IETF Logo Mail Archive

Re: on-link and off-link addresses, side discussion

Simon Hobson <linux@thehobsons.co.uk> Fri, 09 July 2021 15:36 UTC

Return-Path: <linux@thehobsons.co.uk>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 570633A252F for <ipv6@ietfa.amsl.com>; Fri, 9 Jul 2021 08:36:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y3RH-2pzD7mq for <ipv6@ietfa.amsl.com>; Fri, 9 Jul 2021 08:36:32 -0700 (PDT)
Received: from patsy.thehobsons.co.uk (patsy.thehobsons.co.uk [80.229.10.150]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B11013A252E for <ipv6@ietf.org>; Fri, 9 Jul 2021 08:36:27 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at patsy.thehobsons.co.uk
Received: from [192.168.137.104] (unknown [192.168.137.104]) by patsy.thehobsons.co.uk (Postfix) with ESMTPSA id F18FA1BC66 for <ipv6@ietf.org>; Fri, 9 Jul 2021 15:36:16 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
Subject: Re: on-link and off-link addresses, side discussion
From: Simon Hobson <linux@thehobsons.co.uk>
In-Reply-To: <m1m1UrX-0000FWC@stereo.hq.phicoh.net>
Date: Fri, 09 Jul 2021 16:36:16 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <21728EB9-4007-4DF5-9DC5-D943E7551973@thehobsons.co.uk>
References: <162512790860.6559.14490468072475126698@ietfa.amsl.com> <CAFU7BAT0O9nsuhs5FyNjvPfRKY+EM1fLYKaMYTwaPg2QjZAEpA@mail.gmail.com> <61e14cd7-ff37-5380-e547-8a9b6d3993da@gmail.com> <CAFU7BASF-vas+PP2dVNXuqScQArC+joB-fwRGzG3UZnsqq1QJg@mail.gmail.com> <2f1f68a1-8130-45b6-0586-6340f5e0bf9a@gmail.com> <8FC82801-F5FC-4FC3-8946-C37D1420248D@thehobsons.co.uk> <6b51c620-af53-5171-7856-b39471907460@gmail.com> <m1m1UrX-0000FWC@stereo.hq.phicoh.net>
To: 6man <ipv6@ietf.org>
X-Mailer: Apple Mail (2.2104)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/zvsMr-ZutIfZoNroTzgNQTAHuQY>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jul 2021 15:36:38 -0000

Philip Homburg <pch-ipv6-ietf-7@u-1.phicoh.com> wrote:
> 
>> Further, the definition says that "a node considers an address to
>> be on-link it is covered by a particular prefix".  That operation,
>> 'being covered by', is not specified.
>> 
>> One might think of the use of a longest prefiix match algorithm.
>> 
>> A longest prefix match algorithm is defined in that RFC to be used
>> to determine which prefix (from a set of prefixes) 'covers' an
>> address.
>> 
>> On another hand, the definition of 'on-link' says it wants to
>> identify whether a _particular_ prefix 'covers' an address (not to
>> try to identify whether an address matches better one prefix or
>> another).  That is a distinct algorithm from the longest prefix
>> match algorithm.
>> 
>> To give an example: by using a longest-prefix-match algorithm in
>> a normal way (identify which prefix out of a set of prefixes matches
>> better one particular address) one will always 'cover' an address
>> with almost any prefix.  All allocated prefixes start with this
>> '000' triple bits.  So they all cover any address; but in that
>> 'cover' operation one specifically adds that it covers up to 3
>> bits.  The 'cover' operation is successful, but just up to 3.
> 
> I'm confused about what you are trying to say.

Thanks, I was beginning to wonder if it was just me !

> The way I understand it is as follows:
> An RA may contain a prefix that has the onlink bit set. The interface
> is implicitly defined as the interface over which the RA arrives at the
> host, so there is no need to make this explicit. Information in an RA only
> applies to the interface over which the RA arrives.

That was my interpretation as well.

> Then 'covered by the prefix'. Covered by the prefix 2001:db8::/80 means that
> if the first 80 bits of an address are the same as the first 80 bits of the
> prefix, then the address is said to be covered by the prefix. For onlink,
> there is no 64-bit boundary. Any prefix length should work. The prefix
> length determines how many bits are compared to decide on a match.

Agreed.

> Then, in theory there could be overlapping prefixes, some might be onlink,
> some might be not onlink. So in theory we could define a longest matching rule.
> However, this leads to code complexity and there don't seem to be any
> practical use cases for overlapping prefixes, so leaving this undefined
> and assuming that routers do not generate RAs with overlapping prefixes
> seems fine.

I had assumed (yes I know, that's dangerous) that overlapping prefixes would be as allowed as overlapping IPv4 subnets - as in not allowed. It would at the very least be rather poor network design since it would create completely avoidable issues like you described.


Simon

v2.23.0 | Report a Bug | By Email