IETF Logo Mail Archive

Re: [MBONED] [pim] IGMPv3 backward compatibility issue killing SSM

Hitoshi Asaeda <asaeda@ieee.org> Thu, 21 March 2024 02:02 UTC

Return-Path: <asaeda@ieee.org>
X-Original-To: mboned@ietfa.amsl.com
Delivered-To: mboned@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C454C14F609 for <mboned@ietfa.amsl.com>; Wed, 20 Mar 2024 19:02:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ieee.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gfMroieq9pA3 for <mboned@ietfa.amsl.com>; Wed, 20 Mar 2024 19:02:09 -0700 (PDT)
Received: from mail-pl1-x641.google.com (mail-pl1-x641.google.com [IPv6:2607:f8b0:4864:20::641]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20BC1C14F61D for <mboned@ietf.org>; Wed, 20 Mar 2024 19:02:08 -0700 (PDT)
Received: by mail-pl1-x641.google.com with SMTP id d9443c01a7336-1de0f92e649so3160775ad.0 for <mboned@ietf.org>; Wed, 20 Mar 2024 19:02:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee.org; s=google; t=1710986528; x=1711591328; darn=ietf.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=pAHyk3UVhMxQnCPKEC7XEqWsiAQQsQaR3hXeN3OmPZk=; b=d066dMvetb08sQ4LHjmP+Fz/UysFZoC46Dlmg6cjVi5PCV4DngMV9EPgUKmMdzUAMJ XwPqDiyIyCRApgZKAJlZB1pJj4lVfKpmmnIyxTYYo1Btxayx8RMz4clSZg4Lrs7j1hDV vcgg1Iw7ed5V8O0cXktTX+C5F0IWLaC5RtAWo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710986528; x=1711591328; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pAHyk3UVhMxQnCPKEC7XEqWsiAQQsQaR3hXeN3OmPZk=; b=rQol0gVGC82O7iuv3Hawgxhk9WKMPzZX5hJEb55I3Z+MY5aObQ6IaLsK+mdZMC7YYR 2LVUQVCd4wUd/wa8S0coiWUQncIxWjIoZ+ZoreWSeIv6QbccH/st6PYXb+85WqLOnkmu eHvUHysEp9Gc2JXfx77UOfo0P/IsJ/bQPyzqDmfbsHUFsML1L5qkGsi2S7LSi8rRlDtT fOfbRekaDm5OINnQ6WXYUkOwge4t0wKsDh6WZ7DEFlfLcn0LvgBILH9ENm5E7MIqTAXC GniAIKMMZNZ/rVkhyZdyzM86kbvqQXCZEaN1kIbQiS9eEn3I2soQJfvwBrmS6NvjhKTX PEWQ==
X-Forwarded-Encrypted: i=1; AJvYcCW2qNpEl8wlBLlI7rK4+RINw9SJbPQ/gdy7o1JA9qZbpJ0ZOunSfDP1vA9/fZzYKgA2xb7AlslkX7tzmx0IgJw=
X-Gm-Message-State: AOJu0Yy7bwFKkU2aO7OEjgE8I0CCwxbHq4yb2H2wR+NS0Jw6BKfzqp/p vjpgWALyLCrnnr/u+76Rn1DewqIHmZV3ftj2YLZi9wfj3tRTgHDI7hv80euu6g==
X-Google-Smtp-Source: AGHT+IFn1Lh5SXeSkzsS5zqCVpaveIjNsdJCcctOJIgQLjyemsH3z68sGpHZbl7Tsg2gLoZds2xPbg==
X-Received: by 2002:a17:903:22d0:b0:1e0:1e87:c9d8 with SMTP id y16-20020a17090322d000b001e01e87c9d8mr11331587plg.7.1710986527949; Wed, 20 Mar 2024 19:02:07 -0700 (PDT)
Received: from smtpclient.apple ([123.254.127.131]) by smtp.gmail.com with ESMTPSA id o12-20020a170902d4cc00b001dd7c2ea323sm8125766plg.114.2024.03.20.19.02.04 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 Mar 2024 19:02:07 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.1\))
From: Hitoshi Asaeda <asaeda@ieee.org>
In-Reply-To: <CAHANBtL_-Sd-iLV4TjvX+WwrkQHAU3m6w5dNiniqvWYuZjWtvA@mail.gmail.com>
Date: Thu, 21 Mar 2024 12:01:57 +1000
Cc: Leonard Giuliano <lenny@juniper.net>, Toerless Eckert <tte@cs.fau.de>, "Holland, Jake" <jholland=40akamai.com@dmarc.ietf.org>, Dave Katz <dkatz@juniper.net>, "mboned@ietf.org" <mboned@ietf.org>, "fenner@fenron.com" <fenner@fenron.com>, "pim@ietf.org" <pim@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <85877FB7-A7E1-4EA2-9A15-80E1262ED956@ieee.org>
References: <CAHANBtKf03ukXH4sgwN0WVdkaVXnbRYdAGBDmQK56YXrS-z6yA@mail.gmail.com> <CAHANBtKdfS0cPceqv8_R+ToeGOBdUksH7gArKqegqSt_Q0Sf0Q@mail.gmail.com> <ZXtzwBljE45Og27f@faui48e.informatik.uni-erlangen.de> <EDE809A0-E672-4A3B-9F46-E08ECD3D4C23@akamai.com> <edc9d539-4b6c-f238-54c6-210c152e2065@juniper.net> <e9ed1779-4f43-4f71-b8c3-d813bcea81d1@innovationslab.net> <CAHANBtJ0S8RfVvfcMHO5XKeDMpzN0O4Jn3MFPJXecNpBVNs6gQ@mail.gmail.com> <8c620ad0-2174-4cc4-9df9-5940e1225fac@innovationslab.net> <cd8cbc0b-a69d-3bcd-c107-9cc1c4435feb@juniper.net> <CAHANBtL_-Sd-iLV4TjvX+WwrkQHAU3m6w5dNiniqvWYuZjWtvA@mail.gmail.com>
To: Stig Venaas <stig@venaas.com>
X-Mailer: Apple Mail (2.3731.700.6.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mboned/8ITdk_I35CgnjOctEheZwyIgcp0>
Subject: Re: [MBONED] [pim] IGMPv3 backward compatibility issue killing SSM
X-BeenThere: mboned@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Mail List for the Mboned Working Group <mboned.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mboned>, <mailto:mboned-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mboned/>
List-Post: <mailto:mboned@ietf.org>
List-Help: <mailto:mboned-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mboned>, <mailto:mboned-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2024 02:02:13 -0000

Hi,

Lenny said;

>> But having ~routers~ on a LAN that don't support IGMPv3
>> seems quite another thing. 

That’s right.
If a router that takes a role of forwarding subscribed content on a LAN does not support SSM, the subscribed content must be forwarded through ASM mode. In that case, SSM hosts on the LAN must run the backward compatibility and change their behaviors, fallback.

Stig said;

> To add to this. If a router only supporting IGMPv2 is brought up on
> the LAN, it will break SSM regardless of the querier election if this
> router happens to become the DR. There is no way we can avoid this.
> Also, in general, pretty much anything can go wrong if a rogue router
> or a router with wrong config is present. I think the most common way
> for pim to break is that some device is accidentally becoming the DR
> and not having the correct config.

I thought what we need to clarify in DS IGMPv3/MLDv2 RFCs is that, as Brian mentioned, we can simply add recommended default settings for the compatibility mode variables. That’s all, I thought.

But you remind me of the following four situations.

1. querier = SSM capable, forwarder = SSM capable -> no fallback
2. querier = SSM capable, forwarder = non-SSM capable -> fallback
3. querier = non-SSM capable, forwarder = SSM capable -> no fallback (and SSM capable router must become (replace) querier?)
4. querier = non-SSM capable, forwarder = non-SSM capable -> fallback

I wonder how above 2 and 3 are clearly considered in some RFCs?
If yes, sorry for my ignorance. But if no, don't we need to describe some clear sentences how we can support them?
(Note that above querier and forwarder must be legitimate routers. Considering non-legitimate/broken routers (or malicious queriers) must be considered as well, but I’m sure it would be described in the new DS documents Brian has been kindly working on.)

Regards,

Hitoshi


> One more thing. I don't think we can make any changes that would make
> implementations to 3376 become non-compliant. Hence if anything, we
> can not require implementations to change, at most we can recommend
> something.
> 
> Regards,
> Stig
> 
> On Wed, Mar 20, 2024 at 2:36 PM Leonard Giuliano <lenny@juniper.net> wrote:
>> 
>> 
>> On Wed, 20 Mar 2024, Brian Haberman wrote:
>> 
>> <snipped>
>> |      Personally, it seems like most of the scenarios posited have been related
>> | to old kit or mis-configuration. We can't standardize away those types of
>> | actions. At best, I think we can add recommended default settings for the
>> | compatibility mode variables referenced in section 7.
>> 
>> I think this is good perspective here.  Having old hosts that don't
>> support IGMPv3 is definitely a scenario to consider, as you never know
>> what end users are going to stick on a LAN.  And as we discussed in this
>> thread, the spec does a pretty good job of not breaking SSM when old hosts
>> appear on a LAN.  But having ~routers~ on a LAN that don't support IGMPv3
>> seems quite another thing.  Is this really a common scenario worth
>> considering now?  And wouldn't it just be easier to just turn IGMP off for
>> such old routers if you are worried about them spoiling the SSM fun for
>> everyone else?
>> 
> 
> _______________________________________________
> MBONED mailing list
> MBONED@ietf.org
> https://www.ietf.org/mailman/listinfo/mboned

v2.23.0 | Report a Bug | By Email