IETF Logo Mail Archive

Re: [v6ops] Stability and Resilience (was Re: A common...)

Timothy Winters <twinters@iol.unh.edu> Fri, 22 February 2019 17:43 UTC

Return-Path: <twinters@iol.unh.edu>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 374A4130DEF for <ipv6@ietfa.amsl.com>; Fri, 22 Feb 2019 09:43:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iol.unh.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D3oczN_6RoEE for <ipv6@ietfa.amsl.com>; Fri, 22 Feb 2019 09:43:44 -0800 (PST)
Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0107412F1AC for <ipv6@ietf.org>; Fri, 22 Feb 2019 09:43:43 -0800 (PST)
Received: by mail-wm1-x334.google.com with SMTP id t15so2699384wmi.5 for <ipv6@ietf.org>; Fri, 22 Feb 2019 09:43:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iol.unh.edu; s=unh-iol; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=l13H6hyWLRUo0rn6tC6AKmGm/RgogC+3RjiR0sfhNGc=; b=RyUJKsqdROVJOWK4wmceb3LJYE9lObjRhkadtrcgBzKvdN2GvUAXCQ76y8S4ITKP9S K36yA3LvReNpg82skxJHCiq6J110CoS/pXZUtSvNVmpHTzQ+hbOmJrPaGurexodks9Pu FgnMNmx7U0IbipqlAxweHfqv6NMjzxiTelhWY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=l13H6hyWLRUo0rn6tC6AKmGm/RgogC+3RjiR0sfhNGc=; b=lClWdlC4Q959VNs1jfPDmys11QWyiFZKsGF30MMSEvCTjLXOc0yYfBuqMwt5foSxWm zaDpvjvRnE3QmY1Ueugu+pZ7rjual6AO+OhIOqkRrxm2RNFmgynXkQTVQ5pSD/CdYW7i e5FwhtfMkQUmS3qaVHPX6/B9sKC8U3Vo359UblYZiKiUY1NCPnKbFi8S4EBTnECvL18L 3KB8LlAwbQiqveSBHQYNBDNWn5WiWJRLBL8b0B1GQ4CxwABN0C5lYq8teLwXDQOaCPX3 a/0BIikeb8OHBFrnorohgoESNBaMGjktl363Xy68R8DSMporiCwBiZTkvcbvcc4gQYBC aAhg==
X-Gm-Message-State: AHQUAuYL50/ZhxVses4FDb2d22SlLbiu2GJ66YdqlcPqHHTA8AvklFD8 dtAKH8ZawglY/Ogm5ayY7adr6LNkf9IQCjBRe0E47Q==
X-Google-Smtp-Source: AHgI3IbD+TauXOrQFXiGNkRx1XoZZhidxwk5fF/f/V56fdWGBfYZxhKV8l8l7YZ/SBYSBpBl4nNLqwXSQ8Yvj/cggJM=
X-Received: by 2002:a1c:230e:: with SMTP id j14mr3379890wmj.9.1550857422056; Fri, 22 Feb 2019 09:43:42 -0800 (PST)
MIME-Version: 1.0
References: <6D78F4B2-A30D-4562-AC21-E4D3DE019D90@consulintel.es> <B6E2EC33-EEAF-40D0-AFCC-BDAFA9134ACD@consulintel.es> <20190220113603.GK71606@Space.Net> <28fbc2c305c640c9afb3704050f6e8d7@boeing.com> <20190220213107.GS71606@Space.Net> <019c552eb1624d348641d6930829fd1f@boeing.com> <CAKD1Yr0HBG+rhyFWg9zh0t3mW486Mjx9umjn+CRqAZg4z9r0dg@mail.gmail.com> <20190221073530.GT71606@Space.Net> <CAO42Z2wmB2W52b4MZ2h9sW5E9cQKm-HRjyf--q8C26jezS7LXQ@mail.gmail.com> <a73818d31db7422b99a524bc431b00ed@boeing.com> <CAO42Z2z9-48Gbb_Exf+oWUqDO=axSLpZBtqeDcxkAoFq5OziGw@mail.gmail.com> <0629af5e-5e1b-7e01-5bf4-b288a2d36809@asgard.org> <DD0A06B0-C704-451C-AA43-CAF420F24B4D@delong.com> <763ED571-AC76-419A-A0B6-43F9AC763F53@jisc.ac.uk>
In-Reply-To: <763ED571-AC76-419A-A0B6-43F9AC763F53@jisc.ac.uk>
From: Timothy Winters <twinters@iol.unh.edu>
Date: Fri, 22 Feb 2019 12:43:30 -0500
Message-ID: <CAOSSMjVjYUkpQjT_S7GJm+SxVYCh7vaV+7MRNMhoZNtBFPNieg@mail.gmail.com>
Subject: Re: [v6ops] Stability and Resilience (was Re: A common...)
To: Tim Chown <Tim.Chown@jisc.ac.uk>
Cc: Owen DeLong <owen@delong.com>, "ipv6@ietf.org" <ipv6@ietf.org>, IPv6 Ops WG <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bd412605827f21cb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/JoPHGD5H-zeNM5B-eKmorylMQVY>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2019 17:43:48 -0000

On Fri, Feb 22, 2019 at 12:30 PM Tim Chown <Tim.Chown@jisc.ac.uk> wrote:

> Hi,
>
> On 22 Feb 2019, at 17:04, Owen DeLong <owen@delong.com> wrote:
>
> Networks should, as much as possible, be resilient to prefix changes. Some
> things networks can do to improve resilience:
>
>    1.
>
>    Write a learned prefix to non-volatile memory and issue a DHCPv6 Renew
>    for that prefix on reboot.
>
>    2.
>
>    Use dynamic DNS and shorter TTLs.
>
>    3.
>
>    Implement something like NETCONF to distribute prefix information to
>    policy devices like firewalls or SD-WAN controllers. I think a separate
>    document describing this application of NETCONF would make sense.
>
>
> If the prefix is written to nv men, wouldn’t it also be possible for
> implementers to send rapid deprecation RAs for any prefix not renewed?
>
> In other words, after reboot, try to reacquire same prefix. If that
> doesn’t work, when you advertise the new prefix, you could also include the
> old prefix with a very short preferred and valid lifetime (e.g. 1 second)
> in the first RA, which should be sent to the all nodes on link multicast?
>
> It doesn’t eliminate the problem, but 1 second additional duration would
> be barley noticeable amid the minute or so it takes most home gateways to
> reboot.
>
>
> That's similar in spirit to RAmond, which we used to use when seeing rogue
> RAs on our campus network.  It would auto-deprecate any prefixes that
> shouldn't be there. (http://ramond.sourceforge.net/)
>
> The snag is that I suspect most OSes would ignore a valid timer of 1
> second, given the 7200 second (2 hour) minimum defined in RFC 4862 (unless
> the RA is authenticated, somehow).  The preferred timer can be zero.  When
> RAmond was written, if we used a valid timer less than 7200 seconds it
> seemed that the deprecating RAs were ignored.  That was 10+ years ago
> though.  Perhaps Tim Winters has data on whether that rule is implemented
> today in practice; I'd assume the tests he runs might include that.
>
So we test that IPv6 implementations set the address to two hours if the
address was higher then gets a low value (such as 1).   Currently there is
no way to make it less then two hours if a Rogue RA gets out and gives out
a longer address lifetime.

>
> But I like Lee's analysis.
>
> Tim
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email