RE: Neighbor Unreachability Detection is too impatient
Alan Kavanagh <alan.kavanagh@ericsson.com> Tue, 31 May 2011 17:22 UTC
Return-Path: <alan.kavanagh@ericsson.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42322E088E for <ipv6@ietfa.amsl.com>; Tue, 31 May 2011 10:22:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XQwsCoOcmhwb for <ipv6@ietfa.amsl.com>; Tue, 31 May 2011 10:22:10 -0700 (PDT)
Received: from imr4.ericy.com (imr4.ericy.com [198.24.6.8]) by ietfa.amsl.com (Postfix) with ESMTP id 4E93FE088C for <ipv6@ietf.org>; Tue, 31 May 2011 10:22:10 -0700 (PDT)
Received: from eusaamw0712.eamcs.ericsson.se ([147.117.20.181]) by imr4.ericy.com (8.14.3/8.14.3/Debian-9.1ubuntu1) with ESMTP id p4VHM1cg024773; Tue, 31 May 2011 12:22:07 -0500
Received: from EUSAACMS0701.eamcs.ericsson.se ([169.254.1.65]) by eusaamw0712.eamcs.ericsson.se ([147.117.20.181]) with mapi; Tue, 31 May 2011 13:22:03 -0400
From: Alan Kavanagh <alan.kavanagh@ericsson.com>
To: Mark Townsley <mark@townsley.net>, Erik Nordmark <nordmark@acm.org>
Date: Tue, 31 May 2011 13:22:02 -0400
Subject: RE: Neighbor Unreachability Detection is too impatient
Thread-Topic: Neighbor Unreachability Detection is too impatient
Thread-Index: AcwZgmYA/X0tP2XEQ+qX0cChAxVT+AGM6+Zw
Message-ID: <1B6D0317D3AD964FBF3956DEFA3524D50B3123439F@EUSAACMS0701.eamcs.ericsson.se>
References: <4DDAAB85.8000103@acm.org> <A060557C-E12B-4D7A-9454-27CDC7764F42@townsley.net>
In-Reply-To: <A060557C-E12B-4D7A-9454-27CDC7764F42@townsley.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_1B6D0317D3AD964FBF3956DEFA3524D50B3123439FEUSAACMS0701e_"
MIME-Version: 1.0
Cc: "ipv6@ietf.org" <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 May 2011 17:22:11 -0000
Hi Mark That BBF WT-146 NUD for session monitoring was based on the idea that NUD is native to IPv6 compliant devices such as host, cpe and routers and was chosen as a passive way to do session monitoring. Alan ________________________________ From: ipv6-bounces@ietf.org [mailto:ipv6-bounces@ietf.org] On Behalf Of Mark Townsley Sent: May-23-11 3:47 PM To: Erik Nordmark Cc: ipv6@ietf.org Subject: Re: Neighbor Unreachability Detection is too impatient Erik Kline and I wrote up an experience we had with NUD and a broken IPv6 firewall on my home network. http://sites.google.com/site/ipv6center/icmpv6-is-non-optional In short, NUD thought that a host which was in the neighbor cache really wasn't available (due to incorrect FW blocking at the host) removed it from the neighbor cache and started dropping packets (and causing timeouts in gmail). In test, it took about 8 pings for the problem to manifest (time for NUD to retry enough to fail), which was followed by the classic IPv6 to IPv4 failover by the host (Windows Vista). On one hand, if NUD had been more patient we may have never noticed. However, tracking down a bug that showed up less often would have clearly been more difficult to diagnose. Double-edged sword. Also, the Broadband Forum's WT-146 (which isn't a public document, but if you are BBF member you can take a look at it) specifies NUD as a monitoring mechanism for "IPv6 sessions" over access links (which ultimately may be tied into billing, alerts, etc.). - Mark On May 23, 2011, at 8:46 PM, Erik Nordmark wrote: This draft proposes to change the requirement that NUD can not retransmit more than three times, so that NUD can be more robust against temporary network outages. Comments? Erik -------- Original Message -------- Subject: New Version Notification for draft-nordmark-6man-impatient-nud-00.txt Date: Mon, 23 May 2011 11:43:16 -0700 From: internet-drafts@ietf.org<mailto:internet-drafts@ietf.org> To: nordmark@cisco.com<mailto:nordmark@cisco.com> CC: nordmark@cisco.com<mailto:nordmark@cisco.com> A new version of I-D, draft-nordmark-6man-impatient-nud-00.txt has been successfully submitted by Erik Nordmark and posted to the IETF repository. Filename: draft-nordmark-6man-impatient-nud Revision: 00 Title: Neighbor Unreachability Detection is too impatient Creation date: 2011-05-23 WG ID: Individual Submission Number of pages: 5 Abstract: IPv6 Neighbor Discovery includes Neighbor Unreachability Detection. That function is very useful when a host has an alternative, for instance multiple default routers, since it allows the host to switch to the alternative in short time. This time is 3 seconds after the node starts probing. However, if there are no alternatives, this is far too impatient. This document proposes an approach where an implementation can choose the timeout behavior to be different based on whether or not there are alternatives. The IETF Secretariat -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org<mailto:ipv6@ietf.org> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
- Neighbor Unreachability Detection is too impatient Erik Nordmark
- Re: Neighbor Unreachability Detection is too impa… Wes Beebee
- Re: Neighbor Unreachability Detection is too impa… Mark Townsley
- Re: Neighbor Unreachability Detection is too impa… Philip Homburg
- Re: Neighbor Unreachability Detection is too impa… Thomas Narten
- Re: Neighbor Unreachability Detection is too impa… sowmini.varadhan
- Re: Neighbor Unreachability Detection is too impa… Erik Nordmark
- Re: Neighbor Unreachability Detection is too impa… Erik Nordmark
- Re: Neighbor Unreachability Detection is too impa… Erik Nordmark
- RE: Neighbor Unreachability Detection is too impa… Hemant Singh (shemant)
- Re: Neighbor Unreachability Detection is too impa… Philip Homburg
- Re: Neighbor Unreachability Detection is too impa… Erik Nordmark
- Re: Neighbor Unreachability Detection is too impa… Erik Nordmark
- RE: Neighbor Unreachability Detection is too impa… Hemant Singh (shemant)
- Re: Neighbor Unreachability Detection is too impa… Philip Homburg
- Re: Neighbor Unreachability Detection is too impa… Mikael Abrahamsson
- Re: Neighbor Unreachability Detection is too impa… Erik Nordmark
- Re: Neighbor Unreachability Detection is too impa… Philip Homburg
- Re: Neighbor Unreachability Detection is too impa… Erik Nordmark
- Re: Neighbor Unreachability Detection is too impa… Thomas Narten
- Re: Neighbor Unreachability Detection is too impa… Erik Nordmark
- RE: Neighbor Unreachability Detection is too impa… Alan Kavanagh
- RE: Neighbor Unreachability Detection is too impa… Samita Chakrabarti