IETF Logo Mail Archive

Re: [OSPF] OSPFv3 Autoconfiguration - draft-ietf-ospf-ospfv3-autoconfig-05.txt

"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Fri, 07 February 2014 18:45 UTC

Return-Path: <ginsberg@cisco.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BF7E1A0447 for <ospf@ietfa.amsl.com>; Fri, 7 Feb 2014 10:45:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.036
X-Spam-Level:
X-Spam-Status: No, score=-15.036 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j-Wsc1rH6paQ for <ospf@ietfa.amsl.com>; Fri, 7 Feb 2014 10:45:41 -0800 (PST)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 56FC61A03CD for <ospf@ietf.org>; Fri, 7 Feb 2014 10:45:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10119; q=dns/txt; s=iport; t=1391798741; x=1393008341; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=8CjtcRpIKuqEAKVg5xwQEGVm2SJYiseE+7oDzqeqlJk=; b=JdiZ4CrbRx+Raycsg9pWiWcg+/t8VrmK0pIauW5Afw9xsC3ltCrUPpGV ehiPafkIbZ7gNcKHEWcW9kSvFy9VdSLUwHkiQyebVuLKsbqBuM/3RKP7Z RyaX7S8eBMCkTGgkuERYD9ACHN7NoKgiukelk6F6Nt42dcd5MDxHpuUt8 E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ah8FAPAo9VKtJXG9/2dsb2JhbABTBoMMOFe+aIEOFnSCJQEBAQQBAQE3NAsMBAIBCBEEAQEBChQJBycLFAkIAgQOBQgBEodqDcwaF446EgYrBwaDHoEUBKpMgy2CKg
X-IronPort-AV: E=Sophos;i="4.95,802,1384300800"; d="scan'208";a="302608502"
Received: from rcdn-core2-2.cisco.com ([173.37.113.189]) by rcdn-iport-5.cisco.com with ESMTP; 07 Feb 2014 18:45:40 +0000
Received: from xhc-aln-x08.cisco.com (xhc-aln-x08.cisco.com [173.36.12.82]) by rcdn-core2-2.cisco.com (8.14.5/8.14.5) with ESMTP id s17Ijelc015646 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 7 Feb 2014 18:45:40 GMT
Received: from xmb-aln-x02.cisco.com ([169.254.5.180]) by xhc-aln-x08.cisco.com ([173.36.12.82]) with mapi id 14.03.0123.003; Fri, 7 Feb 2014 12:45:40 -0600
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: "curtis@ipv6.occnc.com" <curtis@ipv6.occnc.com>
Thread-Topic: [OSPF] OSPFv3 Autoconfiguration - draft-ietf-ospf-ospfv3-autoconfig-05.txt
Thread-Index: AQHPJCkp/pYRbYVsxUaPEbmLjnjkwpqqGxnw
Date: Fri, 07 Feb 2014 18:45:40 +0000
Message-ID: <F3ADE4747C9E124B89F0ED2180CC814F23C621A3@xmb-aln-x02.cisco.com>
References: Your message of "Fri, 07 Feb 2014 08:31:11 +0000." <F3ADE4747C9E124B89F0ED2180CC814F23C619A9@xmb-aln-x02.cisco.com> <201402071722.s17HMMe5063042@maildrop2.v6ds.occnc.com>
In-Reply-To: <201402071722.s17HMMe5063042@maildrop2.v6ds.occnc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.21.70.211]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: OSPF List <ospf@ietf.org>
Subject: Re: [OSPF] OSPFv3 Autoconfiguration - draft-ietf-ospf-ospfv3-autoconfig-05.txt
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Feb 2014 18:45:44 -0000

Curtis -

Your reply below is talking about things which I think do not directly bear on the value add of what I have proposed.

You mention various ways to insure that a given device assigns the same router-id each time it starts up and ways to insure it picks the same sequence of second/third... choices in the event it has to change its router-id. All good suggestions, but what I am talking about is what we do in the event a conflict occurs despite our best efforts to avoid it. With the current draft content preference is based solely on a fixed identifier (fingerprint) without regard to which choice would minimize disruption to the network. When preference is given to the "old router" to retain its existing router-id this shortcoming is addressed.

Your statement that what I propose is only relevant when two routers go down does not match the scenarios I envision. If I want to add a new device to my network or if I need to replace an existing device in my network I am only affecting one device - but as I am introducing a device with a new fingerprint it is possible that it will introduce a conflict with an existing router-id.

In a subsequent reply you liked the idea of the new device delaying advertising reachability until it is has determined that its router-id choice is not in conflict. The old/new router paradigm supports this strategy by assuring that the old router will not consider changing its router-id until enough time has elapsed for the new router to transition to being an old router.

Finally, what I propose is extremely simple to implement. I think it isn't much of an exaggeration to say that any one of us could have implemented the enhancement in the time it has taken to discuss its merits. So we aren't overengineering for a case which is admittedly very unlikely to occur - we are adding a modest extension to make our solution less disruptive.

   Les


> -----Original Message-----
> From: Curtis Villamizar [mailto:curtis@ipv6.occnc.com]
> Sent: Friday, February 07, 2014 9:22 AM
> To: Les Ginsberg (ginsberg)
> Cc: Acee Lindem; Curtis Villamizar; OSPF List
> Subject: Re: [OSPF] OSPFv3 Autoconfiguration - draft-ietf-ospf-ospfv3-
> autoconfig-05.txt
> 
> 
> In message <F3ADE4747C9E124B89F0ED2180CC814F23C619A9@xmb-aln-x02.cisco.com>
> "Les Ginsberg (ginsberg)" writes:
> >
> > So, I am one person who raised this concern to Acee - but the proposal
> > outlined by Acee is not what I had in mind. There is no need to use
> > "uptime" or to invent some unusual exchange of LSAs prior to Exchange
> > state.
> >
> > Also, in regards to Curtis's comment - it is not DOS attacks that I am
> > trying to mitigate here. As he says if an attacker is in your network
> > and able to originate credible packets no strategy is safe.
> >
> > The motivating use case is to minimize disruption of a stable network
> > when a new router is added or an existing router is
> > replaced/rebooted. In other words non-disruptive handling of the
> > common maintenance/upgrade scenarios.
> >
> > What I have in mind is this:
> >
> > 1) A router needs a way to advertise that it has been up and running
> >    for a minimum length of time - for the sake of discussion let's say
> >    20 minutes. Routers then fall into two categories:
> >
> >   o Old routers (up >= minimum time)
> >   o New routers (up < minimum time)
> >
> > 2) When a duplicate router-id is detected, the first tie breaker is
> >    between old routers and new routers. The old router gets to keep
> >    its router-id and the new router picks a new router-id.  If both
> >    routers are "new" or both routers are "old" then we revert to the
> >    existing tie breakers defined in the document (link local address
> >    for directly connected routers and fingerprint info for
> >    non-neighbors).
> >
> > 3) Advertisement of the "old/new" state requires a single bit - but it
> >    has to be available both in hellos and the new AC-LSA. Adding it to
> >    the AC-LSA is easy to do. For hellos, there are two possibilities:
> >
> >    o Use one of the Options Bits
> >    o Use LLS
> >
> > Be interested in how folks feel about this.
> >
> >    Les
> 
> 
> Les,
> 
> Excluding DoS attack, we are talking about a one in 4 billion case
> (for any two routers, so with 400 routers, still well under one in 1M)
> where two routers hash a MAC address or pick a one time random number
> from out of nowhere and end up with the same number.
> 
> If that does happen (and one in 1M is certainly possible), then it
> would be nice if the routers always ended up with the same router-id.
> This could be accomplished by some fixed method such as hashing a
> constant with the first choice or router-id or using the router-id as
> a seed for the random number generator (which will pick the same
> sequence of random numbers each time).  If this is done, then a
> conflict would always produce the same set of next picks.  The set of
> routers in a given network would always end up with the same
> router-ids once they all came up and if only one went down at a time
> then it would always end up with the same router-id when it came up.
> 
> Zero conf was mainly intended for unmanaged networks (motivated by
> work in the homenet WG).  In these small unmanaged networks it doesn't
> matter which router gets what router-id as long as they end up unique
> and convergence is in a reasonable time relative to keeping eyeballs
> happy.  It could be applied to enterprise or providers but in either
> case having the routers end up with the same router-ids would make for
> easier management.
> 
> For your scenario to matter at all with current rules, both routers in
> the conflict would have to go down.  If only the one that is preferred
> goes down, the other is not going to change its router-id as a result
> so when it comes up it gets its first pick with no conflict.  If the
> one that was not preferred goes down, it comes up, sees a conflict and
> takes its second pick (loses the conflict every time).  It is only if
> they both go down and the one that normally loses the conflict comes
> up first that there is a change in router-id.  That too can be solved
> with a rule that you always come up with the last router-id used.
> 
> Curtis
> 
> 
> > > -----Original Message-----
> > > From: OSPF [mailto:ospf-bounces@ietf.org] On Behalf Of Acee Lindem
> > > Sent: Thursday, February 06, 2014 5:12 PM
> > > To: Curtis Villamizar
> > > Cc: OSPF List
> > > Subject: Re: [OSPF] OSPFv3 Autoconfiguration - draft-ietf-ospf-ospfv3-
> > > autoconfig-05.txt
> > >
> > > Hi Curtis,
> > > I agree and believe the significance of this use case where a new router
> is
> > > inserted into an auto-configured domain has been greater exaggerated.
> > > Thanks,
> > > Acee
> > > On Feb 5, 2014, at 3:58 PM, Curtis Villamizar <curtis@ipv6.occnc.com>
> wrote:
> > >
> > > >
> > > > In message <CF17DD4E.2696B%acee.lindem@ericsson.com>
> > > > Acee Lindem writes:
> > > >
> > > >> The OSPFv3 autoconfiguration draft was cloned and presented in the
> > > >> ISIS WG (http://www.ietf.org/id/draft-liu-isis-auto-conf-00.txt). In
> > > >> the ISIS WG, there was a concern that the resolution of a duplicate
> > > >> system ID did not include the amount of time the router was
> > > >> operational when determining which router would need to choose a new
> > > >> router ID. With additional complexity, we could incorporate router
> > > >> uptime into the resolution process. One way to do this would be to:
> > > >>
> > > >>     1. Add a Router Uptime TLV to the OSPFv3 AC-LSA. It would include
> > > >>        the uptime in seconds.
> > > >>
> > > >>     2. Use the Router Uptime TLV as the primary determinant in
> > > >>        deciding which router must choose a new OSPFv3 Router
> > > >>        ID. Router uptimes less than 3600 (MaxAge) seconds apart are
> > > >>        considered equal.
> > > >>
> > > >>     3. When an OSPFv3 Hello is received with a different link-local
> > > >>     	source address but a different router-id, unicast the OSPFv3
> > > >>     	AC-LSA to the neighbor so that OSPFv3 duplicate router
> > > >>     	resolution can proceed as in the case where it is received
> > > >>     	through the normal flooding process. This is somewhat of a
> > > >>     	hack as the we'd also need to accept OSPF Link State Updates
> > > >>     	from a neighbor that is not in Exchange State or greater.
> > > >>
> > > >> An alternative to #3 would be to use Link-Local Signaling (LLS) for
> > > >> signaling the contents of the OSPFv3 AC-LSA. However, you'd only want
> > > >> to send the Router-Uptime and Router Hardware Fingerprint when a
> > > >> duplicate Router-ID is detected. This requires implementing the
> > > >> resolution two ways but may be preferable since it doesn't require
> > > >> violating the flooding rules.
> > > >>
> > > >> In any case, I'd like to get other opinions as to whether this problem
> > > >> is worth solving.
> > > >>
> > > >> Thanks,
> > > >> Acee
> > > >
> > > >
> > > > Acee,
> > > >
> > > > If the basis for router-id on boot up results in a fixed value, and if
> > > > a duplicate will occur on a give network, then which of two duplicate
> > > > routers gets that value may change after one of them reboots.  If
> > > > uptime is not considered, it will never change as long as one router
> > > > stays up at any given time.
> > > >
> > > > We are talking about a very low probability event (a duplicate) except
> > > > if this is a DoS attack and then either using or not using uptime
> > > > won't matter since the attacker will claim an impossibly long uptime.
> > > >
> > > > Curtis
> > >
> > > _______________________________________________
> > > OSPF mailing list
> > > OSPF@ietf.org
> > > https://www.ietf.org/mailman/listinfo/ospf

v2.23.0 | Report a Bug | By Email