IETF Logo Mail Archive

Re: Adoption Call for "Improving the Robustness of Stateless Address Autoconfiguration (SLAAC) to Flash Renumbering Events"

Fernando Gont <fgont@si6networks.com> Mon, 29 June 2020 01:49 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 452593A104A for <ipv6@ietfa.amsl.com>; Sun, 28 Jun 2020 18:49:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zndShEJavYPh for <ipv6@ietfa.amsl.com>; Sun, 28 Jun 2020 18:49:39 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 933D33A103D for <ipv6@ietf.org>; Sun, 28 Jun 2020 18:49:39 -0700 (PDT)
Received: from [192.168.4.129] (unknown [186.19.8.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 27238280124; Mon, 29 Jun 2020 01:49:12 +0000 (UTC)
Subject: Re: Adoption Call for "Improving the Robustness of Stateless Address Autoconfiguration (SLAAC) to Flash Renumbering Events"
To: Bob Hinden <bob.hinden@gmail.com>, IPv6 List <ipv6@ietf.org>
References: <CC295D49-5981-41C3-B4DB-E064D66616CE@gmail.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <7b793de9-d9be-d92f-a357-73d7846869ea@si6networks.com>
Date: Sun, 28 Jun 2020 22:40:02 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <CC295D49-5981-41C3-B4DB-E064D66616CE@gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/XfUtieXhAACPj92noFPD8XjuF-Q>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jun 2020 01:49:50 -0000

Hello, Bob,

Thanks for starting the WG call for adoption!

While I do expect participants to read through the document and make
their own judgement, some of the statements in your email below seem a 
bit inaccurate or misleading. So I felt like clarifying some of the 
points you have raised.

Please see in-line....


On 26/6/20 20:35, Bob Hinden wrote:
[....]
> 
> This document proposes significant changes to SLAAC to fix what could
> be seen as an implementation problem in some edge routers.

Firstly, this is not an implementation problem, but a protocol-based 
problem: SLAAC does not react gracefully to flash renumbering events.

The problem does not arise in one particular scenario, but it's actually 
a general issue with the protocol. Please see: 
https://tools.ietf.org/html/draft-ietf-v6ops-slaac-renum-01

Secondly, I don't think any of the four items you list below are 
significant changes to SLAAC. Namely:

* "Reducing the default Valid Lifetime and Preferred Lifetime of PIOs"

I would assume that the reason the protocol conveys time values in 
protocol fields is so that they can be changed. Otherwise they would be 
hardcoded in the protocol, and not communicated via PDUs/packets.


* "Cap the received lifetimes"

There is nothing in SLAAC that forces nodes to keep addresses for the 
PL/VL advertised in RAs. In fact, RFC4941 already leverages this fact 
(by configuring addresses that employ effective lifetimes that are 
shorter than the ones advertised in RAs). There are a couple of special 
cases that need to be taken care of, which the latest rev of this 
document already does.

* "Frequent retransmission of configuration information"

This is misleading. Firstly, Section 4.3 of the document recommends 
resending configuration information *upon interface initialization* -- 
i.e., this applies only when an interface is initialized, and not during 
regular operation, so to speak. Secondly, This behavior is allowed by 
RFC4861 already ("MAY transmit..")... so I'm not sure why you'd deem 
this as a significant change.

* "Routers send all options in RA messages"

This document recommends that routers send all *PIOs* in the same RA. As 
reported by Tim Winters, this essentially matches all running code.



> This will
> affect all IPv6 nodes, not only the ones communicating with these
> edge routers.  This part of IPv6 is a mature standard.   It is not
> clear we should modify all IPv6 hosts to deal with one corner case
> that may break other things allowed by the standard.

I will note that this is not a corner case, but actually a general issue 
of SLAAC that has concrete operational implications. The problem (and 
some of the possible scenarios where it may arise) is discussed in 
detail in: https://tools.ietf.org/html/draft-ietf-v6ops-slaac-renum

There have been other previous efforts that have tried to deal with some 
of the possible scenarios where this may arise, which include:

* Protocol update proposals: Jen's "Default Address Selection and Subnet
   Renumbering", draft-linkova-6man-default-addr-selection-update-00
  (work in progress), March 2017.

* Router implementations such as Fritzbox: 
https://www.si6networks.com/2016/02/16/quiz-weird-ipv6-traffic-on-the-local-network-updated-with-solution/

* Operational mitigations: RIPE-690 document: 
https://www.ripe.net/publications/docs/ripe-690

Several operators have repeatedly noted on the v6ops list why these 
scenarios may occur. And, in fact, work on this document was started in 
response to an ISP asking for guidance on how to deal with this problem.

Last, but not least, the whole point of adopting a document (as in this 
case), is for the WG to work on it, and if there's any aspect of the 
current proposal that needs to be improved or changed, modify the 
document accordingly.



> The changes proposed will make SLAAC more active, the changes
> include:
> 
> o Reducing the default Valid Lifetime and Preferred Lifetime of PIOs 
> o Caps the received Valid Lifetime and Preferred Lifetime of PIOs. o
> Frequent retransmission of configuration information o Routers send
> all options in RA messages

Would you mind elaborating on what you mean by the changes "making SLAAC 
more active"?

Thanks!

Cheers,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email