IETF Logo Mail Archive

Re: Thoughts on address selection

Arifumi Matsumoto <arifumi@nttv6.net> Tue, 10 November 2009 02:16 UTC

Return-Path: <arifumi@nttv6.net>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 787353A694D for <ipv6@core3.amsl.com>; Mon, 9 Nov 2009 18:16:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.275
X-Spam-Level:
X-Spam-Status: No, score=-2.275 tagged_above=-999 required=5 tests=[AWL=-0.275, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7qW8qsa1UQen for <ipv6@core3.amsl.com>; Mon, 9 Nov 2009 18:16:48 -0800 (PST)
Received: from mail.nttv6.net (mail.nttv6.net [IPv6:2001:fa8::25]) by core3.amsl.com (Postfix) with ESMTP id 147873A676A for <ipv6@ietf.org>; Mon, 9 Nov 2009 18:16:47 -0800 (PST)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by mail.nttv6.net (8.14.3/8.14.3) with ESMTP id nAA2HB16024036; Tue, 10 Nov 2009 11:17:11 +0900 (JST) (envelope-from arifumi@nttv6.net)
Subject: Re: Thoughts on address selection
Mime-Version: 1.0 (Apple Message framework v1076)
Content-Type: text/plain; charset="us-ascii"; format="flowed"; delsp="yes"
From: Arifumi Matsumoto <arifumi@nttv6.net>
In-Reply-To: <F25A2D83-2504-4354-90BB-4CD2B0D3D743@cisco.com>
Date: Tue, 10 Nov 2009 11:19:03 +0900
Content-Transfer-Encoding: 7bit
Message-Id: <006E53A1-A7C9-4288-9187-F36E86C94CA3@nttv6.net>
References: <F25A2D83-2504-4354-90BB-4CD2B0D3D743@cisco.com>
To: Fred Baker <fred@cisco.com>
X-Mailer: Apple Mail (2.1076)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (mail.nttv6.net [IPv6:::1]); Tue, 10 Nov 2009 11:17:12 +0900 (JST)
Cc: draft-ietf-6man-addr-select-sol@tools.ietf.org, draft-ietf-6man-addr-select-considerations@tools.ietf.org, IETF IPv6 Mailing List <ipv6@ietf.org>, draft-arifumi-6man-addr-select-conflict@tools.ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2009 02:16:49 -0000

Fred,

On 2009/11/10, at 10:42, Fred Baker wrote:

> I'm following up on the discussion just had in 6man regarding  
> address selection. I have this awful feeling that we are fighting  
> off the alligators and forgetting to drain the swamp.
>
> Correct me if I am wrong. The objectives being the source address  
> selection algorithm are to:
>  1) keep a datagram within as local a routing domain as possible
>  2) to facilitate the lowest possible RTT during an exchange
>  3) to work around issues caused by ingress filtering (BCP 38/84)
>
> In short, we recommend that the source, which knows its own  
> addresses, compare them to the known addresses of a potential  
> destination, and choose the address pair that have the largest  
> number of contiguous prefix bits in common. This achieves (1), and  
> in so doing potentially achieves (2), although there are ample cases  
> in which that is not so. Overcoming those failure cases and (3) are  
> the real issue the table in RFC 3484 addresses.
>
> Am I correct?

3) is not the only case that the policy table is designed for.
And, that's the thing the DT are working on.

> It seems to me that at least in part, this is a matter of making  
> very broad assumptions about routing that may not be valid. It seems  
> to me that there are two things we can do reliably. I have mentioned  
> these to you before, in the v6ops context; let me bring them up  
> again. They come down to - if you want the host to make statements  
> about the network, I think it needs to know more than it currently  
> knows about the network, either by measurement or by explicit  
> communication.
>
> I think the simplest solution to (2) is, frankly, to open  
> connections at some rate (if I have N addresses and my peer has M,  
> send a SYN-or-whatever on successive pairs in the cross-product  
> every K milliseconds until I get a SYN-ACK on one of them, and then  
> close all other sessions). The order of selection is determined  
> according to the prefix length algorithm - the fastest responder is  
> likely to be the most local domain, which is likely to be the one  
> with a common prefix. In local scenarios, "open successive sessions"  
> boils down to opening one session; in more remote scenarios, it will  
> tend to select an address pair that (a) works and (b) has low RTT  
> relative to the routing implied by other address pairs.
>
> The simplest solution to (3), if my machine is in an administrative  
> domain facing an ISP, is to have my DMZ router perform the BCP 38  
> filter before the datagram reaches the ISP, and in the failure case  
> reply with some form of ICMP message that says "routing took your  
> datagram to an egress into the ISP with prefix <mumble>; select an  
> address in prefix <mumble>". That will give the host the opportunity  
> to select the correct address to traddle ingress filtering reliably.
>
> Is there another requirement I'm missing? I don't think a table in  
> the host that attempts to outthink the network is reliable or wise.

What we are working on is not to make the host's decision better,
but provide a method for a network administrator to propagate
his policy to the client.


>
> http://tools.ietf.org/html/draft-arifumi-6man-addr-select-conflict
>  "Considerations of address selection policy conflicts", Arifumi
>  Matsumoto, Tomohiro Fujisaki, Ruri Hiromi, 24-Oct-09,
>  <draft-arifumi-6man-addr-select-conflict-01.txt>
>
> http://tools.ietf.org/html/draft-ietf-6man-addr-select-considerations
>  "Considerations for IPv6 Address Selection Policy Changes", Tim  
> Chown,
>  19-Oct-09, <draft-ietf-6man-addr-select-considerations-00.txt>
>
> http://tools.ietf.org/html/draft-ietf-6man-addr-select-sol
>  "Solution approaches for address-selection problems", Arifumi  
> Matsumoto,
>  Tomohiro Fujisaki, Ruri Hiromi, Ken-ichi Kanayama, 1-Jul-09,
>  <draft-ietf-6man-addr-select-sol-02.txt>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email