Re: source address selection revisited
Arifumi Matsumoto <arifumi@nttv6.net> Thu, 13 August 2009 10:34 UTC
Return-Path: <arifumi@nttv6.net>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 91CD33A67AC for <ipv6@core3.amsl.com>; Thu, 13 Aug 2009 03:34:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aiBq+n3PdkMz for <ipv6@core3.amsl.com>; Thu, 13 Aug 2009 03:34:23 -0700 (PDT)
Received: from mail.nttv6.net (mail.nttv6.net [IPv6:2001:fa8::25]) by core3.amsl.com (Postfix) with ESMTP id 4F7A03A6811 for <ipv6@ietf.org>; Thu, 13 Aug 2009 03:33:58 -0700 (PDT)
Received: from arifumi3.nttv6.com (arifumi3.nttv6.com [192.47.163.63]) by mail.nttv6.net (8.14.3/8.14.3) with ESMTP id n7DAXu10047030; Thu, 13 Aug 2009 19:33:56 +0900 (JST) (envelope-from arifumi@nttv6.net)
Message-Id: <11239490-BD90-4A63-B0D6-86EFF42CCA5F@nttv6.net>
From: Arifumi Matsumoto <arifumi@nttv6.net>
To: Aleksi Suhonen <Aleksi.Suhonen@tut.fi>
In-Reply-To: <4A7A2F4F.5050800@tut.fi>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Subject: Re: source address selection revisited
Date: Thu, 13 Aug 2009 19:33:56 +0900
References: <4A7A2F4F.5050800@tut.fi>
X-Mailer: Apple Mail (2.936)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (mail.nttv6.net [192.16.178.5]); Thu, 13 Aug 2009 19:33:57 +0900 (JST)
Cc: 6man <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Aug 2009 10:34:35 -0000
Hi, FYI, I remember M. Bagnulo were working on similar problems related to source addresse selection mechanism, which is described in the following expired document. http://tools.ietf.org/html/draft-bagnulo-ipv6-rfc3484-update-00 further comments below. > > This got me thinking, and here are some of the ideas I've had so > far, in random order: > > A) The data structure returned by getaddrinfo() doesn't have any > source address at all. In essence, it is source address agnostic. > The addresses returned by it are usually given to connect() calls, > typically with IN6ADDR_ANY as the effective source address. > > The API[3] doesn't specifically state how connect() should choose > the source address in this case. So if the implementation of > connect() went ahead and tried all "CandidateSource(D) addresses" > according to a new address selection algorithm, instead of just one, > this would not violate the API[3]. This would be only valid for > stateful transports (like TCP) and doesn't work very well for > stateless transports (like UDP), where such decisions would have to > be made on a higher protocol layer... > > B) The getaddrinfo() call could in theory return the same > destination address several times if there are several source > alternatives for it. The implementations of connect(), sendto() and > sendmsg() could then use a different source for the different copies > of the destination address. > > Could the ai_addr field in struct addrinfo be used to carry some > extra hidden information that would tell connect() et al. which > source address to use? Otherwise they would have to try to recognize > them by pointer address. > > Of course, if the application does something to upset these > attempts, like bind()s the source address or copies only parts of > the ai_addr structure somewhere else, then we can always just give > up and use a single source address. That's what the application > probably wanted anyway... I'm afraid the latter change for getaddrinfo() might be also troublesome for some applications. As far as these are new APIs, they are nice to have, just like winsock's newly defined APIs like WSAConnectByName(). However, what I'm afraid is that I do not see the specific and reasonable separator for which addresses should be given to the application as the candidate source addresses, and which addresses should not be. For example, getaddrinfo() API should treat 6to4, Teredo, ULA and link- local addresses as the candidate source address for a given destination address, and return all the pair of source addresses and destination addresses to the calling application ? If we define this separator should be configurable, what should be the default ? -- Arifumi Matsumoto Secure Communication Project NTT Information Sharing Platform Laboratories E-mail: arifumi@nttv6.net
- source address selection revisited Aleksi Suhonen
- Re: source address selection revisited Arifumi Matsumoto
- Re: source address selection revisited Aleksi Suhonen