The ping-pong phenomenon with p2p links
Pekka Savola <pekkas@netcore.fi> Wed, 30 July 2008 20:27 UTC
Return-Path: <ipv6-bounces@ietf.org>
X-Original-To: ipv6-archive@megatron.ietf.org
Delivered-To: ietfarch-ipv6-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CBC083A6981; Wed, 30 Jul 2008 13:27:45 -0700 (PDT)
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4AD2B3A685C for <ipv6@core3.amsl.com>; Wed, 30 Jul 2008 13:27:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.528
X-Spam-Level:
X-Spam-Status: No, score=-2.528 tagged_above=-999 required=5 tests=[AWL=0.071, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h5J6dfr1Rhsc for <ipv6@core3.amsl.com>; Wed, 30 Jul 2008 13:27:43 -0700 (PDT)
Received: from netcore.fi (eunet-gw.ipv6.netcore.fi [IPv6:2001:670:86:3001::1]) by core3.amsl.com (Postfix) with ESMTP id C6C873A68D8 for <ipv6@ietf.org>; Wed, 30 Jul 2008 13:27:42 -0700 (PDT)
Received: from netcore.fi (localhost [127.0.0.1]) by netcore.fi (8.13.8/8.13.8) with ESMTP id m6UKRswJ030423 for <ipv6@ietf.org>; Wed, 30 Jul 2008 23:27:54 +0300
Received: from localhost (pekkas@localhost) by netcore.fi (8.13.8/8.13.8/Submit) with ESMTP id m6UKRr3b030419 for <ipv6@ietf.org>; Wed, 30 Jul 2008 23:27:53 +0300
Date: Wed, 30 Jul 2008 23:27:53 +0300
From: Pekka Savola <pekkas@netcore.fi>
To: ipv6@ietf.org
Subject: The ping-pong phenomenon with p2p links
Message-ID: <alpine.LRH.1.10.0807302240130.29324@netcore.fi>
User-Agent: Alpine 1.10 (LRH 962 2008-03-14)
MIME-Version: 1.0
X-Virus-Scanned: ClamAV 0.93.1/7882/Tue Jul 29 22:06:54 2008 on otso.netcore.fi
X-Virus-Status: Clean
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: ipv6-bounces@ietf.org
Errors-To: ipv6-bounces@ietf.org
Hi, On the plenary tonight, Lorenzo Colitti from Google mentioned a looping problem with p2p interfaces and using non-/127 prefix length. He said they had asked the vendors to implement an RFC fix for this but vendors had refused (citing loss of forwarding performance). I think this may call for more attention here. The ICMPv6 spec (RFC4443) has the following new requirement (stemming from draft-ietf-ipngwg-p2p-pingpong) since its predecessor: One specific case in which a Destination Unreachable message is sent with a code 3 is in response to a packet received by a router from a point-to-point link, destined to an address within a subnet assigned to that same link (other than one of the receiving router's own addresses). In such a case, the packet MUST NOT be forwarded back onto the arrival link. In the last sentence seems to mean the triggering packet. If so, making this kind of forwarding specification inside ICMP spec is interesting, and it is also interesting because the ICMP implementation must watch out for packets which aren't destined to the local node. AFAIK, this issue is not touched in any other RFC (for v4 or v6). This is more or less well-known behaviour on IPv4 side and as such long prefixes are not used on point-to-point links. Based on my quick test with Juniper routers both IPv4 and IPv6 packets happily loop back and forth (no forwarding checks, ping shows "time to live exceeded"), and both ICMPv4 and ICMPv6 packets get originated just fine (traceroute shows looping behaviour). (Note: Juniper claims conformance to RFC2463, not RFC4443.) I wonder how other _hardware-based_ implementations behave? At least Cisco claims RFC4443 compliancy but I don't have p2p interfaces to test this. I wonder if there are other vendors who have found implementing RFC4443's apparent "thou shalt not forward back" unfeasible? If that part in the implementation has widely been seen as a problem, given that IPv6 architecture (in paper) requires /64 addressing, and there are other reasons why /127 is broken (RFC3627), the IETF might need to do something. Workarounds are at least using distinct /128 addresses and static routes or a routing protocol or just link-local addresses. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
- The ping-pong phenomenon with p2p links Pekka Savola