IETF Logo Mail Archive

Re: [v6ops] IPv6 link-local traffic questions

Gyan Mishra <hayabusagsm@gmail.com> Sat, 14 March 2020 05:43 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B36C83A0F51; Fri, 13 Mar 2020 22:43:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0nbtiTzoG9Fi; Fri, 13 Mar 2020 22:43:15 -0700 (PDT)
Received: from mail-il1-x135.google.com (mail-il1-x135.google.com [IPv6:2607:f8b0:4864:20::135]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 238B13A0F5B; Fri, 13 Mar 2020 22:43:14 -0700 (PDT)
Received: by mail-il1-x135.google.com with SMTP id w15so3893345ilq.6; Fri, 13 Mar 2020 22:43:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Ccaa956zNyL7pq7cVIGAoHyWaX0h8NXqFkf08pGFwzs=; b=HcRGWj/iTLofs0t2XZB0e/oDOa/yv+1C6Bnw07poMZAmGdlCpWya5x884qeTSYRajC beUvq8yuYeCY+j5MVfs0USaHN+x0E5e8XbvikRLmc90uhOk2cj+XvfwO08fNlheTikLX j1g/0wDvG1VlRWLKLefnT/t7EXcGyayvCAHQ/MPkVSG9mmFuMqAxpTELewhyWLoXeOnI pBcEHFxqKUbyYvwpvEI1D7LuYzSTMQR2feE4S6C1uD8koLKeBgg+IBt0c6Vd3WkxXp1M loWNPABVBroSVcWbxiw9fPY6Nt5FuwWDkgcdFJyEuWjZbT1UIjrPumjxbRk2V+0zJS3/ ppWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Ccaa956zNyL7pq7cVIGAoHyWaX0h8NXqFkf08pGFwzs=; b=onm7dRlRU8MCptG+Uqk7ui33qzbeaVn2tuAsvRn4V2BvtAOmUkcIMrSuWtkQoS/cc0 L40+ZWveUwwLCgi2iG988ayWCy8+d/+h7l1WUr5SldBK9SIGvu3jej5P/SSV3RrIYFyb DVbIMSWw6mSOSIM2hFOiug47MeTXMtK+S16762Unz/KZk2TWN5GMJ6mosGUEBe6iFSIk NXE3c2AnILpPdgyVA5FAtORSchyFGIkSZFD2R9PQTvjCFZWsk74yvamNvJOK5dbpQXMM LcC1bhIlCRg1f+rieaFRN0o3aKfvHtbhV73s1MfBTYw/pdKewzHqv43Z0+ITzbY81s8R paWA==
X-Gm-Message-State: ANhLgQ3N9LajScPiSZj1ROrJeGDWRRwiZ0pVfpyqltPym9WbPv/84n56 HUsDtKBS89L0YRHfQ6xillRXjhvVdUaliH07cRj//ahF
X-Google-Smtp-Source: ADFU+vtRTG1YweDg7IjX8fg+eT9MUxhoZ7cVuJiV2MlZ6oTwLIesAmOTMH2rlFuJKQafBbXtsE67oOkFCTBGnfjEwZM=
X-Received: by 2002:a05:6e02:bc7:: with SMTP id c7mr18339567ilu.78.1584164593938; Fri, 13 Mar 2020 22:43:13 -0700 (PDT)
MIME-Version: 1.0
References: <20200312000016.GO54522@faui48f.informatik.uni-erlangen.de>
In-Reply-To: <20200312000016.GO54522@faui48f.informatik.uni-erlangen.de>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Sat, 14 Mar 2020 01:43:03 -0400
Message-ID: <CABNhwV3B8hrzMYqcYkU8VCobNgxu7+GDw6rZ8F5VhKPq90QSCA@mail.gmail.com>
Subject: Re: [v6ops] IPv6 link-local traffic questions
To: Toerless Eckert <tte@cs.fau.de>
Cc: 6man@ietf.org, v6ops@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e3379405a0ca0f82"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/_qTc6FgTsZvGrn59b2U70G8wL2A>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Mar 2020 05:43:18 -0000

Interesting question.

So IPv4 and IPv6 header both have an 8 bit field with maximum TTL of 255.
The initial TTL for a flow is usually set to 60 and is decremented hop by
hop by the router till the packet reaches its final destination.

Distance vector based routing protocols are based on hop count such as RIP
and link state protocols such as OSPF and ISIS are based on a topological
link state database and path vector protocols such as BGP based on BGP path
selection algorithm.

IPv6 control plane packets such as ICMPv6 ND packets NS NA type 135/136 and
RD RS/RA type 133/134 all have a hop count limit of 255.

Since RD RS/RA and ND NS/NA packets all have a link local source IPv6
address and multicast  destination  FF02.  I am not sure why the TTL is 255
as the packet has local scope only to be forwarded on the local subnet.  I
would thin the TTL for these packets should be 1.

OSPF packets have ttl of 255
ISIS packets have ttl 1

BGP packets have ttl 1

As far as GTSM, it is an alternative to cryptography option for securing
routing protocols.  Most enterprises and SPs in general use cryptography to
secure routing protocol adjacencies.  I don’t know of any implementation or
operator using GTSM.

With GTSM the idea is to use an expected TTL value configured by adjacent
peers to be set to different from the default value.  So that value can be
any value other then the default value.


Thanks

Gyan

On Wed, Mar 11, 2020 at 8:01 PM Toerless Eckert <tte@cs.fau.de> wrote:

> Sorry for cross posting, but this is both ops and arch questions.
>
> I was trying to find any generic description that/if link-local IPv6
> traffic MUST/SHOULD use Hop-count 1, but could not find one in
> rfc8200 or rfc4291 and its updates. Instead, text like
> MUST set Hop-limit to 1 is repeated in various RFCs using link-local
> IPv6 traffic.
>
> Am i overlooking something ? Or is this intentional in the IPv6
> architecture ?
>
> If intentional, i guess it means: Any RFC introducing some type of
> link-local
> traffic can specify Hop-limit requirements for its traffic. As in
> "our WG likes 42 as the Hop-limit" (silly to me, but should be fine with
> IPv6 architecture then, right ?).
>
> In one of my draft document reviews using such link-local IPv6 traffic,
> EricV brought up the Q if that traffic shouldn't use RFC5082 instead
> of Hop-Count 1 too. But given how we do not seem to have architectural
> recommendations for TTL=1 (unless, quite likely i overlook something),
> and given how i am not aware of any actual use of GTSM, i am quite
> weary to go down that route. Aka: Would like learn of actual uses of
> GTSM with IPv6.
>
> There is an additional set of consideration re. link-local traffic
> when trying to use it as a HW accelerated tunneling mechanism across links,
> a use we both have in ANIMA, and maybe get the same in BIER (probably
> other WGs too, not sure).
>
> In implementations, i have seen quite a range of issues with
> accelerated forwarding planes across link-local addressed tunnels,
> and when using non-link-local addresses (loopback addresses),
> the HW plane forwarding might have issues doing HW forwarding, because
> usually TTL=1 is only used for control plane traffic. Of course,
> this is not a good architectural argument, but if given architectural
> leeway to even choose 42, maybe GTSM/255 is easier to be supported
> across various HW accelerated forwarding planes than 1.
>
> Opinions and experiences welcome!
>
> Thanks!
>     Toerless
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>
-- 

Gyan  Mishra

Network Engineering & Technology

Verizon

Silver Spring, MD 20904

Phone: 301 502-1347

Email: gyan.s.mishra@verizon.com

v2.23.0 | Report a Bug | By Email