IETF Logo Mail Archive

Re: IPv6 Routing & ND vs. Addressing, (Was: Re: <draft-ietf-6man-rfc4291bis-09.txt>)

Brian E Carpenter <brian.e.carpenter@gmail.com> Sun, 16 July 2017 20:58 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35C1712778E for <ipv6@ietfa.amsl.com>; Sun, 16 Jul 2017 13:58:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3I_pEDG3JoT7 for <ipv6@ietfa.amsl.com>; Sun, 16 Jul 2017 13:58:24 -0700 (PDT)
Received: from mail-pg0-x22f.google.com (mail-pg0-x22f.google.com [IPv6:2607:f8b0:400e:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BB091243F3 for <ipv6@ietf.org>; Sun, 16 Jul 2017 13:58:24 -0700 (PDT)
Received: by mail-pg0-x22f.google.com with SMTP id k14so69416614pgr.0 for <ipv6@ietf.org>; Sun, 16 Jul 2017 13:58:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=3Yarmy8fE4sXK9NObu4ZRj5TibKSzJRInDpkm5GTVdU=; b=YNks0nCRUsq0RvLAGXHL93XRocgDMa6Vx1bnnd53m8lTEyfVv2ssKY+VzkbNrdwrpJ m6heWT98njv6XzUwS5H0ebVfO1LPTAvUU0cCpFthnkaTKphlWg+UikwQr8hB0OPPJsYf hmrypm90/6HbikV4fFLIa/kfORJlpPJqMlL5S8ziTPh5CgVxhSLMLA5SIdOWpkUsoeV6 TENTjO3W4WQnZt4qo4h+eejrrW+K5AHhOVSytl3yrGK67RB2GscyBvyC2EhaRf6dM3VA KxfpN8B6QXAXfZ2z32m+POWadVGohqsyzA+AbA3CAtqeT70gGy4j8UJXDA5mK9riDqRR aaoQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=3Yarmy8fE4sXK9NObu4ZRj5TibKSzJRInDpkm5GTVdU=; b=beDKozlyKei19GBgk8ysOyonGJHIYato+vMb6H7YNYwpZjmkDBwF3mJscVdRaI8SO3 ZgNMZPP807aQiOepzNBJ+15mQ0N0zDdkHX50sh2G8r69plnACYAq/jJk/0+yCVBQY7/9 MJ6UHBgw5o0h4SKtpNfpbGD4kgZimKCNA05rsIOoQ2uoAzVVLBpwyAvfOFrV54EkfcqW QQwN2KV87vuOW+tFvdordl5wN9ry3dyRCRwB88ug0xlYMWdtKC5ZvWnE1jp20KaGR9E9 zmUmVDTUHo3dhJXgOlVjYX++XtiERgcCZnaT0vuooUDOwBXZSkQ0h7oDw47+Uy1lFJhi uuVw==
X-Gm-Message-State: AIVw113jf/9E3BT7z2blB1/tqTspBTkkuduSX5pEbReV6KgohV423oLb 6N9xjFwN3o7GMi75
X-Received: by 10.84.229.77 with SMTP id d13mr27165862pln.239.1500238703654; Sun, 16 Jul 2017 13:58:23 -0700 (PDT)
Received: from [192.168.178.21] (69.21.255.123.dynamic.snap.net.nz. [123.255.21.69]) by smtp.gmail.com with ESMTPSA id v64sm36686318pfk.126.2017.07.16.13.58.21 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 16 Jul 2017 13:58:22 -0700 (PDT)
Subject: Re: IPv6 Routing & ND vs. Addressing, (Was: Re: <draft-ietf-6man-rfc4291bis-09.txt>)
To: Mark Smith <markzzzsmith@gmail.com>, "Pascal Thubert (pthubert)" <pthubert@cisco.com>
Cc: "ipv6@ietf.org" <ipv6@ietf.org>
References: <CAN-Dau2zgthR2w9e5ZVUdGc-vm+YvK2uTUJ8O=vrcv0jNc58RA@mail.gmail.com> <CAN-Dau1bxm5y0v_6kUBc_ym39bSSxepjdwrzcS7YHWD=CV9-bw@mail.gmail.com> <3b34d6e9718a45ae80877e36fb55f2b4@XCH15-06-11.nw.nos.boeing.com> <CAO42Z2x+282VK7nMFHjcCz9tBmJ_=d4OhkiRZFZDLcZhakGB1Q@mail.gmail.com> <30cb27b2-007a-2a39-803d-271297862cae@gmail.com> <40d757eb97564bc8bb0511063bd9d3f4@XCH15-06-11.nw.nos.boeing.com> <CAO42Z2x7ER2fUietjT3Ns-jpCqscCmVDVubiM0Dgw1_L0bkw=A@mail.gmail.com> <c7b140bf69104cd3877a7da03fbf17e7@XCH15-06-11.nw.nos.boeing.com> <32924d19-e5ce-7606-77f4-925b682065f5@gmail.com> <745583ab45bb407a9a210020a96773c5@XCH15-06-11.nw.nos.boeing.com> <m1dVbRc-0000GQC@stereo.hq.phicoh.net> <b6da9e67-1f4e-8900-5a3b-575d0c6fd2fd@gmail.com> <m1dWNIL-0000FpC@stereo.hq.phicoh.net> <3d2f1182-ec19-959e-a63f-ad0d316bbacf@gmail.com> <E09CB996-1191-4700-9123-92BD31FD7A20@cisco.com> <CAO42Z2zmd+2M8XYzWW2aAEwhOgc-eDD7jiwbF8fckqKLqLrkBA@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <9f43ab06-c7c9-9b73-2a28-73d92014963f@gmail.com>
Date: Mon, 17 Jul 2017 08:58:18 +1200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <CAO42Z2zmd+2M8XYzWW2aAEwhOgc-eDD7jiwbF8fckqKLqLrkBA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/k3xtgSPU3wAhmq0eMksNjPm8ZsI>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Jul 2017 20:58:26 -0000

On 16/07/2017 19:58, Mark Smith wrote:
> On 16 July 2017 at 16:41, Pascal Thubert (pthubert) <pthubert@cisco.com> wrote:
>> Hello Brian:
>>
>> I'd say that DAD detecting a duplication is not a failure; just doing its job right.
>>
>> The DAD failure that hurts is DAD false negative like can be easily obtained on wireless  because the reliability of the multicast is largely different from that of wire.
>>
>> Are we ready to say that addresses that are generated with enough randomness in them do not need DAD?

I'm not, for 3 reasons:

1. An address collision is so fatal that we cannot leave it open as
even a remote possibility. It could be literally fatal in a safety-critical
application.

2. Even if we specify pseudo-random IDs, we know that some people will
nevertheless define them manually, which leads to a real risk of
collision due to human error. See 1.

3. A bad actor might create an intentional collision. See 1.

So, DAD needs to work.

> 
> I looked up RFC4862 to find out how many DAD attempts there were,
> because I'd assumed 3 to 4, and if so, then if that many attempts
> failed, I'd say the link is well beyond its capacity. Something would
> need to be done to remedy a link capacity problem in that case.
> 
> I was surprised to find, as Ole mentioned, the number of attempts was
> only 1 rather than 3 or 4.

I'm more than surprised. I think that's a bug and IMHO it should be fixed.

> One thing it does say about that value is:
> 
> Default: 1, but may be overridden by a link-type specific value in
>       the document that covers issues related to the transmission of IP
>       over a particular link type (e.g., [RFC2464]).
> 
> Although Wifi is emulating Ethernet at the IPv6 interface layer, it
> doesn't have the same multicast characteristics, so perhaps there
> should be an IPv6 over Wifi RFC that specifies IPv6's parameters to
> suit.

Pascal is correct about the intrinsic issues with relying on layer 2
multicast, but we are stuck with it for a while, so a fix seems
necessary.

    Brian
> 
> 
> 
> 
>> Pascal
>>
>>> Le 15 juil. 2017 à 23:01, Brian E Carpenter <brian.e.carpenter@gmail.com> a écrit :
>>>
>>> On 16/07/2017 01:39, Philip Homburg wrote:
>>>>> This is backwards. The goals of pseudo-random IIDs are to reduce the
>>>>> probability that scanning attacks find hosts, and to reduce the risk
>>>>> of IIDs being used to breach privacy.
>>>>>
>>>>> If these goals are met, the collision probability will in any case
>>>>> be low, so DAD failure will be exceedingly rare.
>>>>
>>>> I completely disagree. A collision is fatal. We are nowhere near transparently
>>>> handling all collisions. At best we can hope that DAD can make one node
>>>> continue unaffected.
>>>
>>> I'm confused.
>>>
>>> Firstly, do we have any experimental evidence that collisions
>>> are a real operational problem? (Obviously, MAC address collisions are
>>> disastrous at layer 2 anyway, so although IPv6+(Modified EUI-64) needs to
>>> detect them, they are irrelevant to the current discussion.)
>>>
>>> Secondly, if a collision does occur with IPv6+(pseudo-random IID),
>>> recovery is obvious: after DAD failure, generate a new pseudo-random
>>> IID and try again. This is perfectly compatible with RFC4862 section 5.5
>>> and is specfied in RFC7217 for stable IIDs and in RFC4941 for privacy
>>> addresses.
>>>
>>>    Brian
>>>
>>>>
>>>> In contrast, people have been scanning my IPv4 ranges for the past 20 years
>>>> or so. That may be annoying. That may amplify attacks opportunities. But
>>>> in it self it is not fatal.
>>>>
>>>>
>>>> .
>>>>
>>>
>>> --------------------------------------------------------------------
>>> IETF IPv6 working group mailing list
>>> ipv6@ietf.org
>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>> --------------------------------------------------------------------
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email