Re: [v6ops] IPv6 link-local traffic questions
Jen Linkova <furry13@gmail.com> Thu, 12 March 2020 00:34 UTC
Return-Path: <furry13@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE3793A09C5; Wed, 11 Mar 2020 17:34:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yRPpqfIrKHRI; Wed, 11 Mar 2020 17:34:05 -0700 (PDT)
Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D40643A09A4; Wed, 11 Mar 2020 17:33:49 -0700 (PDT)
Received: by mail-qt1-x836.google.com with SMTP id d22so3095217qtn.0; Wed, 11 Mar 2020 17:33:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dIyaa8t3gKEoC+477Xp4r3We6qoEzSi/aiKeQTh9xWY=; b=eKAQnecTeBN9pu6+FLjH9ulWOms4ogmPp6grVDKMaqO0KQ9s8JYlOC9/aC/PhsE/AV JFaCA7kT3OzD1dfXUuUOtDaOLZ27Wmos/tXfvUH0JECKUp70iDLW5Ic9FX+cHJMkkttD XA0NI+V8jvgWhw8o7c76NfwXgJLlML2A6fc7c3pHj95IKIS86TFgd1bCZiADI4+ogWhU rSUVuqjj2GQXMaaE3tpTcgcTwhThUNt+O39K6Z+Br87QBVeubr591PCE8L5wXZ2V8gK7 nsGxgcgHqkSP7mgG8y1u8r+vKzPIkoLg0MmMTlLdjX+Dmatvj26beB82ZfYWFPmn2EK3 sgGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dIyaa8t3gKEoC+477Xp4r3We6qoEzSi/aiKeQTh9xWY=; b=jyFwjlH0tPH07Wot/buhN0vfkmUSYnW31xVvw/nM4IWHEO5HtvuKnX92odWyZN50Pd 0NzoTD5/23DI/ZEyO2K3Fh1ZiujrVNMXRKjxyRADtzCjy0McCFkJz8MdJBmUdqIpkpJg sA9LWGlJD2uIvet3pTifBOZINwhCmMGQy88qjyAoRyvVPyAhXdO4xuIxS8BV6QTrnXEs TSo/Ghh1v2HKwkqu4ZLQsp072xp2B/GUomYXrGev0DuC6ZDMhiIAyZxAmSk1pzVr2yxF opVC8ybM5cDWzWHO50247AFQUDD5P4sKNiMtEWmRstsRyL4cPFo0iy0DuoK5ejV6tQ1Z 9SAg==
X-Gm-Message-State: ANhLgQ1hp0aK24VqhJGYniPhEYq7/hfMrFisC/IGT23wUMV+vFWdJ1yu rhFpNoGHrVUmch8+yBOAR5AnpGjmLP5TQU605Tw=
X-Google-Smtp-Source: ADFU+vuUizjGFkocdrcIBfjaLVUaOpvi+cN4IJPaQeos+02CPGIn9SwXPoEPTdEpgyQ6eQ4GeMvisHds2F/GveYd2FU=
X-Received: by 2002:ac8:a8b:: with SMTP id d11mr4940031qti.94.1583973228094; Wed, 11 Mar 2020 17:33:48 -0700 (PDT)
MIME-Version: 1.0
References: <20200312000016.GO54522@faui48f.informatik.uni-erlangen.de>
In-Reply-To: <20200312000016.GO54522@faui48f.informatik.uni-erlangen.de>
From: Jen Linkova <furry13@gmail.com>
Date: Thu, 12 Mar 2020 11:33:37 +1100
Message-ID: <CAFU7BAT-LP5TC9dpYw+5j8T8H_8XMF=tcY-Qsbg5=MOgUYNk+A@mail.gmail.com>
Subject: Re: [v6ops] IPv6 link-local traffic questions
To: Toerless Eckert <tte@cs.fau.de>
Cc: 6man <6man@ietf.org>, V6 Ops List <v6ops@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/pvGHUoCSOTeNHkeVIduqsCxrEQ0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Mar 2020 00:34:07 -0000
On Thu, Mar 12, 2020 at 11:01 AM Toerless Eckert <tte@cs.fau.de> wrote: > > Sorry for cross posting, but this is both ops and arch questions. > > I was trying to find any generic description that/if link-local IPv6 > traffic MUST/SHOULD use Hop-count 1, but could not find one in > rfc8200 or rfc4291 and its updates. Instead, text like > MUST set Hop-limit to 1 is repeated in various RFCs using link-local > IPv6 traffic. I believe it depends what you are trying to achieve. If you want to make sure that the traffic never leaves the network - then hop limit = 1 helps. But using link-local sources/destinations would help even better if the routers comply with RFC4291 Section 2.5.6 If you want to make sure those packets are not sent by a malicious party from outside - hop limit shall be 255. For example, see RFC4861 Section 3.1 > Am i overlooking something ? Or is this intentional in the IPv6 architecture ? > > If intentional, i guess it means: Any RFC introducing some type of link-local > traffic can specify Hop-limit requirements for its traffic. As in > "our WG likes 42 as the Hop-limit" (silly to me, but should be fine with > IPv6 architecture then, right ?). > > In one of my draft document reviews using such link-local IPv6 traffic, > EricV brought up the Q if that traffic shouldn't use RFC5082 instead > of Hop-Count 1 too. But given how we do not seem to have architectural > recommendations for TTL=1 (unless, quite likely i overlook something), > and given how i am not aware of any actual use of GTSM, i am quite > weary to go down that route. Aka: Would like learn of actual uses of > GTSM with IPv6. Neighbor Discovery. > There is an additional set of consideration re. link-local traffic > when trying to use it as a HW accelerated tunneling mechanism across links, > a use we both have in ANIMA, and maybe get the same in BIER (probably > other WGs too, not sure). > > In implementations, i have seen quite a range of issues with > accelerated forwarding planes across link-local addressed tunnels, > and when using non-link-local addresses (loopback addresses), > the HW plane forwarding might have issues doing HW forwarding, because > usually TTL=1 is only used for control plane traffic. Of course, > this is not a good architectural argument, but if given architectural > leeway to even choose 42, maybe GTSM/255 is easier to be supported > across various HW accelerated forwarding planes than 1. > > Opinions and experiences welcome! If you control the router I'd say 'link-local source/destination, HL=255 AND RFC4291 would be the best option. I did see a few devices somewhere far away sending me ICMPv6 (packet too big) from their link-local addresses but it was not very common case. -- SY, Jen Linkova aka Furry
- IPv6 link-local traffic questions Toerless Eckert
- Re: [v6ops] IPv6 link-local traffic questions Jen Linkova
- Re: [v6ops] IPv6 link-local traffic questions Mark Smith
- Re: [v6ops] IPv6 link-local traffic questions Toerless Eckert
- Re: [v6ops] IPv6 link-local traffic questions Toerless Eckert
- Re: [v6ops] IPv6 link-local traffic questions Erik Kline
- Re: [Bier] [v6ops] IPv6 link-local traffic questi… Tony Przygienda
- Re: [Bier] [v6ops] IPv6 link-local traffic questi… Toerless Eckert
- Re: [v6ops] IPv6 link-local traffic questions Gyan Mishra
- Re: [v6ops] IPv6 link-local traffic questions Gyan Mishra
- Re: [v6ops] IPv6 link-local traffic questions Karl Auer
- Re: [v6ops] IPv6 link-local traffic questions Ole Troan
- Re: [v6ops] IPv6 link-local traffic questions Gert Doering
- Re: [v6ops] IPv6 link-local traffic questions Gyan Mishra
- Re: [v6ops] IPv6 link-local traffic questions Gyan Mishra
- Re: [v6ops] IPv6 link-local traffic questions Gyan Mishra
- Re: [v6ops] IPv6 link-local traffic questions Toerless Eckert
- Re: [v6ops] IPv6 link-local traffic questions Stewart Bryant
- Re: [v6ops] IPv6 link-local traffic questions Toerless Eckert
- Re: [v6ops] IPv6 link-local traffic questions Tony Przygienda
- Re: [v6ops] IPv6 link-local traffic questions Gyan Mishra
- Re: [v6ops] IPv6 link-local traffic questions Mark Smith
- Re: [v6ops] IPv6 link-local traffic questions Erik Kline
- Re: [v6ops] IPv6 link-local traffic questions Owen DeLong
- Re: [v6ops] IPv6 link-local traffic questions Brian E Carpenter
- Re: [v6ops] IPv6 link-local traffic questions Owen DeLong
- Re: [v6ops] IPv6 link-local traffic questions Gert Doering
- Re: [v6ops] IPv6 link-local traffic questions Brian E Carpenter
- Re: [v6ops] IPv6 link-local traffic questions Owen DeLong
- Re: [v6ops] IPv6 link-local traffic questions Gert Doering
- Re: [v6ops] IPv6 link-local traffic questions Philip Homburg
- Re: [v6ops] IPv6 link-local traffic questions Brian E Carpenter
- Re: [v6ops] IPv6 link-local traffic questions Jen Linkova