IETF Logo Mail Archive

Re: draft-chakrabarti-nordmark-6man-efficient-nd-00.txt

Erik Nordmark <nordmark@acm.org> Thu, 01 November 2012 21:28 UTC

Return-Path: <nordmark@acm.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8EA521F966C for <ipv6@ietfa.amsl.com>; Thu, 1 Nov 2012 14:28:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.599
X-Spam-Level:
X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5KQ4ElIj6Wyq for <ipv6@ietfa.amsl.com>; Thu, 1 Nov 2012 14:28:41 -0700 (PDT)
Received: from a.mail.sonic.net (a.mail.sonic.net [64.142.16.245]) by ietfa.amsl.com (Postfix) with ESMTP id 1E38321F9714 for <ipv6@ietf.org>; Thu, 1 Nov 2012 14:28:41 -0700 (PDT)
Received: from [10.154.212.35] (128-107-239-233.cisco.com [128.107.239.233]) (authenticated bits=0) by a.mail.sonic.net (8.13.8.Beta0-Sonic/8.13.7) with ESMTP id qA1LSZkP014800 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 1 Nov 2012 14:28:36 -0700
Message-ID: <5092E983.7080108@acm.org>
Date: Thu, 01 Nov 2012 14:28:35 -0700
From: Erik Nordmark <nordmark@acm.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20121026 Thunderbird/16.0.2
MIME-Version: 1.0
To: Carsten Bormann <cabo@tzi.org>
Subject: Re: draft-chakrabarti-nordmark-6man-efficient-nd-00.txt
References: <16D60F43CA0B724F8052D7E9323565D72ECE73F3B4@EUSAACMS0715.eamcs.ericsson.se> <653FE6CB-CBFF-4CF5-967B-3227B5295B46@tzi.org>
In-Reply-To: <653FE6CB-CBFF-4CF5-967B-3227B5295B46@tzi.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: 6man Mailing List <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Nov 2012 21:28:41 -0000

On 10/11/12 11:23 PM, Carsten Bormann wrote:
> Two quick comments:
>
> -- this still uses 10 seconds as a scaler for the ARO registration lifetime. 6LoWPAN-ND used to use 10, but now uses 60 seconds.

Oops - we'll fix.

> -- I'm not too wild about the E-bit.  Maybe we should extract the 6CIO from draft-bormann-6lowpan-ghc and use this?

I don't understand the relationship.
The E-bit is there to specify that the router supports AROs. That way 
the hosts can tell whether it makes sense to try ARO.
How does this relate to compression context?

> The two areas in which I think this proposal can benefit from some more discussion:
>
> Clearly, mitigating the external ND table DoS is one of the major pain points addressed by this.  Thinking point: Is there any way to structure the transition from legacy ND to efficient ND in such a way that it becomes easier to reap this benefit?

If not all the hosts on the link do explicit registration, then the 
routers need to be able to send multicast NS messages to find those that 
didn't register.
As noted in RFC 6583, draft-gashinsky-6man-v6nd-enhance-02.txt, and 
draft-ietf-6man-impatient-nud-05.txt, things can be improved if the 
routers don't discard NCEs too quickly, and potentially interpret 
unsolicited NS messages as a registration attempt.

The last part is a bit problematic in general, but if a router has 
sufficient memory it can definitely track which hosts it has ever heard 
from on the link and thereby significantly reduce the rate at which is 
needs to send multicast NS to look for previously unknown hosts.

> For DC applications, the assumption of uniqueness of the EUI-64 probably requires some more thinking.  VMs get copied all the time, and it is way too easy to copy this kind of config info in the process.

I don't think the EUI-64 is different than the IEEE-48 MAC address. In 
fact the for Ethernet the EUI-64 is derived from the MAC address.

And if cloning a VM results in keeping the same MAC address then things 
will not work well even for IPv4.

Regards,
    Erik

> Grüße, Carsten
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email