IETF Logo Mail Archive

Re: I-D Action: draft-gont-6man-slaac-renum-02.txt

Fernando Gont <fgont@si6networks.com> Mon, 09 March 2020 17:48 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D39B93A140A for <ipv6@ietfa.amsl.com>; Mon, 9 Mar 2020 10:48:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g7EhyoWAr4xr for <ipv6@ietfa.amsl.com>; Mon, 9 Mar 2020 10:48:13 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04BC23A1403 for <ipv6@ietf.org>; Mon, 9 Mar 2020 10:48:12 -0700 (PDT)
Received: from [192.168.0.10] (unknown [181.45.84.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 849D080296; Mon, 9 Mar 2020 18:48:10 +0100 (CET)
Subject: Re: I-D Action: draft-gont-6man-slaac-renum-02.txt
To: Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com>, ipv6@ietf.org
References: <158191113600.5878.10760004246455372944@ietfa.amsl.com> <35f3e826-81ce-d505-3c27-def73983d291@gmail.com> <CAMGpriVTPPcc9bKuKANp1BLnDLU2gmmeq9yfcNFm+sZaNtgoBg@mail.gmail.com> <m1j9lU7-0000JCC@stereo.hq.phicoh.net> <m1jA9CY-0000F8C@stereo.hq.phicoh.net> <299db2f5-3dad-ebe4-a5b4-76d1d6e942a1@si6networks.com> <m1jBGe0-0000KrC@stereo.hq.phicoh.net> <B3D51D07-134D-4F5D-BF12-6383FD2D79FF@employees.org> <m1jBHcL-0000FZC@stereo.hq.phicoh.net>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <63d62730-0f4c-3623-926b-1ab22c4893c2@si6networks.com>
Date: Mon, 09 Mar 2020 14:47:58 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <m1jBHcL-0000FZC@stereo.hq.phicoh.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/fwHGLOIuRO_OIvjQURmRpqVKJJE>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2020 17:48:15 -0000

Hello, Philip.

Thanks for the input! In-line---

On 9/3/20 09:34, Philip Homburg wrote:
>> Yes, this certainly has the potential of decreasing robustness.
>> You have just about 12 hours until the submission deadline for a
>> better proposal!
> 
> Here is a sketch of how the algorithm could be improved.
> 
> My assuption is that the affected home routers send all information in one
> RA, but some other routers split information over an unknown number of
> RAs. The algorithm rapidly expires information in the first case, and
> takes longer in the second case.
> 
> The first part is to detect if all information is sent in one RA. For
> the first n (currently 10) RAs received from a router, check if those RAs
> advertise the same list of prefixes. 

Questions (not objections):

* Is there a rationale for "10"? Or is it mostly "routers couldn't 
reasonably send SLAAC config split into that many RAs"?

* Are these "measurements" something you'd continually perform, or 
something you'd only do on e.g. a link-up event?

* Would a connectivity glitch reset these measurements?

* WHile measuring, do you assume "split RA" or "non-split RA"?



> If this is not the case then set a
> SPLIT_RA to record this fact.
> 
> When an RA arrives and there are prefixes that were previously advertised
> by the current router and are not in the current RA then
> - if SPLIT_RA is set, deprecate the old prefixes if they were last seen at
>    least as long as the router lifetime (if the router is not a default
>    router then do nothing).

When using "deprecate", do you mean:
1) unprefer, or,
2( invalidate

If #1, what would trigger invalidation? A receipt of a similar RA?


> - if SPLIT_RA is not set and the prefix was last seen more than a short
>    while ago (currently one minute) then set the preferred lifetime to
>    a short timeout (current also one minute).

Since this bullet implies that RAs are not split, what would be the 
rationale for "setting the preferred lifetime to a short timeout"?

And, as before: if this simply unprefers the address, what would 
actually invalidate it? Receipt of a similar RA?



> I prefer explicit timeouts over counting packets.

FWIW, counters are simpler. That's why we used them here.


> So far, I have been conservative when it comes to invalidating prefixes
> (I just mark them deprecated). Setting the valid lifetime to the router
> lifetime should be fine. Though I think it is better if higher level
> protocols detect broken connections and take action.

Part of invalidating prefixes is to remove associated routes. If you 
don't, you don't get to talk to new "owners" of the stale prefix.

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email