RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet-model-00.txt
"Hemant Singh (shemant)" <shemant@cisco.com> Fri, 18 July 2008 14:36 UTC
Return-Path: <ipv6-bounces@ietf.org>
X-Original-To: ipv6-archive@megatron.ietf.org
Delivered-To: ietfarch-ipv6-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 384343A69D8; Fri, 18 Jul 2008 07:36:14 -0700 (PDT)
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 87F603A69D8 for <ipv6@core3.amsl.com>; Fri, 18 Jul 2008 07:36:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.864
X-Spam-Level:
X-Spam-Status: No, score=-5.864 tagged_above=-999 required=5 tests=[AWL=0.735, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P7p54GRcoUyQ for <ipv6@core3.amsl.com>; Fri, 18 Jul 2008 07:36:12 -0700 (PDT)
Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by core3.amsl.com (Postfix) with ESMTP id 5BED43A68A9 for <ipv6@ietf.org>; Fri, 18 Jul 2008 07:36:12 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.31,210,1215388800"; d="scan'208";a="18233839"
Received: from sj-dkim-3.cisco.com ([171.71.179.195]) by sj-iport-4.cisco.com with ESMTP; 18 Jul 2008 14:36:45 +0000
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id m6IEajSW015438; Fri, 18 Jul 2008 07:36:45 -0700
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by sj-core-1.cisco.com (8.13.8/8.13.8) with ESMTP id m6IEah5i013650; Fri, 18 Jul 2008 14:36:45 GMT
Received: from xmb-rtp-20e.amer.cisco.com ([64.102.31.40]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Fri, 18 Jul 2008 10:36:43 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Subject: RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet-model-00.txt
Date: Fri, 18 Jul 2008 10:36:42 -0400
Message-ID: <B00EDD615E3C5344B0FFCBA910CF7E1D04E41F9C@xmb-rtp-20e.amer.cisco.com>
In-Reply-To: <m2zlogc4eh.wl%Jinmei_Tatuya@isc.org>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet-model-00.txt
Thread-Index: AcjoffIht3XLj5syRRGbvqLpvK5DRwAY69Eg
References: <BB56240F3A190F469C52A57138047A03A9F348@xmb-rtp-211.amer.cisco.com><m2r6a24lwi.wl%Jinmei_Tatuya@isc.org> <487B2ADA.3090601@sun.com> <m2zlogc4eh.wl%Jinmei_Tatuya@isc.org>
From: "Hemant Singh (shemant)" <shemant@cisco.com>
To: Jinmei_Tatuya@isc.org, Erik Nordmark <erik.nordmark@sun.com>
X-OriginalArrivalTime: 18 Jul 2008 14:36:43.0193 (UTC) FILETIME=[B29D4290:01C8E8E3]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=5932; t=1216391805; x=1217255805; c=relaxed/simple; s=sjdkim3002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=shemant@cisco.com; z=From:=20=22Hemant=20Singh=20(shemant)=22=20<shemant@cisco. com> |Subject:=20RE=3A=206MAN=20WG=20Last=20Call=3Adraft-ietf-6m an-ipv6-subnet-model-00.txt |Sender:=20; bh=XJSXBSuDo9rz2O8CzcHue172o8diKwVH5XsiBzYnv1Q=; b=V2O1dQmHQikwYzXSqGYmIgjXT3R36iqXYPfgstNemiQR/oCa6sX5lTJZtz ADbk9GjrhRbRcYZqMzLvpzkuOjvkqBMoDGvhmLtg6DbllaE+y6hzk56Er6/5 FD1oxb47cS;
Authentication-Results: sj-dkim-3; header.From=shemant@cisco.com; dkim=pass ( sig from cisco.com/sjdkim3002 verified; );
Cc: Thomas Narten <narten@us.ibm.com>, ipv6@ietf.org, Brian Haberman <brian@innovationslab.net>, Bob Hinden <bob.hinden@nokia.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ipv6-bounces@ietf.org
Errors-To: ipv6-bounces@ietf.org
Tatuya & Erik, Note, that our document is not killing on-link determination caching due to two reasons: 1. We don't have any Normative text. 2. Killing means don't use cached information. Our new text is saying, after re-init, deprecate cached information temporarily, verify information, and if information is verified, then use cached information. As Suresh also corroborated, this is what DNA does. Please wait for another email from me when I reply to one of your other emails. Further, note the 2-hour rule from RFC4862 does not apply in RFC4861 to Lifetime. The Lifetime also affects on-link determination because if a prefix expires the host sends data to a default router rather than issuing an NS to resolve a non-link-local destination. See this text snipped from section 6.3.4 of RFC4861. [Stateless address autoconfiguration [ADDRCONF] may in some circumstances use a larger Valid Lifetime of a prefix or ignore it completely in order to prevent a particular denial-of-service attack. However, since the effect of the same denial of service targeted at the on-link prefix list is not catastrophic (hosts would send packets to a default router and receive a redirect rather than sending packets directly to a neighbor), the Neighbor Discovery protocol does not impose such a check on the prefix lifetime values. Similarly, [ADDRCONF] may impose certain restrictions on the prefix length for address configuration purposes. Therefore, the prefix might be rejected by [ADDRCONF] implementation in the host. However, the prefix length is still valid for on-link determination when combined with other flags in the prefix option. Note: Implementations can choose to process the on-link aspects of the prefixes separately from the stateless address autoconfiguration aspects of the prefixes by, e.g., passing a copy of each valid Router Advertisement message to both an "on-link" and an "addrconf" function. Each function can then operate independently on the prefixes that have the appropriate flag set.] Hemant -----Original Message----- From: ipv6-bounces@ietf.org [mailto:ipv6-bounces@ietf.org] On Behalf Of Jinmei_Tatuya@isc.org Sent: Thursday, July 17, 2008 10:28 PM To: Erik Nordmark Cc: Thomas Narten; Bob Hinden; ipv6@ietf.org; Brian Haberman Subject: Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet-model-00.txt At Mon, 14 Jul 2008 03:30:50 -0700, Erik Nordmark <erik.nordmark@sun.com> wrote: > there are currently two places where we treat autoconfigured addresses > differently than on-link prefixes. > One is the text about storing the address and associated lifetime in > RFC > 4862 that we are debating here. > The other one is the 2 hour rule that was very explicitly added only > for the addrconf property of the prefix and not the on-link property. > > I don't recall the different treatment for the first case. > But for the second case I clearly recall the argument that loosing the > IP address (by an accidental or malicious RA with a zero valid > lifetime for the prefix) was considered a lot worse than loosing the > on-link property. Basically that loosing the IP address for a short > time (it might be re-added by the next RA) is something we must avoid, > but that "routing" (the on-link property) is something which must be > able to recover from temporary failures in any case. Yes, I recall that discussion, too. > [I don't know if the same argument was present when the storing of > addresses was discussed.] > > > I'd accept, if > > > > 1. we prohibit both address caching and on-link caching (with > > reasonable argument, of course) > > or, > > 2. we don't talk about on-link caching (either allow or prohibit) if > > we don't talk about address caching > > > > but it would be unfair if > > 3. we prohibit on-link caching while ignoring its effect on address > > caching. > > If we are going to require that all aspects of a prefix should be > treated identically then to be consistent we must also make the 2 hour > rule be consistent (by either removing it for the addrconf property or > adding it to the on-link property). > > FWIW I think forcing such consistency is not necessary; it would just > result in unneeded changes to already deployed standards. There's a subtle difference. In the two-hour-rule case, we assume we have a working router. So even if the host looses its on-link prefix information, it can still send packets to the router, having it forward the packets and/or send a redirect back, etc. In the address storing case, (at least in my understanding) we consider the case when a router is temporarily out of service. And since we dropped the on-link-by-default rule, the cached address will effectively be of no use. > Is your concern that there are deployed implementations which store > on-link prefixes across reboots? No, it's rather a meta level concern. What I wanted to say (in case I was not clear) is that we should not pretend that killing on-link prefix caching is independent from address caching. If we kill the former, we will effectively also kill the latter (which has implementors - note: we don't implement it). So, IMO, if this document wants to kill on-link caching, it should at least note that it also kills address caching in effect. If implementors of address caching still think it's acceptable, then I have no objection to that (I have no stake in that area, anyway). I hope I'm clear this time. --- JINMEI, Tatuya Internet Systems Consortium, Inc. -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
- 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet-mod… Brian Haberman
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wojciech Dec (wdec)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wes Beebee (wbeebee)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wojciech Dec (wdec)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… MILES DAVID
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… MILES DAVID
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… MILES DAVID
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Thomas Narten
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Thomas Narten
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wes Beebee (wbeebee)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Thomas Narten
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wes Beebee (wbeebee)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wes Beebee (wbeebee)
- FW: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- Re: FW: 6MAN WG Last Call:draft-ietf-6man-ipv6-su… JINMEI Tatuya / 神明達哉
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Thomas Narten
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… MILES DAVID
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Thomas Narten
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Thomas Narten
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Suresh Krishnan
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Suresh Krishnan
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wes Beebee (wbeebee)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wes Beebee (wbeebee)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Erik Nordmark
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Erik Nordmark
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Erik Nordmark
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Erik Nordmark
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Erik Nordmark
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wes Beebee (wbeebee)
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Azinger, Marla
- 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet-mod… Brian Haberman
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Brian Haberman
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Brian E Carpenter
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wes Beebee (wbeebee)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Wes Beebee (wbeebee)
- Re: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… JINMEI Tatuya / 神明達哉
- RE: 6MAN WG Last Call:draft-ietf-6man-ipv6-subnet… Hemant Singh (shemant)