IETF Logo Mail Archive

Re: 6MAN WG Adoption call : draft-jeong-6man-rdnss-rfc6106-bis

Mark ZZZ Smith <markzzzsmith@yahoo.com.au> Wed, 22 July 2015 01:22 UTC

Return-Path: <markzzzsmith@yahoo.com.au>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 826641A8780 for <ipv6@ietfa.amsl.com>; Tue, 21 Jul 2015 18:22:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.823
X-Spam-Level:
X-Spam-Status: No, score=0.823 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=1, HK_RANDOM_REPLYTO=0.999, MALFORMED_FREEMAIL=0.001, MISSING_HEADERS=1.021, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tHoIP3jmHUSD for <ipv6@ietfa.amsl.com>; Tue, 21 Jul 2015 18:22:16 -0700 (PDT)
Received: from nm22-vm1.bullet.mail.bf1.yahoo.com (nm22-vm1.bullet.mail.bf1.yahoo.com [98.139.212.127]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3137C1A0091 for <ipv6@ietf.org>; Tue, 21 Jul 2015 18:22:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com.au; s=s2048; t=1437528135; bh=+dqV1mHy6xsoQVndDOUpxJyuzgQsS5SRdrZ6lzNa5AY=; h=Date:From:Reply-To:Cc:In-Reply-To:References:Subject:From:Subject; b=OPtXb5XaMgrl3bI0tAB9vvDCX/RMwCLKQWjQ6cssTjRuNeQ0MIrsST8ZQCa1rY5g0l1le4RXhqLFLRp8koVdPnJVYkXHIqTedbJUiDZq+wUF8C3sAaANVaMGAMKKwhTiBIrtfMYCQ2SpxJp8spmTcx2ojwUFaw4kkErz3+4Z/Fw1UTQwCBYO3/ed/NzxsW78hlCrAnqBCDlJ0bH0UHosKUY6e+CVh5EvR078sXQr35NV/y1a2FhJXu2HtPPEd/+tim1nuyphTSSR+fUAPdVpF63gw0rzzb2wwi59JfAdiSe127WLnymZgE/QSQsPEOKKG0CYNtbCxGB8TuMgPy1knA==
Received: from [66.196.81.174] by nm22.bullet.mail.bf1.yahoo.com with NNFMP; 22 Jul 2015 01:22:15 -0000
Received: from [98.139.212.227] by tm20.bullet.mail.bf1.yahoo.com with NNFMP; 22 Jul 2015 01:22:15 -0000
Received: from [127.0.0.1] by omp1036.mail.bf1.yahoo.com with NNFMP; 22 Jul 2015 01:22:15 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 338393.69111.bm@omp1036.mail.bf1.yahoo.com
X-YMail-OSG: 8jsdX5gVM1kvxQkYcQvk.BKQe5jeWIkRFbnFCpyQ9a.z38t3qrMMryQeSttDTa2 SS3zhLLRCfaxxf9D8V8m7ke4pl.xAPN1t9.p0p1FghZGn1vjIZNy68FbhoX8vcqs1A2fYC9r6b_h sk3rsl3.FGQo0pWfoc1B.x2PcsZsLOCf5JDTwEeKcG7yAQvVsTpYYA1YH00MZK6VVBzsfpl38mtj rLKRM3tsYK3r_D5vmoU6Bx0j17UPDf6f_5UpGCc.tQWhXTnKDeZdEc1E4KfgLROsI_TWqoT7.HwB FYxTFGA7KEysd5dor6EF96JP7Pg3klSrplWbjZTDV75elW5m6MKhuO7a4wFBiNEMj8l1espn2Wgc SgqsfpbzCYBDWS6Gg6TAyZGh70oVMW0PvLvudh9N1VtaZ09ffz8K.RO5WPwl3guc.k1mqjv_Z443 wSUz48.7MQhQp.zlJxYK3RFCFkTMaNxg6SnaMmKDe_d9wZlyW3ZLaWmNykDrMawvpq.OmjrtovTE ub87ooB1nRXfi_fvhTsB5dHWT5cRZzCFsk_pkqdCmGuExKMnxGnM-
Received: by 66.196.80.112; Wed, 22 Jul 2015 01:22:14 +0000
Date: Wed, 22 Jul 2015 01:22:03 +0000
From: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
Message-ID: <1563711943.88070.1437528123676.JavaMail.yahoo@mail.yahoo.com>
In-Reply-To: <73503897.2035558.1434700763863.JavaMail.yahoo@mail.yahoo.com>
References: <CAAedzxodZ_NBhH5HCVR29Ff_K_th=RBWHvbucQs6sqSpxoA1bw@mail.gmail.com> <73503897.2035558.1434700763863.JavaMail.yahoo@mail.yahoo.com>
Subject: Re: 6MAN WG Adoption call : draft-jeong-6man-rdnss-rfc6106-bis
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/OQ42SeNMQn66rBSrlxRun8rV37Y>
Cc: 6man Chairs <6man-chairs@tools.ietf.org>, 6man WG <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2015 01:22:18 -0000

Hi,

My comments below in part on this draft and Fernando's earlier one seem to have been ignored again. 

The advice to consider RDNSS and DNSSL option values to be invalid if RA lifetime has expired is inconsistent with RFC4861's advice on the use of Router Lifetimes. A RA Lifetime of zero is valid, and should not cause options within the RA to be considered invalid - that is why they have their on lifetime values. Again quoting from RFC4861, 

"The Router Lifetime applies only to
                     the router's usefulness as a default router; it
                     does not apply to information contained in other
                     message fields or options. "

For example, RDNSS addresses could be link-local addresses, so the expiry of the default router information (specifically and only indicated by the Router Lifetime) would not impact the ability to use the on-link DNS resolvers. NUD and/or the DNS resolver's failure detection methods would determine if link-local addressed resolvers are still valid to send requests to.



There is also a problem with only using a subset of DNSSL options because they won't convey the equivalent service/values unless multiple DNSSL options have exactly the same values, unlike (in theory) RDNSS values.

For example, 3 x DNSSL of example.com, example.org and example.net, if the host ignores example.net DNSSL, then any relative lookups for hostnames within example.net that don't exist in example.com or example.org will be looked up in root, and perhaps resolve unexpectedly if they're for one of the new vanity GTLDs.

In other words, a host should remember completely the set of unique DNSSL values it receives, because they're each expressing something different. The set of unique DNSSL values are not equivalents, so none of them should be ignored.

Regards,
Mark.


________________________________
From: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
To: Erik Kline <ek@google.com>; Ole Troan <otroan@employees.org> 
Cc: 6man Chairs <6man-chairs@tools.ietf.org>; 6man WG <ipv6@ietf.org> 
Sent: Friday, 19 June 2015, 17:59
Subject: Re: 6MAN WG Adoption call : draft-jeong-6man-rdnss-rfc6106-bis



Hi,

I provided quite a bit of feedback on the draft Fernando wrote up about this, which doesn't seem to have been considered/included. For example, I don't think retaining a subset of DNSSL option values is the right thing to do because they're not providing information about alternative entities that provide or are expected to provide the equivalent service, unlike the RDNSS options.


https://www.ietf.org/mail-archive/web/ipv6/current/msg22436.html

  

A further thought I've had is that if the DNS resolver addresses are on-link, then NUD status can also be an indication of DNS resolver liveness.

I don't think the following should be followed.

--
Note:  An RDNSS address or a DNSSL domain name MUST be used only as

      long as both the RA router Lifetime (advertised by a Router
      Advertisement message [RFC4861]) and the corresponding option
      Lifetime have not expired.  The reason is that in the current
      network to which an IPv6 host is connected, the RDNSS may not be
      currently reachable, that the DNSSL domain name is not valid any
      more, or that these options do not provide service to the host's
      current address (e.g., due to network ingress filtering
      [RFC2827][RFC5358]).
--

It is quite valid that RA lifetimes are less than the lifetimes of the options in them - a RA router lifetime of zero means that the router issuing them is not to be used as a default router, but that doesn't mean that the RA options the RA is carrying are now invalid too (which is I think the fundamental reason why options have their own lifetimes, so option information is decoupled from the RA router lifetime). Here's what RFC4861 says about Router Lifetimes:


      Router Lifetime
                     16-bit unsigned integer.  The lifetime associated
                     with the default router in units of seconds.  The
                     field can contain values up to 65535 and receivers
                     should handle any value, while the sending rules in
                     Section 6 limit the lifetime to 9000 seconds.  A
                     Lifetime of 0 indicates that the router is not a
                     default router and SHOULD NOT appear on the default



Narten, et al.              Standards Track                    [Page 20]
RFC 4861               Neighbor Discovery in IPv6         September 2007


                     router list.  The Router Lifetime applies only to
                     the router's usefulness as a default router; it
                     does not apply to information contained in other
                     message fields or options.  Options that need time
                     limits for their information include their own
                     lifetime fields.


Regards,
Mark.




________________________________
From: Erik Kline <ek@google.com>
To: Ole Troan <otroan@employees.org> 
Cc: 6man Chairs <6man-chairs@tools.ietf.org>; 6man WG <ipv6@ietf.org> 
Sent: Friday, 19 June 2015, 12:05
Subject: Re: 6MAN WG Adoption call : draft-jeong-6man-rdnss-rfc6106-bis


+1 to extending the lifetime, I suppose
-1 to obsoleting 6106

"""
Appendix B.  Changes from RFC 6106

   The lifetime's upper bound of 2 * MaxRtrAdvInterval was shown to lead
   to the expiry of these options on links with a relatively high rate
   of packet loss.  This revision relaxes the upper bound and sets a
   higher default value to avoid this problem.
"""

Why not just have a 2-pager that updates 6106 with some discussion of
lifetime changes?

On Tue, Jun 9, 2015 at 5:11 AM, Ole Troan <otroan@employees.org> wrote:
> This message starts a two week 6MAN Working Group Last Call on adopting:
>
>     Title           : IPv6 Router Advertisement Options for DNS Configuration
>     Authors     : J. Jeong, S. Park, L. Beloeil, S. Madanapalli
>     Filename   : draft-jeong-6man-rdnss-rfc6106-bis
>     Pages       : 18
>     Date          : 2015-05-09
>
>    http://datatracker.ietf.org/doc/draft-jeong-6man-rdnss-rfc6106-bis/
>
> as a working group item. Substantive comments and statements of support for adopting this document should be directed to the mailing list.  Editorial suggestions can be sent to the authors.  This adoption call will end on June 22nd, 2015.
>
> This document is intended to resolve the issues with RFC6106 documented in draft-gont-6man-slaac-dns-config-issues.
>
> Regards,
>
> Bob Hinden & Ole Trøan
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6



> --------------------------------------------------------------------
>

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email