IETF Logo Mail Archive

Re: draft-ietf-6man-multi-homed-host relies on redirects

"Fred Baker (fred)" <fred@cisco.com> Thu, 12 November 2015 19:31 UTC

Return-Path: <fred@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3644A1B324F for <ipv6@ietfa.amsl.com>; Thu, 12 Nov 2015 11:31:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -114.51
X-Spam-Level:
X-Spam-Status: No, score=-114.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OZcSkXnRhpDm for <ipv6@ietfa.amsl.com>; Thu, 12 Nov 2015 11:31:05 -0800 (PST)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37C4A1B3246 for <ipv6@ietf.org>; Thu, 12 Nov 2015 11:31:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=30754; q=dns/txt; s=iport; t=1447356664; x=1448566264; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=pZ8JqK6pVM1FcwJFqa8MYi6uI7cBebbH1RoiohmW5Qk=; b=VDi5WnDkoSUIg+cuSeNhd8mel7ICYgsjxFupALaq8jJ+XsOPBlaylpzl hR3FsDVBZ991ALOkBOppKLCHePnoIR4cYIfUi3hsTmTTP1nZWfPI6fEAS b42mvdt6WyPBJWDE4wCdD3S+BQtFWOXwRMIQdXl+ekg8ElKGOCACCQDxQ E=;
X-Files: signature.asc : 833
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0D7BACN6ERW/40NJK1egztTbwaEI7oWDoFlFwELhW0CgT44FAEBAQEBAQGBCoQ0AQEBAwEBAQEgBEcLBQsCAQYCEQMBAgEgBwMCAiEGCxQJCAIEDgUODYd+AwoIDZYVnTWLeA2EYgEBAQEBAQEBAQEBAQEBAQEBAQEBAQ8JiGSCboJTgWJGDRGCXC+BFQEEh0SFV4ktAYJSgWBqhhWBdYFbSYN3jVaBAYdSAREOAUOEBHIBg3NCgQcBAQE
X-IronPort-AV: E=Sophos;i="5.20,283,1444694400"; d="asc'?scan'208,217";a="49114933"
Received: from alln-core-8.cisco.com ([173.36.13.141]) by rcdn-iport-2.cisco.com with ESMTP; 12 Nov 2015 19:30:45 +0000
Received: from XCH-RTP-015.cisco.com (xch-rtp-015.cisco.com [64.101.220.155]) by alln-core-8.cisco.com (8.14.5/8.14.5) with ESMTP id tACJUjfY026956 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 12 Nov 2015 19:30:45 GMT
Received: from xch-rtp-013.cisco.com (64.101.220.153) by XCH-RTP-015.cisco.com (64.101.220.155) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Thu, 12 Nov 2015 14:30:44 -0500
Received: from xch-rtp-013.cisco.com ([64.101.220.153]) by XCH-RTP-013.cisco.com ([64.101.220.153]) with mapi id 15.00.1104.000; Thu, 12 Nov 2015 14:30:44 -0500
From: "Fred Baker (fred)" <fred@cisco.com>
To: Pierre Pfister <pierre@darou.fr>
Subject: Re: draft-ietf-6man-multi-homed-host relies on redirects
Thread-Topic: draft-ietf-6man-multi-homed-host relies on redirects
Thread-Index: AQHRHYCfWCIXCvqkaUiNy5iwqcWjPA==
Date: Thu, 12 Nov 2015 19:30:44 +0000
Message-ID: <5F8567BF-921A-4F7B-8923-93151E7E272D@cisco.com>
References: <20151104035608.8929.13643.idtracker@ietfa.amsl.com> <3D83D2F0-5A07-4F70-B6DF-BD242722838B@cisco.com> <5634E668-FE91-40DC-AB9C-7DF99E8AFC52@darou.fr> <5643C3CC.8090808@gmail.com> <0C24173A-CDCB-47C0-B9EE-8CDCC79EBF41@darou.fr> <CAO42Z2wgmPb+6o+GKgCm9dhW1mQg9iGk15MSzm4Z5GjXA3f7gA@mail.gmail.com> <D438F567-65C1-4F71-B635-7DB13B41936D@darou.fr>
In-Reply-To: <D438F567-65C1-4F71-B635-7DB13B41936D@darou.fr>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.25.35]
Content-Type: multipart/signed; boundary="Apple-Mail=_97BE51BA-6DEB-4CF0-A889-466A2627C5E9"; protocol="application/pgp-signature"; micalg="pgp-sha1"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/Ydoc8bhaHFmTfkVrUIzmCCCmILA>
Cc: 6man WG <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2015 19:31:09 -0000

> On Nov 12, 2015, at 12:05 AM, Pierre Pfister <pierre@darou.fr> wrote:
> 
> Hello Mark,
> 
> You asked for it. ;-)
> https://tools.ietf.org/html/draft-pfister-6man-sadr-ra-01 <https://tools.ietf.org/html/draft-pfister-6man-sadr-ra-01>
Of course, right, wrong, or indifferent, the working group hasn't adopted that.

> Regards,
> - Pierre
> 
> 
>> Le 12 nov. 2015 à 08:42, Mark Smith <markzzzsmith@gmail.com <mailto:markzzzsmith@gmail.com>> a écrit :
>> 
>> 
>> On 12 Nov 2015 5:28 PM, "Pierre Pfister" <pierre@darou.fr <mailto:pierre@darou.fr>> wrote:
>> >
>> > Brian, and Fred,
>> >
>> > In the absence of redirects, or when the host does not support redirects, the packet would be routed correctly.
>> > What I am saying, is that redirection is not a viable option. As indicated, on wifi, this could end-up with a throughput
>> > divided by 4.
>> 
>> So the only way to avoid redirects and avoid double hops on the first link layer hop, is for hosts to have complete and accurate knowledge of all networks upstream of the candidate first hop routers. How would you propose to achieve that without running a fully fledged routing protocol on the hosts like OSPF or BGP in the case of the Internet?
>> 
>> Regards,
>> Mark.
>> 
>> > That situation is what makes me say it relies on redirects, as the absence of redirects create dramatic scenarios.
>> >
>> > > Le 11 nov. 2015 à 23:40, Brian E Carpenter <brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>> a écrit :
>> > >
>> > > Pierre,
>> > >
>> > >> 1. Will host actually implement this if this is only a ‘SHOULD’ (And here
>> > >> I speak about all hosts, from cheap to expensive ones).
>> > >
>> > > I would have no problem changing it to a MUST. But it remains conditional
>> > > - it's only relevant if the router happens to send a redirect. If there is
>> > > no redirect, the host can only contniue to assume that a router that announces
>> > > a prefix is capable of forwarding towards that prefix.
>> > >
>> > >> 2. Even though they do. I would like the group to understand that this
>> > >> solution *relies* on redirects to work.
>> > >
>> > > Why? If a router does not send a redirect, that means either the router is
>> > > broken, so we can do nothing, or it is happy to forward to the destination,
>> > > so everything is fine.
>> > >
>> > >   Brian
>> > >
>> > >>    I therefore ask the question again: Do we really want this solution to
>> > >> **rely** on redirects to work ?
>> > >
>> > >
>> > >
>> > > Regards
>> > >   Brian Carpenter
>> > >   http://orcid.org/0000-0001-7924-6182 <http://orcid.org/0000-0001-7924-6182>
>> > >
>> > >
>> > >
>> > > On 04/11/2015 20:33, Pierre Pfister wrote:
>> > >> Hello,
>> > >>
>> > >> Following the meeting this morning, I was asked to bring this point to the mailing list.
>> > >>
>> > >> As a reminder, there are two issues with multi-homed hosts with multiple routers on the same link and redirects.
>> > >>
>> > >> 1. If the host does redirects in the RFC4861’s way:
>> > >>    We may end-up with 'redirect ping-pongs’. (c.f. archives. I think I explained it twice already).
>> > >>
>> > >> 2. If the host does not do redirects at all:
>> > >>    We have non-optimal routing.
>> > >>
>> > >> The current document addresses this issue with the following text:
>> > >>
>> > >> ————
>> > >> 3.4.  Redirects
>> > >>
>> > >>   There is potential for adverse interaction with any off-link Redirect
>> > >>   (Redirect for a GUA destination that is not on-link) message sent by
>> > >>   a router in accordance with Section 8 of [RFC4861].  Hosts SHOULD
>> > >>   apply off-link redirects only for the specific pair of source and
>> > >>   destination addresses concerned, so the host's Destination Cache may
>> > >>   need to contain appropriate source-specific entries.
>> > >> ————
>> > >>
>> > >> This text is correct and addresses the issue, **given that** the host implements that SHOULD.
>> > >>
>> > >> Example:
>> > >> Imagine WiFi station with a host (H) and 2 routers (A and B) connected as stations.
>> > >> A and B are synchronized and thus advertise the same PIOs (HNCP, from homenet, works this way).
>> > >> H wants to send a packet. Because there is ambiguity with PIOs, it picks one randomly (let’s say A).
>> > >> Because A and B run a routing protocol, A redirects the packet to B and sends a redirect to the host.
>> > >> If the host does not do redirects, then every single packet will do H -> A -> B -> Internet.
>> > >>
>> > >> In this WiFi based setup, each sent packet is transmitted ** 4 TIMES ** on the same collision domain.
>> > >>
>> > >> That is really bad.
>> > >>
>> > >> Btw, here is the part of RFC4861 that matters too:
>> > >> ——
>> > >> 8.3 <https://tools.ietf.org/html/rfc4861#section-8.3 <https://tools.ietf.org/html/rfc4861#section-8.3>>.  Host Specification
>> > >>
>> > >>   A host receiving a valid redirect SHOULD update its Destination Cache
>> > >>   accordingly so that subsequent traffic goes to the specified target.
>> > >>   If no Destination Cache entry exists for the destination, an
>> > >>   implementation SHOULD create such an entry.
>> > >> ——
>> > >>
>> > >> In addition, RFC4861 says that routers MUST rate-limit redirects. Which means that depending on that ‘rate’,
>> > >> some messages may not results in redirects. Which means that the scenario described before may even happen
>> > >> when the host actually supports redirects… But genuinely sends packets to many different destinations.
>> > >>
>> > >> So, I have two questions:
>> > >>
>> > >> 1. Will host actually implement this if this is only a ‘SHOULD’ (And here I speak about all hosts, from cheap to expensive ones).
>> > >>
>> > >> 2. Even though they do. I would like the group to understand that this solution *relies* on redirects to work.
>> > >>    I therefore ask the question again: Do we really want this solution to **rely** on redirects to work ?
>> > >>
>> > >>
>> > >> Thanks,
>> > >>
>> > >> - Pierre
>> > >>
>> > >>
>> > >>
>> > >>> Le 4 nov. 2015 à 12:59, Fred Baker (fred) <fred@cisco.com <mailto:fred@cisco.com>> a écrit :
>> > >>>
>> > >>> Minor updates related to Jinmei's comment and Okimoto's comment.
>> > >>>
>> > >>> We are of course looking for working group review and comment.
>> > >>>
>> > >>>> Begin forwarded message:
>> > >>>>
>> > >>>> From: <internet-drafts@ietf.org <mailto:internet-drafts@ietf.org>>
>> > >>>> Subject: New Version Notification for draft-ietf-6man-multi-homed-host-02.txt
>> > >>>> Date: November 4, 2015 at 12:56:08 PM GMT+9
>> > >>>> To: "Brian E. Carpenter" <brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>>, Fred Baker <fred@cisco.com <mailto:fred@cisco.com>>, Brian Carpenter <brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>>
>> > >>>>
>> > >>>>
>> > >>>> A new version of I-D, draft-ietf-6man-multi-homed-host-02.txt
>> > >>>> has been successfully submitted by Fred Baker and posted to the
>> > >>>> IETF repository.
>> > >>>>
>> > >>>> Name:              draft-ietf-6man-multi-homed-host
>> > >>>> Revision:  02
>> > >>>> Title:             Routing packets from hosts in a multi-prefix network
>> > >>>> Document date:     2015-11-03
>> > >>>> Group:             6man
>> > >>>> Pages:             13
>> > >>>> URL:            https://www.ietf.org/internet-drafts/draft-ietf-6man-multi-homed-host-02.txt <https://www.ietf.org/internet-drafts/draft-ietf-6man-multi-homed-host-02.txt>
>> > >>>> Status:         https://datatracker.ietf.org/doc/draft-ietf-6man-multi-homed-host/ <https://datatracker.ietf.org/doc/draft-ietf-6man-multi-homed-host/>
>> > >>>> Htmlized:       https://tools.ietf.org/html/draft-ietf-6man-multi-homed-host-02 <https://tools.ietf.org/html/draft-ietf-6man-multi-homed-host-02>
>> > >>>> Diff:           https://www.ietf.org/rfcdiff?url2=draft-ietf-6man-multi-homed-host-02 <https://www.ietf.org/rfcdiff?url2=draft-ietf-6man-multi-homed-host-02>
>> > >>>>
>> > >>>> Abstract:
>> > >>>> This document describes expected IPv6 host behavior in a network that
>> > >>>> has more than one prefix, each allocated by an upstream network that
>> > >>>> implements BCP 38 ingress filtering, when the host has multiple
>> > >>>> routers to choose from.  It also applies to other scenarios such as
>> > >>>> the usage of stateful firewalls that effectively act as address-based
>> > >>>> filters.
>> > >>>>
>> > >>>> This host behavior may interact with source address selection in a
>> > >>>> given implementation, but logically follows it.  Given that the
>> > >>>> network or host is, or appears to be, multihomed with multiple
>> > >>>> provider-allocated addresses, that the host has elected to use a
>> > >>>> source address in a given prefix, and that some but not all
>> > >>>> neighboring routers are advertising that prefix in their Router
>> > >>>> Advertisement Prefix Information Options, this document specifies to
>> > >>>> which router a host should present its transmission.  It updates RFC
>> > >>>> 4861.
>> > >>>>
>> > >>>>
>> > >>>>
>> > >>>>
>> > >>>> Please note that it may take a couple of minutes from the time of submission
>> > >>>> until the htmlized version and diff are available at tools.ietf.org <http://tools.ietf.org/>.
>> > >>>>
>> > >>>> The IETF Secretariat
>> > >>>>
>> > >>>
>> > >>> --------------------------------------------------------------------
>> > >>> IETF IPv6 working group mailing list
>> > >>> ipv6@ietf.org <mailto:ipv6@ietf.org>
>> > >>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 <https://www.ietf.org/mailman/listinfo/ipv6>
>> > >>> --------------------------------------------------------------------
>> > >>
>> > >>
>> > >>
>> > >>
>> > >> --------------------------------------------------------------------
>> > >> IETF IPv6 working group mailing list
>> > >> ipv6@ietf.org <mailto:ipv6@ietf.org>
>> > >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 <https://www.ietf.org/mailman/listinfo/ipv6>
>> > >> --------------------------------------------------------------------
>> > >>
>> > >
>> >
>> > --------------------------------------------------------------------
>> > IETF IPv6 working group mailing list
>> > ipv6@ietf.org <mailto:ipv6@ietf.org>
>> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 <https://www.ietf.org/mailman/listinfo/ipv6>
>> > --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email