RE: [NDP] Router autoconfiguration with RS/RA

"Hemant Singh (shemant)" <shemant@cisco.com> Sun, 08 June 2008 12:05 UTC

Return-Path: <ipv6-bounces@ietf.org>
X-Original-To: ipv6-archive@megatron.ietf.org
Delivered-To: ietfarch-ipv6-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 77EBF3A6BA5; Sun, 8 Jun 2008 05:05:15 -0700 (PDT)
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 428A73A6BA5 for <ipv6@core3.amsl.com>; Sun, 8 Jun 2008 05:05:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1EkHTmoUndmh for <ipv6@core3.amsl.com>; Sun, 8 Jun 2008 05:05:12 -0700 (PDT)
Received: from sj-iport-6.cisco.com (sj-iport-6.cisco.com [171.71.176.117]) by core3.amsl.com (Postfix) with ESMTP id EC41E3A6B85 for <ipv6@ietf.org>; Sun, 8 Jun 2008 05:05:12 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.27,608,1204531200"; d="scan'208";a="110250229"
Received: from sj-dkim-3.cisco.com ([171.71.179.195]) by sj-iport-6.cisco.com with ESMTP; 08 Jun 2008 05:05:26 -0700
Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id m58C5QEY022023; Sun, 8 Jun 2008 05:05:26 -0700
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by sj-core-5.cisco.com (8.13.8/8.13.8) with ESMTP id m58C5Q7E026485; Sun, 8 Jun 2008 12:05:26 GMT
Received: from xmb-rtp-20e.amer.cisco.com ([64.102.31.40]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Sun, 8 Jun 2008 08:05:26 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Subject: RE: [NDP] Router autoconfiguration with RS/RA
Date: Sun, 8 Jun 2008 08:05:25 -0400
Message-ID: <B00EDD615E3C5344B0FFCBA910CF7E1D04E41CF1@xmb-rtp-20e.amer.cisco.com>
In-Reply-To: <4849A949.5060509@gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [NDP] Router autoconfiguration with RS/RA
Thread-Index: AcjIGsCmikm5SInERxu5IJBV6AtykgBQ50OA
References: <3a44f430806060528o3ab46c73k863537e53e62275b@mail.gmail.com> <B00EDD615E3C5344B0FFCBA910CF7E1D04E41CDA@xmb-rtp-20e.amer.cisco.com> <4849A949.5060509@gmail.com>
From: "Hemant Singh (shemant)" <shemant@cisco.com>
To: "Alexandru Petrescu" <alexandru.petrescu@gmail.com>
X-OriginalArrivalTime: 08 Jun 2008 12:05:26.0109 (UTC) FILETIME=[EFBA28D0:01C8C95F]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=5674; t=1212926726; x=1213790726; c=relaxed/simple; s=sjdkim3002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=shemant@cisco.com; z=From:=20=22Hemant=20Singh=20(shemant)=22=20<shemant@cisco. com> |Subject:=20RE=3A=20[NDP]=20Router=20autoconfiguration=20wi th=20RS/RA |Sender:=20; bh=3XvMV7qmpm6iA2bgRAEGr3jdURkVlZWc/hVSjrWpS4Y=; b=UTp/bDm/5bPSYk6APeeOezX8XCXQ+eyIgll7s914nzfMcw7fXoJBb84bLm Ed5aRaSM8xmYBMZBfOyI76FayTAX/Yvbu67eiv+wlCZZDptxJcaGNC3Uk5CX ZzMLmleLXx;
Authentication-Results: sj-dkim-3; header.From=shemant@cisco.com; dkim=pass ( sig from cisco.com/sjdkim3002 verified; );
Cc: ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ipv6-bounces@ietf.org
Errors-To: ipv6-bounces@ietf.org

Alex,

See in line below between <hs> and </hs>.
 

-----Original Message-----
From: Alexandru Petrescu [mailto:alexandru.petrescu@gmail.com] 
Sent: Friday, June 06, 2008 5:17 PM
To: Hemant Singh (shemant)
Cc: Silviu VLASCEANU; ipv6@ietf.org
Subject: Re: [NDP] Router autoconfiguration with RS/RA

Hemant Singh (shemant) wrote:
> Silviu,
> 
> A router can receive an RA on the router's upstream

Yes it can.  It uses it to report whether some things went wrong, log
stuff, but don't act.

> and use this RA to autoconfigure the ipv6 address on interface(s) of  
> the router.

Usually no, it can not.  A particular case of a Mobile Router away from
home can auto-configure an address on its egress interface with
stateless autoconf.  But a non-mobile router (not implementing rfc3963)
can't and it shouldn't.

A router is something that forwards packets.  A linux router can't
auto-configure an address once one sets the forwarding=1.  A Cisco
router I have doubts, but it doesn't mean it follows rfc.

<hs> I said in my first reply, I am talking about RFC4861 and 4862 -
core ND RFC's. The questions raised
     were discussing core ND RFC's, not any mobility or RFC3963.
Further, a router has to be configured for data
     forwarding/routing before the router forwards packets - it is this
router configuration that is the point 
     of discussion.
</hs>

> Such a router interface configuration is no different from how a host

> interface statelessly autoconfigures as per ND RFC 4861 and 4862.
> However, ND RFC's do not mandate what does a router implementation do

> for sending RA, configuring network prefixes in the router downstream 
> direction - these are conceptual variables that a router vendor is 
> left to do what they want to do.

Not sure what you mean left to vendors? 

<hs>
I was referring to conceptual router variables from section 6.2.1 of
RFC4861. A router is supposed to provide
such variables as external configuration means, but how a router
implements the variables internally is left
to router vendors. 
</hs>

there are some precisely defined corner cases for configuring routers
downstreams like DHCPv6-PD followed eventually by Router Renumbering.

And, in most cases, assigning addresses to routers is part of a network
planning procedure performed by humans on paper, designed and redesigned
before being deployed; some call it architecting the network.  That's a
good reason for manually (or via SNMP, or other proprietary tool) to
configure addresses on routers, and not with stateless autoconf.

<hs>Ole also replied in this regard. An interface, in host mode, on a
router is legal to autoconfigure its IPv6 address 
    using stateless autoconfiguration. If the upstream RA advertised a
prefix and prefix length to the 
    interface, then interface is also legal to forward packets to that
prefix subnet. The reason is because a host 
    has to add the prefix to Prefix List if on-link L-bit was set in the
received RA. Traffic to host addresses
    that fall within the prefix for on-link is forwarded out by the
interface. Even traffic to an off-link address 
    is legal to send out this interface because the traffic is sent to a
default router. 
</hs>

> 
> As to answering your question which was:
> 
> "Why wouldn't a router be authorized to send Router Sollicitation 
> messages?"
> 
> here is my reply.
> 
> As far as the interface on the router has no RA configured, and the 
> interface is configuring an IPv6 address using stateless 
> autoconfiguration or even manual configuration, this interface is OK  
> to send an RS in the router downstream. However, soon as any RA 
> configuration for router downstream is configured on the network 
> interface, then ND prohibits a router to send any RS.
> 
> Furthermore, I totally agree with Remi on his reply to this question  
> of yours:
> 
> "The same question for autoconfiguring the prefix it advertises on its

> subnets."
> 
> You cannot mix router upstream and downstream operations in random 
> fashion. IPv6 stateless autoconfiguration does not support prefix and

> router configuration of an upstream router. One should be careful 
> discussing router downstream vs. router upstream directions for 
> address configuration, routing configuration, and IPv6 ND RA 
> configuration.

Well I wouldn't even talk upstream/downstream, just routers and maybe
default-free routers are very special.

<hs>The subject of this original discussion is configuration. 
The original discussion also asked a question as to why when a router
downstream sends RA's to hosts
to configure themselves, why couldn't such RA mechanisms be used for
router upstream direction to configure the
router or interface(s) on the router. That is why I raised (and Ole
commented on too) the router upstream vs.
downstream directions. Also, notice that ND RFC4861 and 4862 specify
details for router behavior for sending RA's
in router downstream and how hosts configure themselves on receiving
such RA's. RFC4861 is silent (and rightfully
so) about router behavior related to interactions between ipv6 address
configuration, routing configuration, and IPv6 ND 
RA configuration.
</hs>

Hemant

Alex


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------