IETF Logo Mail Archive

Re: A common problem with SLAAC in "renumbering" scenarios

Jen Linkova <furry13@gmail.com> Wed, 20 February 2019 09:36 UTC

Return-Path: <furry13@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CEC9130EFF; Wed, 20 Feb 2019 01:36:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3XfPhuCWbKSa; Wed, 20 Feb 2019 01:36:36 -0800 (PST)
Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36A27130E9F; Wed, 20 Feb 2019 01:36:36 -0800 (PST)
Received: by mail-qt1-x831.google.com with SMTP id d18so16379620qtg.12; Wed, 20 Feb 2019 01:36:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RKjqsyzqQOp+rtVqoSebkhsOsz58aiec8GV+5Bnn/bE=; b=F+s13eopAOds5nS/LuCNrkSVNRBVxpfkV/DzTPbgedjIVKz0YuKAvvWnXTsX2jqNkz chBkmr4O6+RT3dJgLdBTlc6KAzj5YIB5+K+lDXob52nuhojXkrApKoj1N+JRrkbj3I0/ Ac4tqxrOAYTMryYsYo2FOr2Ax68LmTT1RJZiN8UB2qaTNLB0bDjdm9aifApp6lo4LxVh DwaqwoOMp42NXz48MNJKBmAXSN7yBt5Sz/ULW+d5OnHqNJiIlIDFz8ynhAoAFVN4BIHV uzdxkv4YLQFfn01HryIYarvWVCUW9NqCzVPEHpMgaFFyq+BJZq1TNmn5QcGOwUOSo8La HRcg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RKjqsyzqQOp+rtVqoSebkhsOsz58aiec8GV+5Bnn/bE=; b=qKybliytV6GLy1PqhGvMeaCLuJPxWl7M72xO3fbkuziH6q3xtgA7pH0OWig1qOiUZZ UgML8WTZNcnmfEsOUin6kM6zrka/evei9QQE4gdD17smlC1hcc2xt1wti6HFKdvOiNe0 g+U6wFYHYGctpUFXElj76oULBUnFoS9z7ne3YDQtIzCfT7TASiLKSHYVWukWx7cwJ91L FrIEXs8oo9V86B0c8oyi6N459it00JziZd5hQTBW7oSgCVUVJgUtsxmqEuUQmooIqzVC tQ2jDYFg1WSQ9NOhBRg11RxL1Md8EHCWSP4B4xRvowSy4+IJfTvpiuFc+KBZ6TIxII/5 NZuQ==
X-Gm-Message-State: AHQUAua2a7s4MXu4vSbAC/SRLi+RdIbvE/3hqV8XXlMgGcW5YIba8MpT S9eID0mME1otBq08rKGkrQRgH9CqPDYfpZYfaNLLAn7i
X-Google-Smtp-Source: AHgI3IbR8I5exEuNJnxiZdkIgUHinC+IM0e28Qfu0qgQZ7D3jqJuc2Z4qMwwjFs/HLKGtYEYD47eOChVGvQ/QeWfpO4=
X-Received: by 2002:aed:20a3:: with SMTP id 32mr26330687qtb.9.1550655395167; Wed, 20 Feb 2019 01:36:35 -0800 (PST)
MIME-Version: 1.0
References: <60fabe4b-fd76-4b35-08d3-09adce43dd71@si6networks.com> <alpine.DEB.2.20.1901311236320.5601@uplift.swm.pp.se> <35adea8e-704a-76f2-857f-a83a9ad689ef@si6networks.com> <CAFU7BAS1_veTu-ZXAF0MF4niJwz149nGipx3ep_6fh1bewOzgg@mail.gmail.com> <d9503983-6524-a13a-2cb0-cdcb95f76ea6@si6networks.com> <CAFU7BAQfg712UfgW9wi9pd3eVeZP9cqJEXd6=FDmchuSdauv+g@mail.gmail.com> <82c00442-bbc4-581b-2054-2d02d50d20ad@si6networks.com>
In-Reply-To: <82c00442-bbc4-581b-2054-2d02d50d20ad@si6networks.com>
From: Jen Linkova <furry13@gmail.com>
Date: Wed, 20 Feb 2019 20:36:22 +1100
Message-ID: <CAFU7BASDgmSwY=SLiabSqyiTOphxU0COtFLQvT8drm0iTxM+-Q@mail.gmail.com>
Subject: Re: A common problem with SLAAC in "renumbering" scenarios
To: Fernando Gont <fgont@si6networks.com>
Cc: Mikael Abrahamsson <swmike@swm.pp.se>, IPv6 Operations <v6ops@ietf.org>, "6man@ietf.org" <6man@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/blOttGjXhGoGBYcg005iJ0elbSI>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2019 09:36:42 -0000

On Wed, Feb 20, 2019 at 3:22 PM Fernando Gont <fgont@si6networks.com> wrote:
> There's room for improvement and clarification, though: one may clarify
> that. You might think of this problem as havinf a reference count on the
> prefix. If there's only one router associated with the prefix, un-prefer
> and remove the prefix. Otherwise, just dis-associate the prefix with
> this particular router.

yeah, see another email I've just sent ;)

> > I do believe that the default preferred lifetime is a bit longer that
> > it should be (and I have to tweak it all the time). So maybe we shall
> > change that.
>
> Same applies to the Valid Lifetime. In the context of RFC8028 it doesn't
> make sense for the Valid Lifetime of a prefix to span past the Router
> Lifetime of a router.

Well, my ISP sent me a CPE which is configured to send RAs with router
lifetime of 30 seconds or smth (I sent it back so can not verify
anymore ;))
I would object if I can not listen to the music (which is stored at
the machine in the network) because my Internet connection goes down
(as it's been doing 5 times/day recently ;)

> >> Similarly, if you have multiple interfaces, Rule 5 might override your
> >> rule 8.
> >
> > Sorry, I must be very slow today. Could you please elaborate on this
> > scenario?  I'm having difficulties figuring it out..
>
> Example:
>
> Say you have two network interfaces: If1 and If2.
> Say If1, is configured with 2001:db8:1::/64, and If2 with 2001:db8:2::/64
>
> Say the first default router is that associated with If1.
>
> Say prefix 2001:db8:1::/64 stops being announced, or that you stop
> receiving RAs on If1, but RAs on If2 keep arriving fine.
>
> Based on the logic of your algorithm, one would expect that a new
> connection uses 2001:db8:2::/64/If2 (since that's the "more recently
> advertised information). However, Rule #5 would override that and make
> you employ 2001:db8:1::/64/If1, since Rule #5 prioritizes addresses on
> the outgoing interface.

I'm even more confused now, sorry ;((

Both your draft and my draft talk about cases when *the given
interface* has addresses from the different prefixes and it would be
nice to make sure the host selects the correct one.
So in the case described above:
Time t0:
if1: has addresses from 2001:db8:1::/64, the default route -> if1
if2: has addresses from 2001:db8:2::/64

Time t1
an RA received on if1 containing PIO for 2001:db8:3::/64 (no PIO for
2001:db8:1::/64)

Time t2
if1: has addresses from 2001:db8:1::/64, 2001:db8:3::/64 the default
route -> if1. An RA received
if2: has addresses from 2001:db8:2::/64

Time t3:
the host is trying to send an IPv6 packet off-link.
It selects if1 and now needs to select one of addresses on the
outgoing interfaces. My algorithm suggests that address(es) from
2001:db8:3::/64
should be preferred as they are "freshest" ones. The same outcome as
deprecating  2001:db8:1::/64

> So as long as you have stale routes, in many cases that will override
> any other rules for address selection. -- i.e., if your new rule for
> RFC6724 comes after rule 5, you better get rid of stale routes, or
> otherwise they will override you well-intended rule.

If the only routes are default routes  it does not matter, right?

> > The draft is talking about deprecating prefixes on *another*
> > interface? I hope not..
>
> Certainly not.

It would be nice to make it clear IMHO...

-- 
SY, Jen Linkova aka Furry

v2.23.0 | Report a Bug | By Email