IETF Logo Mail Archive

RE: Why has RFC 4941 been designed in such a way, that it might causeaddress conflicts?

"Hemant Singh (shemant)" <shemant@cisco.com> Sun, 20 March 2011 21:59 UTC

Return-Path: <shemant@cisco.com>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3DC753A6BEA for <ipv6@core3.amsl.com>; Sun, 20 Mar 2011 14:59:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.739
X-Spam-Level:
X-Spam-Status: No, score=-10.739 tagged_above=-999 required=5 tests=[AWL=-0.140, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tP8j0pDXuLyg for <ipv6@core3.amsl.com>; Sun, 20 Mar 2011 14:59:02 -0700 (PDT)
Received: from rtp-iport-2.cisco.com (rtp-iport-2.cisco.com [64.102.122.149]) by core3.amsl.com (Postfix) with ESMTP id 11A753A69B6 for <ipv6@ietf.org>; Sun, 20 Mar 2011 14:59:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=shemant@cisco.com; l=2036; q=dns/txt; s=iport; t=1300658434; x=1301868034; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=lgM8S+q7ivfdrIqjhZiLWtAEUKfbxk4gJxvkHyDWdQc=; b=Zyt1rqtZDarqBrf4IdAtJuvu9R1xSj8UBulRWs6wExI+YGQgqq6xD8Jl KAdQNJNXQaUUmNp9q/nPvkB7iAUKd4tJoWF/vCQJSjtYtLCMeX50WBEjD ymZQq624EK4PjCiB4g3uoAgvw17xt8P/c3HDo3JSbhOwHlpW9z/HXT5UE M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvMAAI0Vhk2tJV2a/2dsb2JhbACYNI06d6Nrji6MYYVjBIUziws
X-IronPort-AV: E=Sophos;i="4.63,216,1299456000"; d="scan'208";a="227291409"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rtp-iport-2.cisco.com with ESMTP; 20 Mar 2011 22:00:31 +0000
Received: from xbh-rcd-302.cisco.com (xbh-rcd-302.cisco.com [72.163.63.9]) by rcdn-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id p2KM0V27000351; Sun, 20 Mar 2011 22:00:31 GMT
Received: from xmb-rcd-109.cisco.com ([72.163.62.151]) by xbh-rcd-302.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Sun, 20 Mar 2011 17:00:32 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: Why has RFC 4941 been designed in such a way, that it might causeaddress conflicts?
Date: Sun, 20 Mar 2011 17:00:29 -0500
Message-ID: <5B6B2B64C9FE2A489045EEEADDAFF2C3010D2B1F@XMB-RCD-109.cisco.com>
In-Reply-To: <4D7FEE26.9060502@gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Why has RFC 4941 been designed in such a way, that it might causeaddress conflicts?
Thread-Index: AcvjY/zRy0liUrQMQnmfkCWb3QB2mgD4wjmA
References: <C744C51B-F2B0-4137-B39F-54B8D62F1C97@equinux.de> <E7CFEDBC-5048-413E-93C9-DBF79B4FC238@apple.com> <E8CD61BF-827E-4A83-AA63-275D0CCB0B53@equinux.de><35A891E0-9BA1-4694-AFA3-C6C46C8F3625@apple.com> <4D7FEE26.9060502@gmail.com>
From: "Hemant Singh (shemant)" <shemant@cisco.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, james woodyatt <jhw@apple.com>
X-OriginalArrivalTime: 20 Mar 2011 22:00:32.0086 (UTC) FILETIME=[3B6E1F60:01CBE74A]
Cc: ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Mar 2011 21:59:03 -0000

-----Original Message-----
From: ipv6-bounces@ietf.org [mailto:ipv6-bounces@ietf.org] On Behalf Of
Brian E Carpenter
Sent: Tuesday, March 15, 2011 6:55 PM
To: james woodyatt
Cc: ipv6@ietf.org
Subject: Re: Why has RFC 4941 been designed in such a way, that it might
causeaddress conflicts?


>If you'll excuse an anecdote, while I was living in Geneva I was
regularly
>amused when the shiny new information screens in the shiny new buses
>would display the Windows IPv4 duplicate address warning instead of
>the next bus stop. Even so, the Geneva bus service hasn't come to an
end.

>My point? The probability of a duplicate address in an IPv6 subnet is
>many orders of magnitude less than it is in IPv4. Like 1 in 2^63
>instead of 1 in 2^8.

>This is just too remote a probability to worry about.

In a recent IPv6 CE Router Interop in the U.S. during mid-February 2011
where such home routers were tested in a cable broadband network IPv6
link-local addresses were found to be duplicate.  My guess is that the
Interop network had 2-30 IPv6 nodes.  Two different CE routers with
different mac-addresses created the same IPv6 link-local address.  I
don't have logs from the problem but the problem can only be one of two
things.  Either the CE did not generate its IPv6 link-local address
using EUI-64 or the CE did but the CE has a bug in the code to generate
an IPv6 link-local address using the EUI-64 format that uses the
mac-address of the CE.  The CE routers are consumer devices that will
deploy with no console.  So what admin of the network will see the CE
reporting to the CE console a DAD failure for the IPv6 link-local
address?   The SP serving this home is also clueless as to what
happened!  

Stuff happens.  Others on this thread have reported they want to secure
their IPv6 networks.  We should collect a list of all issues operators
of networks and other folks are reporting and see if the existing
protocols are not able to help, let's see what else we can do.

Hemant

v2.23.0 | Report a Bug | By Email