IETF Logo Mail Archive

Re: [v6ops] Revision of the SLAAC/renum I-D (Fwd: New Version Notification for draft-gont-6man-slaac-renum-01.txt)

Jen Linkova <furry13@gmail.com> Thu, 21 February 2019 04:25 UTC

Return-Path: <furry13@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C35C129441; Wed, 20 Feb 2019 20:25:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Level:
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rj5FhUqmVywL; Wed, 20 Feb 2019 20:25:21 -0800 (PST)
Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 39ECD129532; Wed, 20 Feb 2019 20:25:21 -0800 (PST)
Received: by mail-qt1-x836.google.com with SMTP id z25so8321689qti.13; Wed, 20 Feb 2019 20:25:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=PAanPXFCTZFy5iwk2bSihXyjlhQLYE7x/qw4AvhNIAU=; b=hjGm3S7Dg8B0J76cNLMy1/HZ12Nw5t0S+MaT3/h1TCFfKpNraFWlAhFwSr5JPgDGsa x14rCDCRqTM0O6vOb7RKK0b6pQziSukU5V3jDCyezcy1TjBUfMXzw0gd9TmYGm09K1Yo Gc+FE1CtOItyQz3ZSmDZPaoZm+e4tnacMfkha1yyM/1yeBfzG0xPDknS0V6MPdGoW67B FV275SpFBADDX8fV1LBWGYrSDpY52HHX0rIdHWzFilTDjn//1hL3JuGB45yyx3rTGXU7 PBkGjpt5dr6LZaSfeq0lKPqALZDfRnFURRU7CiF5St9vgfiuI9uLEZGtvKZ/S/g/5zVr 8yOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=PAanPXFCTZFy5iwk2bSihXyjlhQLYE7x/qw4AvhNIAU=; b=PtuyihlmgauMANNmYc/+QTRrDUHulSHMuzDlMy/bd6yhmzx0LZinfTev/xNOoBhmV/ gMt2jFftAWDzrJZkbjRUrC8b1cTdAXgL7Olilv+5UPZTnSDOb0oyQjStizg+WlwjwT+m fr1UBe3m/oElGNE3uyEJLTfwj6+ThUjslQvdmYcFwnkMcOwP5vEXgyPxOUkoI1ZgyxuI cMWN9DuwI7hLxQeKxquNv+NCdObEBcUC3ES7t1irnHk6ELq24D7fxcx+L+5dJKkoTHxv U9FYr5rrB6qOrcd+/jej4orlJotU52LYNCkLZ/dWYo59t2vuIxSFU4b6zSLyU5g4aZCc tC8Q==
X-Gm-Message-State: AHQUAuZ5gA1aR40/ATg8+IDCDNeYUXCo95wuZLz1bohS9hC5jFFQ7Rsy 4UvhYQ/M8mABob3AlHBdJL0nVkzT0och8le63wAw1OX+
X-Google-Smtp-Source: AHgI3Ib1I0pgKYiuTVnoNAHRjGRIn3+joT5x4XMyzSIJZSKe5xHqBJpcoQcaUMYL0k6JuHhJL0KaNII60zlN5TZATW8=
X-Received: by 2002:ac8:3802:: with SMTP id q2mr23163185qtb.325.1550723119894; Wed, 20 Feb 2019 20:25:19 -0800 (PST)
MIME-Version: 1.0
References: <155053352190.25856.12031845488827430669.idtracker@ietfa.amsl.com> <fe9eecc0-b41a-53c5-5e17-7f8d732cb7cf@si6networks.com> <CAFU7BARkjRQ3k1wE7SQysf8+_AageKYd9BxC9-J89UFrB2mGwg@mail.gmail.com> <f0d9e07d-b065-c300-cd44-9629ccd7dbb3@si6networks.com>
In-Reply-To: <f0d9e07d-b065-c300-cd44-9629ccd7dbb3@si6networks.com>
From: Jen Linkova <furry13@gmail.com>
Date: Thu, 21 Feb 2019 15:25:08 +1100
Message-ID: <CAFU7BARCtboC1_sv-6=e=Hanzrrvmwg096ZFFp5t4exYSqhPLg@mail.gmail.com>
Subject: Re: [v6ops] Revision of the SLAAC/renum I-D (Fwd: New Version Notification for draft-gont-6man-slaac-renum-01.txt)
To: Fernando Gont <fgont@si6networks.com>
Cc: "6man@ietf.org" <6man@ietf.org>, IPv6 Operations <v6ops@ietf.org>, "Jan Zorz @ go6.si" <jan@go6.si>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/tiqGwU04hq5c0ErXG2ZrIBInV8w>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2019 04:25:23 -0000

On Wed, Feb 20, 2019 at 8:49 PM Fernando Gont <fgont@si6networks.com> wrote:
> > - (sorry if I missed another thread on it - I'm catching up with
> > emails slowly): any reason for setting Valid Lifetime to 0 as well? It
> > looks to me that just deprecating the prefix would be enough..What
> > would be a benefit of completely removing an address already
> > deprecated?
>
> You mean in the host-side algorithm specified in Section 5.1.3? The
> benefit would be garbage collection. -- another alternative would be,
> instead removing the addresses, reduce the current Valid Lifetime -- say
> to 10 minutes or whatever, so that the stale addresses do not stay
> around forever. (if SLAAC was using sensible timer values, you wouldn't
> need these... but you probably don't want stale addresses to stay around
> for one months, as per the default "Valid Lifetime").

Do we have any data on how much pain this is causing? I  mean those
addresses are not staying forever,
just one month  in the worst case scenario. So they will disappear eventually.
On the other hand if I have an tcp session opened - why do we need to
kill it in 10 mins?
I agree that default times should be more reasonable, so I agree that
defaults should be changed and depend on the
AdvDefaultLifetime.

Speaking of exact numbers - how did you come up with values? Just
curious if the is any background for choosing them...

> > - "After normal processing of Router Advertisement messages, Router
> >    Advertisements that contain at least one PIO MUST be processed as
> >    follows" - I'd suggest you make it explicit that PIOs must of of
> > the global scope. I did see CPEs including PIOs for fe80::/64 (and
> > AFAIR such behavior is not explicitly prohibited);
>
> Item b) in Section 5.5.3 says:
>     b)  If the prefix is the link-local prefix, silently ignore the
>       Prefix Information option.
>
> albeit not with normative language. But, anyway, if you've seen CPEs
> send them, we better make this explicit!

I must be blind, I can not see that sentence in the draft ;(

> I've never seen a scenario where information actually needs to be split
> among multiple RAs. I have a hard time thinking of filling up a whole RA.

Let's wait for the new shiny world of mPVD to come...

> > -  as I've mentioned earlier, it would be nice not to break other
> > scenarios while fixing DHCP-PD case. So what do you think about
> > modifying the algorithm so the addresses are deprecated only if *all*
> > routers the PIO has been received from stopped advertising it? Again,
> > my point is that while proposed behavior *does* help in a single-homed
> > residential case, it would be nice to keep in mind other cases and
> > avoid breaking them;
>
> Yes, we should update the algorithm as you suggest.
>
> Thinking our loud: best thing would probably be that, in the case the
> prefix has been advertised by multiple routers, it is dis-associated
> with the prefix that ceased advertising it. Otherwise, you might end up
> sending packets sourced from that prefix to the next-hop router that has
> ceased advertising it.  That is, if multiple routers were advertising a
> prefix, and one has ceased advertising it, you want packets sourced from
> that prefix to use a next-hop router that keeps advertising the prefix.

So...it looks to me that the only change should be:
- if a host supports prefix <> advertizing router mapping and supports
the Rule 5.5:
   --  deassociate prefix - next-hop if the given router stops advertizing it;
   -- deprecate the prefix if there is no routers advertizing it;

Then the default address selection takes care of selecting the right
source address.
No need for complex algorithm described in the draft (and potential
implementation bugs).

If the host does not support Rule 5.5 + prefix<>next-hop mapping, this
draft (PIO processing part) would not work for them anyway.

Combined with reduced default timers it should help significantly (at
least for hosts and routers implementing this..)

> > - the proposed changes say that PIOs MUST be processed as
> > follows....and relies on hosts tracking prefix <> nexthop as per
> > RFC8028...However RFC8028 (and RFC8504) uses  'SHOULD' ...so it seems
> > to be inconsistency here..If a host does not implement RFC8029, all
> > those MUST in the draft do not make much sense.
>
> That's a good point. I wonder if we should change the "MUST" to
> "SHOULD", or whether we should stick to "MUST" with a rationale of "a
> host that implements this standard MUST implement RFC8028 and MUST
> process PIOs as follows..."

See above. All we need to do in terms of PIO processing by a host is
to say 'host SHOULD refresh prefix-next-hop mapping while processing
RAs' (which would mean 'remove all mappings for that next-hop if they
are not in that RA you are processing') and 'host SHOULD deprecate
addresses with no next-hops'.

Even if you say 'MUST' here (and explicitly state 'MUST implement
RFC8028') it would only mean 'hosts MUST support a standard which says
they SHOULD do smth' => effectively that requirement means 'SHOULD'.

> Thinking out loud: I wonder if support for RFC8028 should have actually
> been a MUST in RFC8504 -- reality is that in many multiprefix/multihomed
> scenarios, if you don't do RFC8504 it's quite likely your packets will
> be dropped -- i.e., an interoperability issue that would have warranted
> a "MUST" for 8028.

See above. Then 8028 should have said 'MUST support rule 5.5
-- 
SY, Jen Linkova aka Furry

v2.23.0 | Report a Bug | By Email