IETF Logo Mail Archive

Re: Moving draft-gont-slaac-renum forward (fwd: New Version Notification for draft-gont-6man-slaac-renum-06.txt)

Fernando Gont <fgont@si6networks.com> Mon, 13 April 2020 06:04 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A48F73A0F7A for <ipv6@ietfa.amsl.com>; Sun, 12 Apr 2020 23:04:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xzp8VWXs0Vv4 for <ipv6@ietfa.amsl.com>; Sun, 12 Apr 2020 23:04:45 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A6E43A0F79 for <6man@ietf.org>; Sun, 12 Apr 2020 23:04:44 -0700 (PDT)
Received: from [192.168.0.10] (unknown [181.45.84.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 459F4804D5; Mon, 13 Apr 2020 08:04:41 +0200 (CEST)
Subject: Re: Moving draft-gont-slaac-renum forward (fwd: New Version Notification for draft-gont-6man-slaac-renum-06.txt)
To: Erik Kline <ek.ietf@gmail.com>
Cc: "6man@ietf.org" <6man@ietf.org>
References: <158620184659.9045.11540117841598508585@ietfa.amsl.com> <dd933b9a-375e-1d3f-445b-a9cd66314183@si6networks.com> <d1186773-6a0c-e572-79b0-d63265de11d4@si6networks.com> <CAMGpriVJj7BQ+D9Ye82NRavK3-7txLj_ZqPym7S32u99DG1Raw@mail.gmail.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <8be0c944-fb41-d4e9-5188-add8f016b4f3@si6networks.com>
Date: Mon, 13 Apr 2020 02:54:19 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <CAMGpriVJj7BQ+D9Ye82NRavK3-7txLj_ZqPym7S32u99DG1Raw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/CCYJeHhPwCUGvV9ddFzbYl4vHyc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Apr 2020 06:04:48 -0000

Hi, Erik,

On 13/4/20 01:57, Erik Kline wrote:
> <no hats>
> 
> I think I would prefer if we can solve 90+% of the problem with: (a) 
> hosts try to do right thing as told to them by routers and (b) the 
> routers tell hosts the right thing.  I think improved timer guidance 
> (vis. v6ops drafts) could be of value in regard to (b).

FWIW, Section 4.1 of draft-gont-6man-slaac-renum-06 is exactly that:
* Section 4.1.1 changes the defaults for routers
* Section 4.1.2 sanitizes the received lifetimes

Part of the rationale behind this document is that we need to improve 
things with what we have. e.g., there are going to be routers that will 
not be updated until they are phased out.

The v6ops work is indeed useful and tackles one of the most common cases 
where this kind of scenario takes place (CE in a home deployment)... but 
doesn't apply to the general case of routers. And I believe that is 
needed, too. What we have as current default values should be changed.



> That having been said, as noted there are times where the routers might 
> not be able to correctly deprecate a prefix.  (Also the whole "2 hour" 
> PIO lifetime thing always struck me as a a bit of wart.)

Indeed. And as noted in the I-D, with all the other vectors that remain 
open, it doesn't make sense to do this 2-hour thing.



> I feel like what's wanted here is for hosts to be able to do something 
> like BFD for any given non-link-local unicast address -- some host OSes 
> /might/ even want to do something (log/warn, maybe) about manual/DHCPv6 
> configured addresses that might fall within a problematically 
> disappearing prefix.
> 
> Is it just as workable, and less complicated, if hosts that want to 
> check the validity of a previously advertised prefix do a few unicast 
> NSes for the router's link-local address from a source address in the 
> prefix to see if the router thinks the path to prefix is back onto the 
> link?  I just did this at home it worked, but my setup is also about as 
> simple as they come.

The document essentially has to sets of components:

1) A set of modications that help deprecate stale prefixes in a timelier 
manner, including:
    - remove the prohibition to reduce the to < 2-hours
    - more appropriate lifetimes at routers
    - capping PIOs at hosts

2) Then an algorithm (Section 4.5.1 or 4.5.2) to infer stale prefixes.


If I understand correctly your proposal/evaluation of BFD as a possible 
alternative would be an alternative for 2), but not for 1). Is that correct?

I believe that BFD would be exercising something else, as opposed to, 
specifically, if the prefixes have become stale. Additionally, it would 
seem to me that doing something ala BFD would be much more complicated, 
and with a number of corner cases that are hard to predict, and prone to 
failure. -- just me thinking out loud:

* What if the router advertises the prefix, but is not a default router?

* How often would you send probes? If you have multiple prefixes and 
multiple routers, would you do all the possible combinations?

* Would you have different timers for BFD?

* What would be the criteria for deprecating/invalidating addresses? -- 
i.e., how would BFD map into these to ND phases?

Part of the design goal we had in mind when developing the algorithms in 
Section 4.5 was to avoid sending extra packets (the two algorithms are 
essentially passive), and have something which integrates with ND/SLAAC 
as much as possible.

If one were to opt for actively "probing" stuff, then one might simply 
poll routers with RSs, and check if they keep advertising the same 
information.

IMHO, what we need to check for dealing with stale information is 
whether the advertised information is current or not -- with current 
meaning "there's a router actively advertising such information, on a 
regular basis". While in a way you might infer that if you can't BFD the 
information is stale, I think the two are verifying two different 
things. What we are doing is, in a way, garbage collection (passive 
stuff), where BFD requires active action on the host side.

That aside, what would be the advantage of the algorithm you describe vs 
e.g. Section 4.5.2 of drf-gont-6man-slaac-renum?

Thanks!

Cheers,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email