IETF Logo Mail Archive

Re: Thoughts on address selection

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 10 November 2009 01:54 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E834028C0F2 for <ipv6@core3.amsl.com>; Mon, 9 Nov 2009 17:54:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.188
X-Spam-Level:
X-Spam-Status: No, score=-2.188 tagged_above=-999 required=5 tests=[AWL=-0.189, BAYES_00=-2.599, J_CHICKENPOX_13=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7h315W8QnBhG for <ipv6@core3.amsl.com>; Mon, 9 Nov 2009 17:54:00 -0800 (PST)
Received: from ey-out-2122.google.com (ey-out-2122.google.com [74.125.78.25]) by core3.amsl.com (Postfix) with ESMTP id 6B4CB3A68E0 for <ipv6@ietf.org>; Mon, 9 Nov 2009 17:54:00 -0800 (PST)
Received: by ey-out-2122.google.com with SMTP id 4so305345eyf.51 for <ipv6@ietf.org>; Mon, 09 Nov 2009 17:54:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :organization:user-agent:mime-version:to:cc:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=3xPuCDzLFYYs2BSUfYX1f9jrAezSbWTfH/loLoVz/kI=; b=Q1Lp8kYfYmvRX9eigil/OZHaVbupHKhzBqzT0LOU+GSH9ii63PGoWGD3RGRxZz8zJK sH99siGClhoa3FFhICJlCUgmxPAbW08xYgnRMZOHUIYyH/13comyQPZE2CDpk2J6b4DM 1aun1msGvRI9olHrhyQCnlmSElHNGjrN86RIs=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; b=YXiWGnGBdJ6Y/UmR8V2mKU8rt245cscXk9FAYtriemR1b7K6c58UMX2mq71XhaWCWG 5H4rsGKS4tHx//qavjN2B/7F9griMyNRNVAzr+TUnAZ6oqdZpDrJWVBHYFcv8FPDeNe0 oy4y7lOiN3oBkAsmEVb4qAGMPdS7hzq6VrA5w=
Received: by 10.213.2.82 with SMTP id 18mr2487349ebi.44.1257818062612; Mon, 09 Nov 2009 17:54:22 -0800 (PST)
Received: from ?133.93.16.203? (host-16-203.meeting.ietf.org [133.93.16.203]) by mx.google.com with ESMTPS id 5sm630471eyh.34.2009.11.09.17.54.18 (version=SSLv3 cipher=RC4-MD5); Mon, 09 Nov 2009 17:54:21 -0800 (PST)
Message-ID: <4AF8C7C5.8000704@gmail.com>
Date: Tue, 10 Nov 2009 14:54:13 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Fred Baker <fred@cisco.com>
Subject: Re: Thoughts on address selection
References: <F25A2D83-2504-4354-90BB-4CD2B0D3D743@cisco.com>
In-Reply-To: <F25A2D83-2504-4354-90BB-4CD2B0D3D743@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: draft-ietf-6man-addr-select-sol@tools.ietf.org, draft-ietf-6man-addr-select-considerations@tools.ietf.org, IETF IPv6 Mailing List <ipv6@ietf.org>, draft-arifumi-6man-addr-select-conflict@tools.ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2009 01:54:02 -0000

Fred,

Another approach to problem 3 is to extract REAP from SHIM6
and figure out how to use it to enhance address selection
in practice.

   Brian

On 2009-11-10 14:42, Fred Baker wrote:
> I'm following up on the discussion just had in 6man regarding address
> selection. I have this awful feeling that we are fighting off the
> alligators and forgetting to drain the swamp.
> 
> Correct me if I am wrong. The objectives being the source address
> selection algorithm are to:
>   1) keep a datagram within as local a routing domain as possible
>   2) to facilitate the lowest possible RTT during an exchange
>   3) to work around issues caused by ingress filtering (BCP 38/84)
> 
> In short, we recommend that the source, which knows its own addresses,
> compare them to the known addresses of a potential destination, and
> choose the address pair that have the largest number of contiguous
> prefix bits in common. This achieves (1), and in so doing potentially
> achieves (2), although there are ample cases in which that is not so.
> Overcoming those failure cases and (3) are the real issue the table in
> RFC 3484 addresses.
> 
> Am I correct?
> 
> It seems to me that at least in part, this is a matter of making very
> broad assumptions about routing that may not be valid. It seems to me
> that there are two things we can do reliably. I have mentioned these to
> you before, in the v6ops context; let me bring them up again. They come
> down to - if you want the host to make statements about the network, I
> think it needs to know more than it currently knows about the network,
> either by measurement or by explicit communication.
> 
> I think the simplest solution to (2) is, frankly, to open connections at
> some rate (if I have N addresses and my peer has M, send a
> SYN-or-whatever on successive pairs in the cross-product every K
> milliseconds until I get a SYN-ACK on one of them, and then close all
> other sessions). The order of selection is determined according to the
> prefix length algorithm - the fastest responder is likely to be the most
> local domain, which is likely to be the one with a common prefix. In
> local scenarios, "open successive sessions" boils down to opening one
> session; in more remote scenarios, it will tend to select an address
> pair that (a) works and (b) has low RTT relative to the routing implied
> by other address pairs.
> 
> The simplest solution to (3), if my machine is in an administrative
> domain facing an ISP, is to have my DMZ router perform the BCP 38 filter
> before the datagram reaches the ISP, and in the failure case reply with
> some form of ICMP message that says "routing took your datagram to an
> egress into the ISP with prefix <mumble>; select an address in prefix
> <mumble>". That will give the host the opportunity to select the correct
> address to traddle ingress filtering reliably.
> 
> Is there another requirement I'm missing? I don't think a table in the
> host that attempts to outthink the network is reliable or wise.
> 
> http://tools.ietf.org/html/draft-arifumi-6man-addr-select-conflict
>   "Considerations of address selection policy conflicts", Arifumi
>   Matsumoto, Tomohiro Fujisaki, Ruri Hiromi, 24-Oct-09,
>   <draft-arifumi-6man-addr-select-conflict-01.txt>
> 
> http://tools.ietf.org/html/draft-ietf-6man-addr-select-considerations
>   "Considerations for IPv6 Address Selection Policy Changes", Tim Chown,
>   19-Oct-09, <draft-ietf-6man-addr-select-considerations-00.txt>
> 
> http://tools.ietf.org/html/draft-ietf-6man-addr-select-sol
>   "Solution approaches for address-selection problems", Arifumi Matsumoto,
>   Tomohiro Fujisaki, Ruri Hiromi, Ken-ichi Kanayama, 1-Jul-09,
>   <draft-ietf-6man-addr-select-sol-02.txt>
> 
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email