Re: Thoughts on address selection
Arifumi Matsumoto <arifumi@nttv6.net> Tue, 10 November 2009 02:16 UTC
Return-Path: <arifumi@nttv6.net>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 787353A694D for <ipv6@core3.amsl.com>; Mon, 9 Nov 2009 18:16:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.275
X-Spam-Level:
X-Spam-Status: No, score=-2.275 tagged_above=-999 required=5 tests=[AWL=-0.275, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7qW8qsa1UQen for <ipv6@core3.amsl.com>; Mon, 9 Nov 2009 18:16:48 -0800 (PST)
Received: from mail.nttv6.net (mail.nttv6.net [IPv6:2001:fa8::25]) by core3.amsl.com (Postfix) with ESMTP id 147873A676A for <ipv6@ietf.org>; Mon, 9 Nov 2009 18:16:47 -0800 (PST)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by mail.nttv6.net (8.14.3/8.14.3) with ESMTP id nAA2HB16024036; Tue, 10 Nov 2009 11:17:11 +0900 (JST) (envelope-from arifumi@nttv6.net)
Subject: Re: Thoughts on address selection
Mime-Version: 1.0 (Apple Message framework v1076)
Content-Type: text/plain; charset="us-ascii"; format="flowed"; delsp="yes"
From: Arifumi Matsumoto <arifumi@nttv6.net>
In-Reply-To: <F25A2D83-2504-4354-90BB-4CD2B0D3D743@cisco.com>
Date: Tue, 10 Nov 2009 11:19:03 +0900
Content-Transfer-Encoding: 7bit
Message-Id: <006E53A1-A7C9-4288-9187-F36E86C94CA3@nttv6.net>
References: <F25A2D83-2504-4354-90BB-4CD2B0D3D743@cisco.com>
To: Fred Baker <fred@cisco.com>
X-Mailer: Apple Mail (2.1076)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (mail.nttv6.net [IPv6:::1]); Tue, 10 Nov 2009 11:17:12 +0900 (JST)
Cc: draft-ietf-6man-addr-select-sol@tools.ietf.org, draft-ietf-6man-addr-select-considerations@tools.ietf.org, IETF IPv6 Mailing List <ipv6@ietf.org>, draft-arifumi-6man-addr-select-conflict@tools.ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2009 02:16:49 -0000
Fred, On 2009/11/10, at 10:42, Fred Baker wrote: > I'm following up on the discussion just had in 6man regarding > address selection. I have this awful feeling that we are fighting > off the alligators and forgetting to drain the swamp. > > Correct me if I am wrong. The objectives being the source address > selection algorithm are to: > 1) keep a datagram within as local a routing domain as possible > 2) to facilitate the lowest possible RTT during an exchange > 3) to work around issues caused by ingress filtering (BCP 38/84) > > In short, we recommend that the source, which knows its own > addresses, compare them to the known addresses of a potential > destination, and choose the address pair that have the largest > number of contiguous prefix bits in common. This achieves (1), and > in so doing potentially achieves (2), although there are ample cases > in which that is not so. Overcoming those failure cases and (3) are > the real issue the table in RFC 3484 addresses. > > Am I correct? 3) is not the only case that the policy table is designed for. And, that's the thing the DT are working on. > It seems to me that at least in part, this is a matter of making > very broad assumptions about routing that may not be valid. It seems > to me that there are two things we can do reliably. I have mentioned > these to you before, in the v6ops context; let me bring them up > again. They come down to - if you want the host to make statements > about the network, I think it needs to know more than it currently > knows about the network, either by measurement or by explicit > communication. > > I think the simplest solution to (2) is, frankly, to open > connections at some rate (if I have N addresses and my peer has M, > send a SYN-or-whatever on successive pairs in the cross-product > every K milliseconds until I get a SYN-ACK on one of them, and then > close all other sessions). The order of selection is determined > according to the prefix length algorithm - the fastest responder is > likely to be the most local domain, which is likely to be the one > with a common prefix. In local scenarios, "open successive sessions" > boils down to opening one session; in more remote scenarios, it will > tend to select an address pair that (a) works and (b) has low RTT > relative to the routing implied by other address pairs. > > The simplest solution to (3), if my machine is in an administrative > domain facing an ISP, is to have my DMZ router perform the BCP 38 > filter before the datagram reaches the ISP, and in the failure case > reply with some form of ICMP message that says "routing took your > datagram to an egress into the ISP with prefix <mumble>; select an > address in prefix <mumble>". That will give the host the opportunity > to select the correct address to traddle ingress filtering reliably. > > Is there another requirement I'm missing? I don't think a table in > the host that attempts to outthink the network is reliable or wise. What we are working on is not to make the host's decision better, but provide a method for a network administrator to propagate his policy to the client. > > http://tools.ietf.org/html/draft-arifumi-6man-addr-select-conflict > "Considerations of address selection policy conflicts", Arifumi > Matsumoto, Tomohiro Fujisaki, Ruri Hiromi, 24-Oct-09, > <draft-arifumi-6man-addr-select-conflict-01.txt> > > http://tools.ietf.org/html/draft-ietf-6man-addr-select-considerations > "Considerations for IPv6 Address Selection Policy Changes", Tim > Chown, > 19-Oct-09, <draft-ietf-6man-addr-select-considerations-00.txt> > > http://tools.ietf.org/html/draft-ietf-6man-addr-select-sol > "Solution approaches for address-selection problems", Arifumi > Matsumoto, > Tomohiro Fujisaki, Ruri Hiromi, Ken-ichi Kanayama, 1-Jul-09, > <draft-ietf-6man-addr-select-sol-02.txt> > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > --------------------------------------------------------------------
- Thoughts on address selection Fred Baker
- Re: Thoughts on address selection Brian E Carpenter
- RE: Thoughts on address selection Tony Hain
- Re: Thoughts on address selection Arifumi Matsumoto
- Re: Thoughts on address selection Pekka Savola
- RE: Thoughts on address selection Wes Beebee (wbeebee)
- RE: Thoughts on address selection Mohacsi Janos
- Re: Thoughts on address selection Fred Baker
- Re: Thoughts on address selection Mohacsi Janos
- Re: Thoughts on address selection Brian Haberman
- Re: Thoughts on address selection Mohacsi Janos
- Re: Thoughts on address selection Arifumi Matsumoto
- Re: Thoughts on address selection Arifumi Matsumoto
- Re: Thoughts on address selection Fred Baker
- Re: Thoughts on address selection Fred Baker
- Re: Thoughts on address selection Arifumi Matsumoto
- Re: Thoughts on address selection Arifumi Matsumoto
- Re: Thoughts on address selection Arifumi Matsumoto
- Re: Thoughts on address selection Mohacsi Janos
- Re: Thoughts on address selection Fred Baker
- Re: Thoughts on address selection Scott Brim
- Re: Thoughts on address selection Stig Venaas
- Re: Thoughts on address selection Arifumi Matsumoto
- Re: Thoughts on address selection Markku Savela
- RE: Thoughts on address selection Narasimhan Venkataramaiah
- Re: Thoughts on address selection Scott Brim
- Re: Thoughts on address selection Brian E Carpenter
- Re: Thoughts on address selection Stig Venaas
- Re: Thoughts on address selection Fred Baker
- Re: Thoughts on address selection Fred Baker
- RE: Thoughts on address selection Christian Huitema
- Re: Thoughts on address selection Brian E Carpenter
- Re: Thoughts on address selection Stig Venaas
- Re: Thoughts on address selection Brian E Carpenter
- Re: Thoughts on address selection Stig Venaas
- Re: Thoughts on address selection Mohacsi Janos
- Re: Thoughts on address selection Arifumi Matsumoto
- RE: Thoughts on address selection Dan Wing
- RE: Thoughts on address selection Rémi Denis-Courmont
- Re: Thoughts on address selection Scott Brim
- RE: Thoughts on address selection Dan Wing
- Discussion summary and next-step Re: Thoughts on … Arifumi Matsumoto
- RE: Discussion summary and next-step Re: Thoughts… Dan Wing
- Re: Discussion summary and next-step Re: Thoughts… Fred Baker
- Re: Discussion summary and next-step Re: Thoughts… Arifumi Matsumoto
- Re: Discussion summary and next-step Re: Thoughts… Rémi Denis-Courmont
- Re: Discussion summary and next-step Re: Thoughts… Brian E Carpenter
- Re: Discussion summary and next-step Re: Thoughts… Arifumi Matsumoto
- RE: Discussion summary and next-step Re: Thoughts… Dan Wing
- RE: Discussion summary and next-step Re: Thoughts… Dan Wing
- Re: Discussion summary and next-step Re: Thoughts… Arifumi Matsumoto
- Re: Discussion summary and next-step Re: Thoughts… Arifumi Matsumoto