IETF Logo Mail Archive

Re: DAD question

Dominik Elsbroek <dominik.elsbroek@gmail.com> Sat, 11 August 2012 15:45 UTC

Return-Path: <dominik.elsbroek@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8405621F8616 for <ipv6@ietfa.amsl.com>; Sat, 11 Aug 2012 08:45:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.569
X-Spam-Level:
X-Spam-Status: No, score=-3.569 tagged_above=-999 required=5 tests=[AWL=0.030, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0mpNfOYbqPbL for <ipv6@ietfa.amsl.com>; Sat, 11 Aug 2012 08:45:09 -0700 (PDT)
Received: from mail-gh0-f172.google.com (mail-gh0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 7AA4C21F8613 for <ipv6@ietf.org>; Sat, 11 Aug 2012 08:45:09 -0700 (PDT)
Received: by ghbg16 with SMTP id g16so2432276ghb.31 for <ipv6@ietf.org>; Sat, 11 Aug 2012 08:45:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=Qy48W/xDhHAihy+i2yHU4xs2qHelwAcG6zZpSzeWato=; b=WfbZ2M+3TLturRGNbGgTK4QDlgNOVOxFvhqXTPyybAihuX/BEzaAPUz6mvqeqfqGt0 lLWQUf8DizvKWBqEtNWULbxfRxBdUR1pksqoo33fx3NU3gAh9L3i1nVAapvR3eEuDcaL Vb3J46z+ndhWO1ixecfcOX7MWVqapAWPr2wAC30jE3R3z4XU5YWxnXG8cIcTcrKlZGyO mEeUPqP7RaPB8c4At0KHrgpf7u3MVa9ST3KPrGzNfiW/rFJRr6pRu7K8fcSJXOY1tbOQ 1QyE/mbQs8tG6U0JBHLwOFK9Fp3h5MPT+gEPOp5kNH39e+gUReuROf9BRTosnMflnulg 20/g==
MIME-Version: 1.0
Received: by 10.42.22.206 with SMTP id p14mr4318220icb.23.1344699908795; Sat, 11 Aug 2012 08:45:08 -0700 (PDT)
Received: by 10.50.100.170 with HTTP; Sat, 11 Aug 2012 08:45:08 -0700 (PDT)
In-Reply-To: <5FAE0128-DDE7-45C4-8632-F56EAA1BE362@gmail.com>
References: <36AA0AF8-95FD-4751-AE2E-A7A3D07038EB@cisco.com> <409F28A1-7974-4524-893D-CEF349A96657@employees.org> <5FAE0128-DDE7-45C4-8632-F56EAA1BE362@gmail.com>
Date: Sat, 11 Aug 2012 08:45:08 -0700
Message-ID: <CAAVMDnVADhaRKJVdCQAVzHUKQ3W0i5Zg9wop0yXneqSyDxHk5g@mail.gmail.com>
Subject: Re: DAD question
From: Dominik Elsbroek <dominik.elsbroek@gmail.com>
To: Bob Hinden <bob.hinden@gmail.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Cc: "ipv6@ietf.org 6man" <ipv6@ietf.org>, "Fred Baker (fred)" <fred@cisco.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Aug 2012 15:45:10 -0000

Hi list,

i few month ago I played around with dos-new-ip6.c from the IPv6
Attack Toolkit of Marc Heuse (see http://thc.org/thc-ipv6/). The tool
answers to any neighbor solicitation with an neighbor advertisement.
Debian 6.0.5 sent the neighbor solicitation a few times, always
receiving a neighbor advertisement for the desired address. After a
few tries Debian just assigned the desired address. This was tested
using a OpenVPN network with VMs using VirtualBox.

Cheers,
Dominik


On Sat, Aug 11, 2012 at 8:36 AM, Bob Hinden <bob.hinden@gmail.com> wrote:
> Ole,
>
> On Aug 11, 2012, at 1:33 AM, Ole Trøan wrote:
>
>> Fred,
>>
>>> Call this "making sure I'm on the same page as anyone else"…
>>>
>>> RFC 4941 describes privacy addresses, and RFC 4291 describes an EID based on a MAC Address. RFC 4862 describes stateless address autoconfiguration, and uses RFC 4861's duplicate address detection mechanism.
>>>
>>> My question is: what happens if any of them discovers that it has created an address that is already in use in the network?
>>>
>>> There would appear to be two options:
>>> (1) "ah, OK, I guess I didn't really want to talk today"
>>> (2) Following RFC 4941, guess again until one creates a unique address
>>>
>>> Is it fair to assume that implementations do DAD and follow (2)?
>>
>> implementations I'm familiar with do 1.
>> it may be a fair assumption that if an address based on the MAC address is duplicate, the MAC address itself is a duplicate.
>
> True, but the odds of this happening are very low.  I wonder if we have any data on DAD detecting duplicate addresses and their cause.
>
> For example, has any seen any actual duplicate MAC addresses?  It would be good to collect some data.
>
> Bob
>
>>
>> cheers,
>> Ole--------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email