IETF Logo Mail Archive

RE: 6MAN Adoption call on raft-chakrabarti-nordmark-6man-efficient-nd-04

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Fri, 10 January 2014 11:23 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12F9B1ADFE2 for <ipv6@ietfa.amsl.com>; Fri, 10 Jan 2014 03:23:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.039
X-Spam-Level:
X-Spam-Status: No, score=-10.039 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZDFdHVLnURgv for <ipv6@ietfa.amsl.com>; Fri, 10 Jan 2014 03:23:01 -0800 (PST)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) by ietfa.amsl.com (Postfix) with ESMTP id 5539B1AC4C1 for <ipv6@ietf.org>; Fri, 10 Jan 2014 03:23:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4705; q=dns/txt; s=iport; t=1389352971; x=1390562571; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=vcJZDEDtKghvXTjLaeFRJTVTWQ3rdmEEdRDDihP+cmc=; b=H3TrGUXpvvfYlg4Lyl4riHn6xj7lTb3ym9N9G6rsabo3qa5ZZ5HtApTW btmpDrneGPDs7e8F/PAU/tROjlDJyZYFbuYBmuSGUCzrhhwoKSX9WAbLS 9zZowgn71rR5L5Xl4rRmRN+7mWIIXhIFbHad4X3d2Y0YUxO07uFE7D7o/ M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ah4FAPTWz1KtJXG+/2dsb2JhbABTBoMLOFa5QYEJFnSCJQEBAQRvCgwEAgEIDgMBAwEBCx0HMhQDBggCBAENBQiHfA3DLheOIgERAQ0SMQcGgx6BEwSJC5A8kGWDLYFxOQ
X-IronPort-AV: E=Sophos;i="4.95,638,1384300800"; d="scan'208";a="11886325"
Received: from rcdn-core2-3.cisco.com ([173.37.113.190]) by alln-iport-7.cisco.com with ESMTP; 10 Jan 2014 11:22:51 +0000
Received: from xhc-rcd-x11.cisco.com (xhc-rcd-x11.cisco.com [173.37.183.85]) by rcdn-core2-3.cisco.com (8.14.5/8.14.5) with ESMTP id s0ABMpCq006087 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 10 Jan 2014 11:22:51 GMT
Received: from xmb-aln-x02.cisco.com ([169.254.5.76]) by xhc-rcd-x11.cisco.com ([173.37.183.85]) with mapi id 14.03.0123.003; Fri, 10 Jan 2014 05:22:51 -0600
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Ole Troan <otroan@employees.org>, 6man WG <ipv6@ietf.org>
Subject: RE: 6MAN Adoption call on raft-chakrabarti-nordmark-6man-efficient-nd-04
Thread-Topic: 6MAN Adoption call on raft-chakrabarti-nordmark-6man-efficient-nd-04
Thread-Index: AQHO5RSJ8254ILuAiU+6fXohkQRkuZp+Ig4g
Date: Fri, 10 Jan 2014 11:22:50 +0000
Message-ID: <97EB7536A2B2C549846804BBF3FD47E123857EB6@xmb-aln-x02.cisco.com>
References: <1F653502-AD41-4EB6-A43D-541356810DF2@employees.org>
In-Reply-To: <1F653502-AD41-4EB6-A43D-541356810DF2@employees.org>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.55.185.70]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: 6man Chairs <6man-chairs@tools.ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jan 2014 11:23:04 -0000

Ole

As you asked for a review... here is belated one... (bear in mind that I still have to read the whole thread... I do need an efficient email processing brain!)

First, centralization and the removal of mcast traffic has already an impact on security, security (and operation probably) people tend to prefer strong centralized architecture vs. decentralized ones because they are easier to control. Of course, the drawback is 'single point of failure'

Sometimes, the ID looks more like a marketing document "optimization will be highly effective" ;-) Also, too many sentences & concepts that are relevant in the past 6lowpan WG. Some acronyms are used (NCE) before being defined (if at all for neighbor cache entry)

Mandatory use of SLAAC and EUI-64. In the contex of privacy (and possible obsolete EUI-64 + stable privacy address), I wonder whether it is still useful to rely on EUI-64. I guess that changing to a stable but private IID would be enough. The text is not really clear whether this EUI-64 is only for LLA or for any global address.

In section 4, I failed to understand the link between ULA & EUI-64.

Section 7.1, it is also unclear for me when talking about a unique address per host, does this include LLA as well? Or ULA (cfr low end CPE) in combination with GUA? Most of the document seems to indicate only EUI-64 while this section seems more open (then I remove previous comments of course). If EUI-64 is 'just' used as a node identifier/unique-ID (and not linked to any IPv6 address) why not simply using DHCP DUID? Or even the layer-2 address (assuming that this one is unique & stable). Then, I strongly suggest removing all reference to EUI-64 and use 'opaque node unique ID'.

There is the mention of 'transaction' but to me it appears as a shoot a packet and hope that it is not lost and that the receiver gets it...

Be sure to mention unauthenticated WiFi DoS against the router table as a node could easily change of MAC address and fill the table. Bringing the whole network down (including intra-link traffic). 

Also, the behavior should be explained when the NEAR receives ARO with different lifetimes, which ones to keep? Suggestion: If the 'index' to the table is no more EUI-64 (which is guessable) but an opaque/random but stable identifier (such as DHCP DUID), then the NEAR could overwrite the existing entries only when NS/ARO has the right identifier/cookie?

11.1 another way to prevent NDP cache exhaustion is simply not doing NS/NA when NEAR receives a packet to an unknown destination.

Who announced mixed mode? Can this be downgraded by sending a fake RA without the E-bit? Hence, being no more efficient? No clue on how to fix it though ;-)

Not clear to me whether CGA is supported... I would guess not, then it should be stated somewhere

15. Again, I am not really a big fan on relying on EUI-64 addresses... see above. Then, DAD is more important. Later in the section, it is talked about 64-bit MAC addresses... which is unusual on legacy W/LAN ;-)

17.2 should really be closer to the section describing mixed-mode operation

19 it makes this I-D really close to 6lowpan and similar use cases while there are benefits of this I-D applicable outside of 6lowpan as explained in appendix A

Final recommendation: remove the use cases and create a problem statement I-D because, again, the problem is wider than NS/NA (too many mcast RS/RA and other protocols such as mDNS).

Hope this helps

-éric




> -----Original Message-----
> From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Ole Troan
> Sent: mardi 19 novembre 2013 11:46
> To: 6man WG
> Cc: 6man Chairs
> Subject: 6MAN Adoption call on raft-chakrabarti-nordmark-6man-efficient-
> nd-04
> 
> All,
> 
> There was moderate support to adopt this draft at the working group
> meeting in Vancouver.
> This is an adoption call to confirm the result of the hum at the meeting.
> 
> Please provide a view with reasons as to whether the WG should adopt this
> or not.
> 
> This message starts a one week 6MAN Working Group call on adopting:
> 
> 	Title           : Wired and Wireless IPv6 Neighbor Discovery
> Optimizations
> 	Author(s)    : S. Chakrabarti, E. Nordmark, P. Thubert, M. Wasserman
> 	Filename    : draft-chakrabarti-nordmark-6man-efficient-nd-04
> 	Pages        : 31
> 	Date          : 2013-10-22
> 
>   http://tools.ietf.org/html/draft-chakrabarti-nordmark-6man-efficient-nd-
> 04
> 
> The call ends on November 26th, 2013.
> 
> Regards,
> 
> Bob Hinden & Ole Trøan

v2.23.0 | Report a Bug | By Email