IETF Logo Mail Archive

Re: Adoption Call for "Improving the Robustness of Stateless Address Autoconfiguration (SLAAC) to Flash Renumbering Events"

Jen Linkova <furry13@gmail.com> Tue, 07 July 2020 10:34 UTC

Return-Path: <furry13@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C05E43A0A56 for <ipv6@ietfa.amsl.com>; Tue, 7 Jul 2020 03:34:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9IOHBjFA8HW4 for <ipv6@ietfa.amsl.com>; Tue, 7 Jul 2020 03:33:59 -0700 (PDT)
Received: from mail-qt1-x829.google.com (mail-qt1-x829.google.com [IPv6:2607:f8b0:4864:20::829]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 129523A0A55 for <ipv6@ietf.org>; Tue, 7 Jul 2020 03:33:59 -0700 (PDT)
Received: by mail-qt1-x829.google.com with SMTP id u12so31266503qth.12 for <ipv6@ietf.org>; Tue, 07 Jul 2020 03:33:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=w5cY7m9/dnUKE0HI4r9Eah03l+IUk3quHlNXFnNM6vw=; b=VMydHtLFJqz8gdZS9jraX0mwVh9x8tlmABfib8zK1h6ZIy3gZZLIwkIDG4z/qfIaS/ e747V9H8zL0b2Lvm+Br2hOAXEpjMPuCF3k9SkPVS9giSLWePSr2BBRD9TgYKMO2UCMWu zYAk0lMQIj49+yjHaxo7KOHGGYiL6NXAu1NhCju/LGgk78NGUNiwFQfAyINtCu4y5Iy4 n0j5gzGAPWY4e8Xx8qnEzdvBp7ecL8adQevHlHUJdDdahjXtgGJbJlSfKh7e6o2+tPUX gdwA9wUKQeH8IGrfzECeEOtoWqNthkCGCY047kValc3PD+y/w8nnt3r9f3I6Z4YOxeyc 0a8w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=w5cY7m9/dnUKE0HI4r9Eah03l+IUk3quHlNXFnNM6vw=; b=oRf/mybnHI4Ydz004PhUNi19AOFGceM2sRsxHekc1ve+Vw5OFb2MgvBUTacLaVtOFD wFzQnVIgvcRSmOjFkNFQA0TuGheMecM6DGpECoF5EGuedT/lZSvJo0ImFRRwMA/oMv5d KA1LhGC8Jn2ZWt2kwr4xx6NGCgA2yO3tOy0zcRobu5hr3OL6JzTVl4XZUUZC6I9sT9M4 XCinbnBB+g2A5l6Rn52OX4YWGR7p46zzPEXIQh2L6HTG4L7rjxP9qayS/Ruy7HB5HEpz c0b5KXK/lQki/cTcwkVE+jVBGySfTNHqu9IBpR7LqN6XHfZ9rH7tcybKhua9E8wyz1sa 8O4Q==
X-Gm-Message-State: AOAM533Zki/KJ3GAYxZjNa8AlfCZTQcYElROR7bXH1N9bUJZkxrCfybT R4w/B6OaP7bKAnkDN2ngDcSQLnl/4DjQGLVf5rMLsx67
X-Google-Smtp-Source: ABdhPJy3O2Q0XpnbY7rZZzARKKf20LK0fYTRQTB7JBHkFLPAlrVTE8su7bMKMOsoRcWpMII/PPOBBlWG0FWXidjIKh0=
X-Received: by 2002:ac8:4e2d:: with SMTP id d13mr54806439qtw.52.1594118037929; Tue, 07 Jul 2020 03:33:57 -0700 (PDT)
MIME-Version: 1.0
References: <CC295D49-5981-41C3-B4DB-E064D66616CE@gmail.com>
In-Reply-To: <CC295D49-5981-41C3-B4DB-E064D66616CE@gmail.com>
From: Jen Linkova <furry13@gmail.com>
Date: Tue, 07 Jul 2020 20:33:46 +1000
Message-ID: <CAFU7BAQX8B2n3FFjQ3h-9VLP7zR=zy0nO0z7bEtz3KXZ7wp=eg@mail.gmail.com>
Subject: Re: Adoption Call for "Improving the Robustness of Stateless Address Autoconfiguration (SLAAC) to Flash Renumbering Events"
To: Bob Hinden <bob.hinden@gmail.com>
Cc: IPv6 List <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/F_OpIapzhga5KUvmFPLVkAmEr_w>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jul 2020 10:34:01 -0000

On Sat, Jun 27, 2020 at 9:36 AM Bob Hinden <bob.hinden@gmail.com> wrote:
> This message starts a two week 6MAN call on adopting:
>
>  Title:          Improving the Robustness of Stateless Address Autoconfiguration (SLAAC) to Flash Renumbering Events
>  Authors:        F. Gont, J. Zorz, R. Patterson
>  File Name:      draft-gont-6man-slaac-renum-08
>  Document date:  2020-05-18>
>  https://tools.ietf.org/html/draft-gont-6man-slaac-renum
>
> as a working group item. Substantive comments and statements of support for adopting this document should be directed to the mailing list.  Editorial suggestions can be sent to the authors.  This adoption call will end on 10 July 2020.

First of all I agree that we do have a problem with flash renumbering
and it would be desirable to make the protocol more robust.
However I have some reservations about the changes proposed by the
draft and I do not support the adoption in its current form.
(I'd disagree with the argument that 'adopting does not mean the draft
will be published as it is so let's adopt it and figure out the
content later'. IMHO adopting the draft means that the WG agrees with
the proposed standard changes in principle and is willing to work on
polishing the details.

It's not the case for this draft for me.
In particular,
- the draft proposes some fundamental changes to the SLAAC. The full
impact of those changes, especially if the network can not guarantee
all ND packets to be delivered, is unclear.
- the draft drastically increases the complexity of the SLAAC state
machine. I'm not convinced the potential benefits are worth it.
Taking into account introduced complexity and not fully estimated
negative impact, it looks like the cure might be worse than the
disease. Introducing changes of that scale to *all* hosts to fix a
corner case of broken routers/software looks like a drunkard's search
principle...
- the draft assumes that RFC8028 is widely implemented while it does
not seem to be the case.
- I also agree with Lorenzo that the draft proposed a kind of
inconsistent behaviour by applying the heuristic to PIOs only. Shall
the same approach be taken for RIOs?
And any other RA option?

> There has been a lot of discussion on this draft, the chairs have some concerns with this document being adopted, but wanted the w.g. to express its opinion.  Our concerns include:
>
> This document proposes significant changes to SLAAC to fix what could be seen as an implementation problem in some edge routers.  This will affect all IPv6 nodes, not only the ones communicating with these edge routers.  This part of IPv6 is a mature standard.   It is not clear we should modify all IPv6 hosts to deal with one corner case that may break other things allowed by the standard.
>
> The changes proposed will make SLAAC more active, the changes include:
>
>  o Reducing the default Valid Lifetime and Preferred Lifetime of PIOs

I fully support this part of the proposal. Reducing the default values
for valid and preferred lifetimes so prefix and router lifetimes are
of the same magnitude does make sense. It's what I have deployed
anyway.

>  o Caps the received Valid Lifetime and Preferred Lifetime of PIOs.
>  o Frequent retransmission of configuration information
>  o Routers send all options in RA messages
>
> Some additional questions for the w.g. to consider:
>  o Are there better approaches to address the underlying issue?

Not sure if they are better or not, but off top of my head:
- I do not see the reason to force the invalidation of the prefix. If
the goal is to be able to communicate to 'new owners' of addresses in
that prefix, then
it would be enough to clear all on-link information when the prefix
gets deprecated.
- if we assume that hosts support RFC8028/Rule 5.5 then all the
routers need to do is to use the new Link-Local address every time the
PIOs set is changing (create a hash of PIOs or smth to generate the 64
bits of interfaceID). So as soon as the set of advertized PIOs has
changed, the router would send X new RAs from the new LLA. The hosts
would detect the old LLA being unreachable via NUD and switch to the
new prefix(es).
- we already have a mechanism for finding out what address works -
it's called Happy Eyeballs.
- I'm obviously biased here [1], but why can we not let the source
address selection to deal with it?
[1] https://tools.ietf.org/html/draft-linkova-6man-default-addr-selection-update-00

>  o Do the proposed changes work in all deployments?

That's my main concern. In multiple RA scenario the proposed mechanism
does not seem to be resilient to packet loss

>  o Are some proposed changes worth advancing even if the entirety may not be? If so, which ones?

I'd fully support reducing the default values for the lifetimes.

-- 
SY, Jen Linkova aka Furry

v2.23.0 | Report a Bug | By Email