IETF Logo Mail Archive

Re: [MBONED] IGMPv3 backward compatibility issue killing SSM (was: Re: [pim] pim wglc for 3228bis, 3376bis and 3810bis)

Hitoshi Asaeda <asaeda@ieee.org> Fri, 15 December 2023 06:48 UTC

Return-Path: <asaeda@ieee.org>
X-Original-To: mboned@ietfa.amsl.com
Delivered-To: mboned@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A13A5C14CEFA for <mboned@ietfa.amsl.com>; Thu, 14 Dec 2023 22:48:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ieee.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DAT9zZ1TYsUZ for <mboned@ietfa.amsl.com>; Thu, 14 Dec 2023 22:48:25 -0800 (PST)
Received: from mail-oo1-xc29.google.com (mail-oo1-xc29.google.com [IPv6:2607:f8b0:4864:20::c29]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67BA9C14F61B for <mboned@ietf.org>; Thu, 14 Dec 2023 22:48:25 -0800 (PST)
Received: by mail-oo1-xc29.google.com with SMTP id 006d021491bc7-5908a63a83fso302846eaf.1 for <mboned@ietf.org>; Thu, 14 Dec 2023 22:48:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee.org; s=google; t=1702622904; x=1703227704; darn=ietf.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=pispvys11HNR0RN3ksa6fVw8pWZz8x/cP7kYg+eP8FQ=; b=H2gqs8ih+XXngrDTEuJWw9KO4TU7tTpPSRnVGdrnNoudgIU9I6SR8lgG7PlAvaz5f6 iE4iKNLQUDMYEZPkJAyO/cJl8xpqUnLXgH5Yo6pQj7f+QYnTvs1b7IqaJZJanudMm9wx /zvbHtiBvfguUxN/C0soppYGdAtLQ1oUZYClQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702622904; x=1703227704; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pispvys11HNR0RN3ksa6fVw8pWZz8x/cP7kYg+eP8FQ=; b=biLsB8Sq/Bb7nznlOqY3Uh4URKcDammkDqN2tbpjf62QxrgzBco7qK3Ml6dl97K5uR g1fCn7qSjhVxJ/v5NMHjKQq/HIwhOFaii+tWskGML4FvBK+QajbM/XFURf8tXyaDSGdI YKXgxGdvGXkdrYTyuZ6r2WgNdfYeWdEkP/1lPrH4O0Toe3Md31Y71Ui9XIO5OW2V85Zn 92tT542xeE4HhvaBKX9P/D9NHQqzGjPxYo+iUP7xlE+rnKOss0FAa0IhylDEs89AmYNX 80s/z1LJ/5ZaJA7rb61K9ocVVONbcWg5j1wbFTekQlIgT8tbhdZoGRQuzgLD7ZoboQJH hSLA==
X-Gm-Message-State: AOJu0YwcD9rt4VdGxIE7ZWGsYr/kcUNc0cZwmVh76XkbUOtKPpsnrArb CgBCP/nB/0Xa5gO+QjZPlf2Ekg==
X-Google-Smtp-Source: AGHT+IEMBR0WgpcDHbydq6sQ79CQrVPNUpABZCelwAk0CBQQA+mGxwNWwm3j/RFgWTjxV07YpnYnOQ==
X-Received: by 2002:a05:6359:4593:b0:170:17eb:203e with SMTP id no19-20020a056359459300b0017017eb203emr13712635rwb.39.1702622904074; Thu, 14 Dec 2023 22:48:24 -0800 (PST)
Received: from smtpclient.apple (zz20164245726F66C1A1.userreverse.dion.ne.jp. [111.102.193.161]) by smtp.gmail.com with ESMTPSA id 21-20020a17090a035500b002868abc0e6dsm2558541pjf.11.2023.12.14.22.48.21 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 14 Dec 2023 22:48:23 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.4\))
From: Hitoshi Asaeda <asaeda@ieee.org>
In-Reply-To: <ZXtzwBljE45Og27f@faui48e.informatik.uni-erlangen.de>
Date: Fri, 15 Dec 2023 15:48:19 +0900
Cc: Stig Venaas <stig@venaas.com>, zzhang@juniper.net, brian@innovationslab.net, n.leymann@telekom.de, pim@ietf.org, mboned@ietf.org, fenner@fenron.com
Content-Transfer-Encoding: quoted-printable
Message-Id: <D07DCE90-5B42-4C8F-AD3C-8E9064D9A284@ieee.org>
References: <CAHANBtKf03ukXH4sgwN0WVdkaVXnbRYdAGBDmQK56YXrS-z6yA@mail.gmail.com> <CAHANBtKdfS0cPceqv8_R+ToeGOBdUksH7gArKqegqSt_Q0Sf0Q@mail.gmail.com> <ZXtzwBljE45Og27f@faui48e.informatik.uni-erlangen.de>
To: Toerless Eckert <tte@cs.fau.de>
X-Mailer: Apple Mail (2.3696.120.41.1.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mboned/AbqD9L9OsK7adhlmYZfmYr_OmVA>
Subject: Re: [MBONED] IGMPv3 backward compatibility issue killing SSM (was: Re: [pim] pim wglc for 3228bis, 3376bis and 3810bis)
X-BeenThere: mboned@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Mail List for the Mboned Working Group <mboned.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mboned>, <mailto:mboned-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mboned/>
List-Post: <mailto:mboned@ietf.org>
List-Help: <mailto:mboned-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mboned>, <mailto:mboned-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Dec 2023 06:48:29 -0000

Hi Toerless,

IGMPv3/MLDv2 backward compatibilities are the known issues.
I mentioned them more than two decades.
(https://mailarchive.ietf.org/arch/msg/magma/6DOmd2mscjnv1l1Hflq1D7mE7UM/)

Lightweight IGMPv3/MLDv2 (RFC 5790) hence mentioned as follows;
   In the presence of older version group members, LW-IGMPv3 hosts may
   allow its Report message to be suppressed by either an IGMPv1 or
   IGMPv2 membership report.  However, because the transmission of
   IGMPv1 or v2 packets reduces the capability of the LW-IGMPv3 system,
   as a potential protection mechanism, the choice to enable or disable
   the use of backward compatibility may be configurable.

We (IGMPv3/MLDv2 DS design team, I remember you were also the one:) discussed the backward compatibility problem and decided to mention such configuration operation in the bis drafts.
But, well, I understand the statements (1837-1841) may contradict. Two MUST are orthogonal.

IMO, keeping this backward compatibility mode is Ok, but we should have a mechanism to disable this automatic mode by operation. And disabling the automatic mode should be the default. Therefore,

>  This revision of IGMPv3 version 3 removes automatic fallback to IGMP version 2 and version 1
>  routers on the same network as specified in [RFC3376]. Instead,
>  such older version router behavior MUST be explicitly configured.

I don't think we need to remove the automatic mode. Keep as is but should be disabled by default.

>  IGMPv3 routers MUST have a configuration option, disabled by default, to operate
>  as an IGMPv2 router. When enabled, all procedures of [RFC2236] apply. Configuring this
>  option is necessary in the presence of non-IGMPv3 capable IGMP snooping switches or
>  PIM routers. These are rare but may still be depoyed.

The default should be IGMPv3 only mode. It can be changed to automatic by configuration.

>  When operating in IGMP version 3, routers MUST ignore version 1 and version 2 queries.
>  In version 3, the presence of those older version queries constitutes a misconfiguration
>  or attack, and these messages SHOULD result in logging of an error (rate-limited).

I agree.

> - And in an appropriate part of the host behavior:
> 
>  IGMP version 3 hosts MUST have a configuration option, disabled by default, to ignore
>  IGMP version 1 and version 2 queries. This option SHOULD be auto-enabled when the host
>  is running SSM receiver applications, and hence depends on IGMP version 3 to operate in the
>  network.


Agree.

For your another question regarding the implementation having the configuration option, my very old kernel implementations (see following links) support static configuration to stop backward compatibility mode and change IGMPv3/MLDv2 only mode on host sides by sysctl command;
IGMPv3 kernel: https://web.sfc.wide.ad.jp/~asaeda/igmpv3/index.html
MLDv2 kernel: https://web.sfc.wide.ad.jp/~asaeda/mldv2/index.html
LW-IGMPv3 kernel: https://web.sfc.wide.ad.jp/~asaeda/LW-IGMPv3/index.html
See README on each link for more detail. 

These IGMPv3/MLDv2 kernel implementations were imported into KAME, so some BSD-based kernel may have the similar option, but I'm not sure.

Regards,

Hitoshi


> On Dec 15, 2023, at 6:29, Toerless Eckert <tte@cs.fau.de> wrote:
> 
> Dear pim/mboned:
> 
> I am in WGLC review for rfc3376bis, but i am stumbling across the one IMHO elephant in the room,
> and i thought i should start a separate discussion thread here, and also Cc: mboned, because not
> all ops folks may want to follow pim, but this elephant is i think the main reason why SSM has
> gotten a bad rap in deployments - and we should take the opportunity to fix it in rfc3376bis.
> 
> The elephant IMHO is that rfc3376bis is so far not including changes to IGMPv3 behaviors
> about backeward compatibility with v1/v2 routers on the LAN, and exactly this behavior is
> killing SSM in deployment because any such router when it becomes querier will kill SSM
> ... because hosts will revert to v1/v2 and not report their SSM (S,G) memberships.
> 
> RFC3376 (and currently rfc3376bis too) writes (line numbers from idnits):
> 
> 1837       *  If any older versions of IGMP are present on routers, the querier
> 1838          MUST use the lowest version of IGMP present on the network.  This
> 1839          must be administratively assured; routers that desire to be
> 1840          compatible with IGMPv1 and IGMPv2 MUST have a configuration option
> 1841          to act in IGMPv1 or IGMPv2 compatibility modes.
> 
> The second sentence is either english that i do not understand, or it is in contradiction to
> the first sentence. If there is a configuration option to enable/disable router compatibility
> with IGMPv1/IGMPv2, and i disable this configuration option on my router, then i would
> be in contradiction to the first sentence, wouldn't i ?
> 
> I am also not aware of implementations that do have a configuration option that
> would allow to disable IGMPv1/IGMPv2 backward compatibility - when running IGMPv3.
> 
> In many router operating systems there is a config "ip igmp version [1|2|3]",
> but when it is configured for version 3 (which by now should be the default in all
> router OSs), then the backward compatibility will be active, falling back to IGMPv1/v2
> when an appropriate lower general query is received. Maybe this is what implementors
> thought of when reading 1837-1841, but i would be surprised if thats what was meant.
> 
> If there are routers that have config options to disable this backward compatibility with
> older routers, i would love to learn about it.
> 
> So, my argument is:
> 
> The 1837-1841 functionality of RFC3376 was intended to also allow disabling of IGMPv2/IGMPv3
> router backward compatibility (and one can argue whether or not it was meant to be enabled
> by default). However, this is a feature that was not implemented. Instead, widely deployed
> implementations only implemented automatic fallback - and that turned out to be a non-desirable
> operational behavior of RFC3376. Instead, when users actually did want to have IGMPv2
> behavior on their network, they explicitly configured IGMPv2 router behavior. But did not
> want to rely on automatic fallback. And given how there is in current widely deployed router
> implementations no way to disable automatic fallback, this is the core reason for SSM to
> be highly inreliable, especially in IPTV contexts.
> 
> Hence we should have the freedom to change this now to what would make IGMPv3 behave better,
> especially for SSM:
> 
> - Remove above text from rfc3376 and other text referring to older router queries (1673-1675).
> 
> - Replace with something like:
> 
>  This revision of IGMPv3 version 3 removes automatic fallback to IGMP version 2 and version 1
>  routers on the same network as specified in [RFC3376]. Instead,
>  such older version router behavior MUST be explicitly configured.
> 
>  IGMPv3 routers MUST have a configuration option, disabled by default, to operate
>  as an IGMPv2 router. When enabled, all procedures of [RFC2236] apply. Configuring this
>  option is necessary in the presence of non-IGMPv3 capable IGMP snooping switches or
>  PIM routers. These are rare but may still be depoyed.
> 
>  When operating in IGMP version 3, routers MUST ignore version 1 and version 2 queries.
>  In version 3, the presence of those older version queries constitutes a misconfiguration
>  or attack, and these messages SHOULD result in logging of an error (rate-limited).
> 
> - And in an appropriate part of the host behavior:
> 
>  IGMP version 3 hosts MUST have a configuration option, disabled by default, to ignore
>  IGMP version 1 and version 2 queries. This option SHOULD be auto-enabled when the host
>  is running SSM receiver applications, and hence depends on IGMP version 3 to operate in the
>  network.
> 
> This is about as much as i think we can do if we still want to go full standard with rfc3376bis.
> I can think of no operational deployment where the introduction of devices with existing
> older RFC compatibility would cause interoperability issues. At worst the new router would
> need to be explicitly configured for IGMPv2, which in my experience most routers deployed
> into IGMPv3 environments are done anyhow.
> 
> Comments welcome. Would love to see positive replies in which case i will be happy to  explicitly
> sugest the text changes for this elephant issue to the draft.
> 
> Cheers
>    Toerless
> 
> On Wed, Dec 13, 2023 at 01:08:13PM -0800, Stig Venaas wrote:
>> Hi again
>> 
>> Hoping we can get some more responses here.
>> 
>> I've reviewed it myself, but would be great to have more people
>> reviewing the updates.
>> 
>> WGLC ends in 2 days (the 15th).
>> 
>> Thanks,
>> Stig
>> 
>> On Tue, Nov 28, 2023 at 2:59 PM Stig Venaas <stig@venaas.com> wrote:
>>> 
>>> Dear working group
>>> 
>>> We have been working on progressing these core documents to Internet Standard.
>>> 
>>> The documents are
>>> 
>>> IANA Considerations for Internet Group Management Protocols
>>> https://datatracker.ietf.org/doc/draft-ietf-pim-3228bis/
>>> 
>>> Internet Group Management Protocol, Version 3
>>> https://datatracker.ietf.org/doc/draft-ietf-pim-3376bis/
>>> 
>>> Multicast Listener Discovery Version 2 (MLDv2) for IPv6
>>> https://datatracker.ietf.org/doc/draft-ietf-pim-3810bis/
>>> 
>>> As these are important documents, I am hoping we will get some people
>>> to review these drafts and give us feedback. We did not get any
>>> responses to the previous wglc for these documents.
>>> 
>>> Please respond by December 15th 2023 whether you believe these
>>> documents are ready for publication, and any comments or concerns you
>>> may have. Any input is helpful.
>>> 
>>> Regards,
>>> Stig
> 
> _______________________________________________
> MBONED mailing list
> MBONED@ietf.org
> https://www.ietf.org/mailman/listinfo/mboned

v2.23.0 | Report a Bug | By Email