Re: IPv6 certification - IPv6 Router Advertisement Lifetime 0 and Reachable time 10 seconds

Ole Troan <otroan@employees.org> Sun, 24 January 2021 19:32 UTC

Return-Path: <otroan@employees.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F18AD3A03F2 for <ipv6@ietfa.amsl.com>; Sun, 24 Jan 2021 11:32:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.003
X-Spam-Level:
X-Spam-Status: No, score=0.003 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 95rL47SR8lLa for <ipv6@ietfa.amsl.com>; Sun, 24 Jan 2021 11:32:51 -0800 (PST)
Received: from clarinet.employees.org (clarinet.employees.org [198.137.202.74]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9C333A03F1 for <ipv6@ietf.org>; Sun, 24 Jan 2021 11:32:51 -0800 (PST)
Received: from [IPv6:2a01:79c:cebd:9724:9875:42d7:7980:321c] (unknown [IPv6:2a01:79c:cebd:9724:9875:42d7:7980:321c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by clarinet.employees.org (Postfix) with ESMTPSA id 1D7DD4E11AEC; Sun, 24 Jan 2021 19:32:51 +0000 (UTC)
Content-Type: multipart/alternative; boundary=Apple-Mail-08758BD2-4CCF-4E5B-B1D7-9E88AC9F9C90
Content-Transfer-Encoding: 7bit
Subject: Re: IPv6 certification - IPv6 Router Advertisement Lifetime 0 and Reachable time 10 seconds
Mime-Version: 1.0 (1.0)
X-Apple-Notify-Thread: NO
X-Universally-Unique-Identifier: 678786C6-5972-44AE-AAC8-94C2C5926197
From: Ole Troan <otroan@employees.org>
In-Reply-To: <CAGeZV=Q2gVtWFtY7zvFb=c1Bz8ZMfpjTOpj9oozWbF=-=SRZtw@mail.gmail.com>
Cc: Nick Hilliard <nick@foobar.org>, ipv6@ietf.org
Date: Sun, 24 Jan 2021 20:32:47 +0100
X-Apple-Message-Smime-Encrypt: NO
Message-Id: <B3401C7B-3303-481A-AEC9-53182D2242DF@employees.org>
References: <CAGeZV=Q2gVtWFtY7zvFb=c1Bz8ZMfpjTOpj9oozWbF=-=SRZtw@mail.gmail.com>
To: Isaac <isaactheogaraj@gmail.com>
X-Mailer: iPhone Mail (18C66)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/JN9DRznUDK63boPnXKtpX_r5Xvk>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Jan 2021 19:32:56 -0000

Isaac,

> On 24 Jan 2021, at 20:10, Isaac <isaactheogaraj@gmail.com> wrote:
> 
> 
> Thanks Ole. Do hosts rely on RA packets for updating neighbor cache post determining that the router is no longer the default gateway? They can use NS/NA packets also right?

The router lifetime is used to determine if this router is used as the default router. The hosts receive configuration information from the router, independently of that. 

> BTW, what do you think is the configuration/scenario on a router which sends a RA packet with lifetime 0 and reachable time 10 seconds? Are you aware of any particular vendor's configuration which generates such packets?

Yes, certainly cisco’s can do that. Presumably all others too. Setting RA lifetime = 0 and reachable time to 10 does not affect behavior on the router much. It will likely  adjust its own perception of the reachable time on the link, but it might also have a separate configuration knob for that. 

Cheers 
Ole



>> On Sun, Jan 24, 2021 at 10:20 PM Ole Troan <otroan@employees.org> wrote:
>> Isaac,
>> 
>> The two variables are independent. 
>> The example you cited is perfectly fine.
>> 
>> the RA lifetime says: “don’t use me as a default router” and the reachable time configures hosts on the link to consider a neighbor entry in the ND cache reachable for 10s (for NUD).
>> 
>> Best regards,
>> Ole, 6man co-chair
>> 
>>>> On 24 Jan 2021, at 17:07, Isaac <isaactheogaraj@gmail.com> wrote:
>>>> 
>>> 
>>> Thanks Nick for the timely response!!!
>>> 
>>> I understand your comment regarding the prerogative of IPv6 forum in this regard. Meanwhile, we need a technical answer/analysis of the combination of RA lifetime 0 and Reachable time 10s whether that makes sense or whether it was clearly envisioned in the original IPv6 design. We know that RFC puts forth a set of 'may', 'might' conditions which are deemed optional in certian corner cases (possibly). We are already having discussions with the certification body but we need to go with a clear cut technical response of whether RA lifetime 0 and reachable time 10 seconds makes sense or not. Same way, section 6.2.3 in RFC4861 puts forth a 'might' condition. RA with a lifetime 0 and with advertised prefixes might mean that there may be a second router in the LAN segment which advertises a positive lifetime. And this itself is a corner scenario we believe and common scenario would be a single router in a LAN segment who always advertises with a positive lifetime until he decides to cease to be default gatewway for clients (probably he is ging down as well). But the combination of RA lifetime 0 and reachable time 10 seconds doesn't make sense to us and we are clueless as to how that can be supported. We do not want to deisgn some throw away logic just for certfication purpose and we do think thats neither the purpose of certification bodies nor the end customers. We need a solid technical answer from the IETF IPv6 official body in this regard. Please review and respond.
>>> 
>>> Thanks,
>>> Isaac.
>>> 
>>>> On Sun, Jan 24, 2021 at 5:38 PM Nick Hilliard <nick@foobar.org> wrote:
>>>> Isaac wrote on 24/01/2021 11:02:
>>>> > At the moment, we are unable to find a scenario (real world usecase) to 
>>>> > support RA lifetime of 0 and RA reachable time of 10 seconds. Please 
>>>> > review and respond.
>>>> 
>>>> Isaac,
>>>> 
>>>> you're referring to an IPv6 Forum document, so they might be more 
>>>> qualified to give an answer to your question.
>>>> 
>>>> As a potential pointer, rfc4861 documents the following case in section 
>>>> 6.2.3:
>>>> 
>>>> >    A router might want to send Router Advertisements without advertising
>>>> >    itself as a default router.  For instance, a router might advertise
>>>> >    prefixes for stateless address autoconfiguration while not wishing to
>>>> >    forward packets.  Such a router sets the Router Lifetime field in
>>>> >    outgoing advertisements to zero.
>>>> 
>>>> Nick
>>> --------------------------------------------------------------------
>>> IETF IPv6 working group mailing list
>>> ipv6@ietf.org
>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>> --------------------------------------------------------------------