IETF Logo Mail Archive

Re: ICMP6 redirect

Hesham Soliman <hesham@elevatemobile.com> Tue, 24 July 2012 04:15 UTC

Return-Path: <hesham@elevatemobile.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FD7811E810F for <ipv6@ietfa.amsl.com>; Mon, 23 Jul 2012 21:15:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fX20P-G-Qscm for <ipv6@ietfa.amsl.com>; Mon, 23 Jul 2012 21:15:52 -0700 (PDT)
Received: from smtp-1.servers.netregistry.net (smtp.netregistry.net [202.124.241.204]) by ietfa.amsl.com (Postfix) with ESMTP id 7848311E8109 for <ipv6@ietf.org>; Mon, 23 Jul 2012 21:15:51 -0700 (PDT)
Received: from [60.242.128.199] (helo=[192.168.0.2]) by smtp-1.servers.netregistry.net protocol: esmtpa (Exim 4.69 #1 (Debian)) id 1StWXA-0000JV-I4; Tue, 24 Jul 2012 14:15:45 +1000
User-Agent: Microsoft-MacOutlook/14.2.3.120616
Date: Tue, 24 Jul 2012 14:15:38 +1000
Subject: Re: ICMP6 redirect
From: Hesham Soliman <hesham@elevatemobile.com>
To: Andrew McGregor <andrewmcgr@gmail.com>, ipv6@ietf.org
Message-ID: <CC345DE3.26C1A%hesham@elevatemobile.com>
Thread-Topic: ICMP6 redirect
In-Reply-To: <CD189A44-4258-42D9-81AB-28296A7BC4C1@gmail.com>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
X-Authenticated-User: hesham@elevatemobile.com
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jul 2012 04:15:53 -0000

>I've come across what looks like a bug in the ICMPv6 spec.

=> You mean in 4861 or ICMPv6?

>Specifically, RFC 4861 says that "A host MUST silently discard any
>received Redirect message that does not satisfy all of the following
>validity checks" amongst which is "The IP source address of the Redirect
>is the same as the current first-hop router for the specified ICMP
>Destination Address."
>
>Unfortunately, there is no way that a router can reliably generate that
>response, if it has more than one link-local address, because the message
>that caused the redirect does not actually contain the router's own
>address, and the router cannot know the content of the host's route table.

=> The router doesn't need to know the host's route table, it knows which
address it included in its RAs, which is what the host records.
I'm not sure why you think that there is no way the router can construct
that message reliably. If it uses the same address it uses for its RAs, it
can construct the message.

>
>The VRRPv3 spec suggests that the destination MAC address for the packet
>causing the redirect is a sufficient cue, but that cannot be true in the
>presence of multiple link-local addresses, which is guaranteed to happen
>in VRRP (in some cases).
>
>What is the correct method of constructing ICMPv6 redirects in the
>presence of multiple link-locals for the same MAC address? Is it even
>possible without a spec change?

=> You mean multiple LLA's for the same link? The MAC address is not
relevant here, it's about the LLA used on that link.

Hesham

>
>
>Andrew McGregor
>Allied Telesis 
>Labs--------------------------------------------------------------------
>IETF IPv6 working group mailing list
>ipv6@ietf.org
>Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email