IETF Logo Mail Archive

Re: [Int-area] Route Information Options in Redirect Messages

james woodyatt <jhw@google.com> Wed, 18 January 2017 01:18 UTC

Return-Path: <jhw@google.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D47FA12948C for <ipv6@ietfa.amsl.com>; Tue, 17 Jan 2017 17:18:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.2
X-Spam-Level:
X-Spam-Status: No, score=-5.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-3.199, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9xHdjuW7wD68 for <ipv6@ietfa.amsl.com>; Tue, 17 Jan 2017 17:18:56 -0800 (PST)
Received: from mail-pg0-x233.google.com (mail-pg0-x233.google.com [IPv6:2607:f8b0:400e:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADA9C12949F for <ipv6@ietf.org>; Tue, 17 Jan 2017 17:18:56 -0800 (PST)
Received: by mail-pg0-x233.google.com with SMTP id t6so23706755pgt.3 for <ipv6@ietf.org>; Tue, 17 Jan 2017 17:18:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=i0qxZcAjzk0WIDgSuT+/uG7eB0Gx6H6qa+w5y/SogD4=; b=v7doMdIFjT9UK9y0M1h3WPsneEMojC14KvtZ6oSjl0L2jGrWMNJ8ZUF8GBgIXO0PC5 L5MGuq6T37I69wATzjxuDUsdxYEooe3H/s07bMcJVersGOvFz7f877peF6ql6wAZdSMn pWI38kTk0pDy4RQgPqQqOVPnaGJD9+UMhAPKQMV2Hi2r2V9dXb2oC0OYPX/Fa1OQcrSh gfPhyfMYgv1HpOZSckUUApTc2LfuTa0xfHneL2xTGCViXAPjIvWl19k1t7e5eWFhy8Sp QJRmSB7VN6HUw3NYy5uFsXAV8AjCtNPrnyVRXZ59V9Tw9VL3wILgkvbkE45AQzIWnR/M Ghqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=i0qxZcAjzk0WIDgSuT+/uG7eB0Gx6H6qa+w5y/SogD4=; b=fFjKtjAAxdQTSL9ld2iFcw4hiUEYetPskqDR+nKJ9vVg/LA2V6qhHYBQFpXhXd3kiY w5rbV+g8heJz95bKhM1dSn7USjUHOozX/Vp38EX/7jaeWQP+fsnFmzS/7NREdXD2K+Xv o5ARLv31MlvhzfoUDK8zQ5fbQVLXgoTl0sLrR8Skv4OPXbFz+SHSWnDjjeiIK9gLO9jF 0ejD+JBUgStz1Zff5PCmi4mZxaMAnFwcRIr7NEtwh8r2SoKZYn/nyTN5dAeGYOP6TFN8 tImR77sbIkUdBmyZ0LGV4vVBOPaD2fVaTcaotw0pwFFmX3+o65Cna4mHytny4jvGLtif Iuzg==
X-Gm-Message-State: AIkVDXJZNExbpKaNrUw0AjXN4Ez2FAuWo4QU4vEHeMjL2VVwfar+xV3WmpbUPdoV+U+wqzSc
X-Received: by 10.84.171.195 with SMTP id l61mr1015672plb.84.1484702335930; Tue, 17 Jan 2017 17:18:55 -0800 (PST)
Received: from ?IPv6:2620::10e7:10:1deb:c2e4:c17b:3951? ([2620:0:10e7:10:1deb:c2e4:c17b:3951]) by smtp.gmail.com with ESMTPSA id n86sm58521722pfb.45.2017.01.17.17.18.54 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 17 Jan 2017 17:18:55 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Subject: Re: [Int-area] Route Information Options in Redirect Messages
From: james woodyatt <jhw@google.com>
In-Reply-To: <d12b5166bf0b41f1b85021f6e1410b16@XCH15-06-08.nw.nos.boeing.com>
Date: Tue, 17 Jan 2017 17:18:54 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <C746D8F4-C8EC-445A-BD42-928522590C8A@google.com>
References: <b0d15d2e8b3e414abf4e87c60d39e252@XCH15-06-08.nw.nos.boeing.com> <AEE70A51-720C-4957-AA1C-8D213EB366D8@google.com> <d12b5166bf0b41f1b85021f6e1410b16@XCH15-06-08.nw.nos.boeing.com>
To: 6man WG <ipv6@ietf.org>, INT Area <int-area@ietf.org>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/hBOqtQ7s-X_0_-PjKMt3O6MlX4Y>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jan 2017 01:18:59 -0000

On Jan 9, 2017, at 11:53, Templin, Fred L <Fred.L.Templin@boeing.com> wrote:
> On Monday, January 09, 2017 11:02 AM, james woodyatt <jhw@google.com> wrote:
>> 
>> p2. Section 3.3, Host Specification says this:
>> 
>>>>   In light of these considerations, a "Type C" host that receives a
>>>>   Redirect message containing RIOs adopts the combined behaviors of
>>>>   both of these specifications.  Namely, the host updates its neighbor
>>>>   cache entry for the Target and updates its routing table per the
>>>>   included RIOs.  If the Destination address is not the unspecified
>>>>   address, the host further updates its destination cache.
>>>> 
>>>>   Note that "Type A'" and "Type B" hosts ignore any RIOs and process
>>>>   the Redirect message according to Section 8.3 of [RFC4861].
>> 
>> And I wonder if you have considered the possibility of a “Type D” host, which in my conception would be capable of *only* processing
>> RIO options that appear in ND Redirect messages and *not* in RA messages.
> 
> Had not considered that, but I don't see a problem with it. FWIW, the 'Type A/B/C' comes from RFC4191 in case others are wondering.
> 
>> I’m not sure that’s a type of host we want to encourage,
>> but the idea of its possibility was one of the first things that sprang to mind when I contemplated the reasons why so few Type C hosts
>> are currently deployed in the wild after more than a decade since RFC 4191 was published.
> 
> I am interested in usage inside of a managed network, and not so much about
> deployment in the wild. Inside of a managed network, the network administrators
> could enable this function among the deployed hosts to provide the network with
> a means to manage routing information for more-specific routes.

Yes, well, as you might imagine, I’m interested in behavior of commodity hosts on unmanaged networks.

As far as I know, the most common types of commodity host implementations are Type B at this point. Yes, I know at least one has a configurable option to enable Type C behavior, but Type B is the default, and it’s also rarely changed in managed host configurations for mobile workstations and personal devices.

I believe host implementations have not adopted Type C default behavior because of security concerns on unmanaged networks like public Wi-Fi hotspots, where the damage potentially caused by so-called “rogue routers” is already perceived to be unacceptably high. The theory being that adding support for processing RIO options would further lower the network costs of mounting such attacks, in exchange for a questionably valuable route optimization from hosts to possibly illegitimate routers. I’m not a big fan of this line of reasoning, but I’ve often seen it used to counter arguments that adding default Type C behavior would be a good idea.

A better argument against RIO options in RA Messages, as far as I’m concerned, is that RA Guard [RFC6105] functions are often deployed in L2 switching fabrics, and they’ll drop all the RA Messages from most routers other than the protected default routers, which are likely to be the ones advertising more specific routes. With ND Redirect Messages, network operators can still have a reasonable assurance that hosts never update their routing tables except at the initiation of one of the legitimate default routers, which are protected by RA Guard.

In light of that, I would suggest defining two new types of behavior, which would permit implementers to continue resisting the adoption of Type C by default, yet would allow them to add support for processing RIO options just in ND Redirect messages and not RA messages. Call that a Type D host, and call the functional combination Type C+D or something.

Here is my proposed text for Section 3.3 Host Specification.

>>> The Host Specification follows Section 8.3 of Neighbor Discovery for IP version 6 (IPv6) [RFC4861], Section 3 of Default Router Preferences and More-Specific Routes [RFC4191], and Section 3 of First-Hop Router Selection by Hosts in a Multi-Prefix Network [RFC8028]. According to [RFC4861], a host that receives a valid ND Redirect message updates its destination cache per the Destination information and its neighbor cache per the Target information. According to [RFC4191], a “Type C” host that receives a valid RA message updates its routing table per the RIO elements included in the message. Finally, according to [RFC8028], a “Type C” host operating on a Multi-Prefix Network with multiple default routes can make source address selection decisions based on information in its route table decorated with information derived from the source of the RIO element.
>>> 
>>> In light of these considerations, this document introduces a new “Type D” behavior for hosts with the same kind of routing table as a “Type C” host, but which processes RIO elements in ND Redirect Messages according to this specification instead of RA Messages as in RFC 4191. Hosts that process RIO elements in both RA messages and ND Redirect Messages are said to have “Type C+D” behavior.
>>> 
>>> In both the “Type D” and “Type C+D” cases, hosts process ND Redirect Messages by updating 1) their neighbor cache per the Target information, 2) their destination cache per the Destination information when the Destination Address field is not the unspecified address, and 3) their routing tables per any RIO elements present.
>>> 
>>> RIO elements in RA Messages are processed by “Type D” hosts in the same way that “Type B” hosts process them, i.e. by ignoring them. In “Type C+D” hosts, RIO elements in RA messages are processed in the same way that “Type C” hosts process them.
>>> 
>>> In the all the cases where hosts process RIO elements, i.e. in RA Messages or in ND Redirect Messages or in both, hosts MAY make source address selection decisions, as in [RFC8028], based on their route tables decorated with information derived from the sources of received RIO elements.
>>> 
>>> The behaviors of “Type A,” “Type B” and “Type C” hosts are not changed by this specification. In particular, they all process ND Redirect Messages according to Section 8.3 of [RFC4861].


--james woodyatt <jhw@google.com>

v2.23.0 | Report a Bug | By Email