IETF Logo Mail Archive

Re: Robustness principle and multicast source address

Mark Smith <markzzzsmith@gmail.com> Fri, 30 November 2018 12:38 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8C721294D7 for <ipv6@ietfa.amsl.com>; Fri, 30 Nov 2018 04:38:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.497
X-Spam-Level:
X-Spam-Status: No, score=-0.497 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XKA_lCZvUadR for <ipv6@ietfa.amsl.com>; Fri, 30 Nov 2018 04:38:01 -0800 (PST)
Received: from mail-oi1-x232.google.com (mail-oi1-x232.google.com [IPv6:2607:f8b0:4864:20::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38C71128AFB for <ipv6@ietf.org>; Fri, 30 Nov 2018 04:38:00 -0800 (PST)
Received: by mail-oi1-x232.google.com with SMTP id v6so4591023oif.2 for <ipv6@ietf.org>; Fri, 30 Nov 2018 04:38:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5qb7k3PCf+3uJ4JIivEkq+WrmPvSnuI0Y4VD7BG7gOA=; b=C71PG+n7aYFr0HZG+smznZUulvE9mLaSFtrzfADOuk2qtukQAXjAZMpGJeyp9TKNBj gzok4ql2XWx78f3jfM0UTBTjxr9LmA8Ky3GIlbPJwe3dALGW8wui11APEbaluBZc7pvg TseF1tmmLU30QhiDukagsEJZNjBvdSlxMJA1QjDmgXuDq7qHlNSIDahA2y0R2LrTGu6B UsDOq8gZ3jEzc/i2jAKqPWM2GS38I1qlg0TTkw5+lfGR+9++c5Bv97Vj9M+rQqqrXYAI c5+U1szUG+t5k+tXxr2g411+j2P6xHfOaiJxOzG2Vjd82RfuOZvEzsJrnnj1dnO3PcUd XOew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5qb7k3PCf+3uJ4JIivEkq+WrmPvSnuI0Y4VD7BG7gOA=; b=VeUCv38gzEF62XpJRq6FOvHjJhIxspL0BlbQinwhgs4rlC4NQj8WFrYg36nm9VKisk auCFYu3C6YYGzG0GTWEi83ZVLhr3dikgvY2WjV63XW9DQcGabfXze/mTS5H01TFPqiGL gbwA08ogbt9FOmJm31QMN7srfWnIaIwpmrxKLEOUK+lD6anUaLd3U160AUbZcI1wVYS7 t7LErkTmBt8+WXEhOqaMwPdhf8DdZsnUECMkQ1x/86ZjkFD0rTTVahAYCrSFRFzvExCq 4yVJA96XMUruilOD3Yd6moGPUD3pJhI/7X+SzyoCgeA19PQzw/U0JIZaG8WTs/VnR071 0YcA==
X-Gm-Message-State: AA+aEWb8wlKW0jYc/wk7koF6V5BW2LaRDTqUMw5XNyMiCJYuEG0njE/x m01vblteDaHCBwAiJuhv+h01pJz3Y0kuWsOqqQY=
X-Google-Smtp-Source: AFSGD/WjWYPwJcbpyQ0yqcYadnzk6Q0d6BEL3DXII8gzjNWCcEa2J92q0VDwkY0ApavNoQhqORVfJUVxC7YXMfZk4J8=
X-Received: by 2002:a54:4d8e:: with SMTP id y14mr3371762oix.60.1543581479877; Fri, 30 Nov 2018 04:37:59 -0800 (PST)
MIME-Version: 1.0
References: <CAFU7BAQH-vYkpk0cuhdvTZFEQXKx4DnDzVObN7xY84CWBTQbPg@mail.gmail.com> <CAO42Z2zapn43gnjD_SLFt+q7ZiqykFT9gEyhandSpCgo7-TN_w@mail.gmail.com> <7d0a4288-c3e5-f9cf-c257-5225754b675e@gmail.com>
In-Reply-To: <7d0a4288-c3e5-f9cf-c257-5225754b675e@gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Fri, 30 Nov 2018 23:37:48 +1100
Message-ID: <CAO42Z2zVv6D_3BnSdOLLEiM+FHWP8Q3753vDxfK2-Re7OQbXxA@mail.gmail.com>
Subject: Re: Robustness principle and multicast source address
To: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Cc: 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ca4258057be111fb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/GnvAQQtmIAXMJ_Kgww2ubC094HE>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Nov 2018 12:38:04 -0000

On Fri., 30 Nov. 2018, 22:05 Alexandre Petrescu <
alexandre.petrescu@gmail.com wrote:

>
> Le 20/11/2018 à 02:45, Mark Smith a écrit :
> > Hi Jen,
> >
> > On Thu, 15 Nov 2018 at 17:32, Jen Linkova <furry13@gmail.com> wrote:
> >> The section 2.7 of RFC4921 says:
> >>
> >> Multicast addresses must not be used as source addresses in IPv6
> >> packets or appear in any Routing header.
> >>
> >> (https://tools.ietf.org/html/rfc4291#section-2.7)
> >>
> >> Does it mean that any packets with multicast source MUST be dropped by
> >> the receiver? Or shall Postel's Law still apply?
> >>
> > I'd be saying MUST, and silently.
> >
> > A multicast source address fundamentally doesn't really make sense. A
> > multicast address represents a group of addresses, so a multicast
> > address in a single packet's source address field suggests the single
> > packet somehow has multiple sources, which suggests multiple devices
> > built parts of the single packet. IPv6 doesn't support multi-source
> > multi-part single packets! (Has any protocol?)
>
>
> Not yet, but why not.
>
> This idea of a packet coming from we dont know where and sent to many
> others could be useful.
>

So the above is about a multi-source, multi-part packet, that is at some
point and at some place combined into a single packet, rather than a single
packet originated by an unimportant and unspecified source.

(For unidirectional communication, the source address is optional, in the
sense that because there will be no reply, the actual source device's
address is not essential, although it may be useful.)


> I routinely look at packets without caring where they come from.
>
> Many routers forward packets without carying where they come from.
>
> So instead of being useless, maybe call it useless.  That could be a
> specific address, like "usel:ess::"
>


::0, the unspecified address, is the source address you're looking for.


> In vehicular networking the broadcast of PoI has this kind of absence of
> precision: when one receives a PoI one just learns that in that area
> (dont know precisely where, no src) there is an important point like a
> gas station.
>
> Alex
>
> >
> > Source addresses are also commonly used as destination addresses for
> > responses, so a multicast source address where a unicast address
> > should be can mean a link layer flooded multicast instead of unicast
> > response. (For IPv4, RFC1122 specifies that received, link-layer
> > broadcast IPv4 packets that do not have an IPv4 broadcast or multicast
> > address should be silently ignored, mitigating this scenario.)
> >
> > With old enough Ethernet switch firmware that supports translational
> > bridging, the I/G bit in the Ethernet source address field actually
> > means there is a source route information field, following the
> > destination address
> > (
> https://www.cisco.com/c/en/us/support/docs/ibm-technologies/token-ring/24501-trb-rif.html
> ).
> > If there isn't, the switch might drop the packet, which some server
> > colleagues of mine found out when they tried to use the Linux IPtables
> > ClusterIP extension, as it tries to use "multicast" source Ethernet
> > addresses.
> >
> >
> >> In particular (practical question...): shall an NA packet from the
> >> multicast source be dropped (if one applies the NA validation rules
> >> from https://tools.ietf.org/html/rfc4861#section-7.1.2 such packet
> >> would be still a valid advertisement...)
> >>
> > This draft did specify some more stringent NA source address
> > validation, as well as other validation e.g. Source Link Layer Address
> > option does not contain a multicast link layer address.
> >
> > "Security Assessment of Neighbor Discovery (ND) for IPv6"
> > https://tools.ietf.org/html/draft-ietf-opsec-ipv6-nd-security-00
> >
> >
> >
> >
> > Regards,
> > Mark.
> >
> >> --
> >> SY, Jen Linkova aka Furry
> >>
> >> --------------------------------------------------------------------
> >> IETF IPv6 working group mailing list
> >> ipv6@ietf.org
> >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> >> --------------------------------------------------------------------
> > --------------------------------------------------------------------
> > IETF IPv6 working group mailing list
> > ipv6@ietf.org
> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------
> >
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email