf8WFA1p4ZyU23iNwvfmuHQucRiFzrPf6vjRUVjaRKzNknnHxjDmF70LYry3STPrUznzfeKIjA=
Received: by 10.114.52.1 with SMTP id z1mr2070263waz.62.1205970435795; Wed, 19 Mar 2008 16:47:15 -0700 (PDT)
Received: from ?130.216.38.124? ( [130.216.38.124]) by mx.google.com with ESMTPS id m10sm1649620waf.35.2008.03.19.16.47.13 (version=SSLv3 cipher=RC4-MD5); Wed, 19 Mar 2008 16:47:14 -0700 (PDT)
Message-ID: <47E1A600.9020402@gmail.com>
Date: Thu, 20 Mar 2008 12:47:12 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Pekka Savola <pekkas@netcore.fi>
Subject: Re: RFC3484 and ORCHID addresses (fwd)
References: <alpine.LRH.1.00.0803140137490.8914@netcore.fi>
In-Reply-To: <alpine.LRH.1.00.0803140137490.8914@netcore.fi>
Cc: ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ipv6-bounces@ietf.org
Errors-To: ipv6-bounces@ietf.org
On 2008-03-14 12:43, Pekka Savola wrote:
> FYI,
>
> While we're considering RFC3484 changes, here's one additional
> proposed modification to RFC3484 for Linux with ORCHID (RFC 4843) that
> is worth serious consideration. (Discussion on the best
> implementation choice(s) and glibc changes is still going on.)
>
> One may debate whether ORCHID addresses should be dealt with the
> policy table or in the spec.
Don't you mean: whether ORCHID address should be listed
in the default policy table? One possible approach is
to argue that standards-track formats should be in
the default policy table (6to4, Teredo in) and
others should be left to local policy (ORCHID out).
An alternative is to say that anything that's assigned
by IANA should be in (6to4, Teredo, ORCHID in).
BTW it's not so easy as all that. Prefer 6to4 to Teredo
and sometimes 6to4 will black-hole. Prefer Teredo to
6to4 and Teredo may be used when 6to4 is more efficient.
Longest-match won't help you there.
Brian
>
> ---------- Forwarded message ----------
> Date: Thu, 21 Feb 2008 12:08:42 +0200
> From: Juha-Matti Tapio <jmtapio@verkkotelakka.net>
> To: netdev@vger.kernel.org
> Subject: [PATCH 2/2] [IPV6]: Fix source address selection for ORCHID addresses
>
> Skip the prefix length matching in source address selection for
> orchid -> non-orchid addresses.
>
> Overlay Routable Cryptographic Hash IDentifiers (RFC 4843,
> 2001:10::/28) are currenty not globally reachable. Without this
> check a host with an ORCHID address can end up preferring those over
> regular addresses when talking to other regular hosts in the 2001::/16
> range thus breaking non-orchid connections.
>
> Signed-off-by: Juha-Matti Tapio <jmtapio@verkkotelakka.net>
> ---
> include/net/ipv6.h | 10 ++++++++++
> net/ipv6/addrconf.c | 5 +++++
> 2 files changed, 15 insertions(+), 0 deletions(-)
>
> diff --git a/include/net/ipv6.h b/include/net/ipv6.h
> index c0c019f..67e024a 100644
> --- a/include/net/ipv6.h
> +++ b/include/net/ipv6.h
> @@ -384,6 +384,16 @@ static inline int ipv6_addr_v4mapped(const struct in6_addr *a)
> }
>
> /*
> + * Check for a RFC 4843 ORCHID address
> + * (Overlay Routable Cryptographic Hash Identifiers)
> + */
> +static inline int ipv6_addr_orchid(const struct in6_addr *a)
> +{
> + return ((a->s6_addr32[0] & htonl(0xfffffff0))
> + == htonl(0x20010010));
> +}
> +
> +/*
> * find the first different bit between two addresses
> * length of address must be a multiple of 32bits
> */
> diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
> index e40213d..2474d20 100644
> --- a/net/ipv6/addrconf.c
> +++ b/net/ipv6/addrconf.c
> @@ -1125,6 +1125,11 @@ int ipv6_dev_get_saddr(struct net_device *daddr_dev,
> if (hiscore.rule < 7)
> hiscore.rule++;
> #endif
> +
> + /* Skip rule 8 for orchid -> non-orchid address pairs. */
> + if (ipv6_addr_orchid(&ifa->addr) && !ipv6_addr_orchid(daddr))
> + continue;
> +
> /* Rule 8: Use longest matching prefix */
> if (hiscore.rule < 8) {
> hiscore.matchlen = ipv6_addr_diff(&ifa_result->addr, daddr);
> --
> 1.5.3.8
>
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
- RFC3484 and ORCHID addresses (fwd) Pekka Savola
- Re: RFC3484 and ORCHID addresses (fwd) David Malone
- Re: RFC3484 and ORCHID addresses (fwd) Brian E Carpenter