[pim] IGMP v3 update - clarification about which router queries cause version fallback

Phil Karn <karn@ka9q.net> Tue, 30 July 2024 04:54 UTC

Return-Path: <karn@ka9q.net>
X-Original-To: pim@ietfa.amsl.com
Delivered-To: pim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B568C14F748 for <pim@ietfa.amsl.com>; Mon, 29 Jul 2024 21:54:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ka9q-net.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PhPNpZpM4w3C for <pim@ietfa.amsl.com>; Mon, 29 Jul 2024 21:54:40 -0700 (PDT)
Received: from mail-pf1-x429.google.com (mail-pf1-x429.google.com [IPv6:2607:f8b0:4864:20::429]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C3F4C14F6AA for <pim@ietf.org>; Mon, 29 Jul 2024 21:54:40 -0700 (PDT)
Received: by mail-pf1-x429.google.com with SMTP id d2e1a72fcca58-70d2b921cd1so3587491b3a.1 for <pim@ietf.org>; Mon, 29 Jul 2024 21:54:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ka9q-net.20230601.gappssmtp.com; s=20230601; t=1722315279; x=1722920079; darn=ietf.org; h=content-transfer-encoding:autocrypt:subject:from:content-language :to:user-agent:mime-version:date:message-id:from:to:cc:subject:date :message-id:reply-to; bh=2t5N8byPK49q/bYzKNMkiq/K0o+uS/bAKTuiLURqfaA=; b=QY616+sWe17jJmtH5U6xOKIqLQrQP3Mij0QJlesI1onXIps8Ov6JipQ37PfynWGiQF dk16lObOG6p1mciMfMpL2MFqWNZDZEclysJym/gxKXmqcmrmM8x6zkzyJOLgSWgCnCn9 4Hm3isDLVAeF8VyN16a0381saAETDv4uHuY15FCb0bA7Gb6WVvbKa8qdTW2e9pq6e2Ah K8mZnwYV5in8RDL3QnV18JFjps1C33BavbP1P7E2ClitIBBaE1e0tKyn0vH7ZIDfp7b/ VDlwByOkyt4Qa1SKpEkrUEaMlztWPmk2Z2ojLKyvU8qXUIyiv0AukVVAarBx04S/Kr8U j7RQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722315279; x=1722920079; h=content-transfer-encoding:autocrypt:subject:from:content-language :to:user-agent:mime-version:date:message-id:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=2t5N8byPK49q/bYzKNMkiq/K0o+uS/bAKTuiLURqfaA=; b=NrTTvt6a50zMcxmOKPlFo3BMLVvSTlxw65UP1JgfLPcT/rqyI5ddmTsOKBPt1ydAy1 QlDg1orwj+U+48qNd0pdHWxA2WZkj0mNCY5cEyKlSwjuE3vPvfcH9+k9auXCEkT8CH92 ktuzhvtH82cIA/vV6++xmegVHfIPYgR9p3gOLM01vBPEb0kXA0znUQWmcxKafjdUamNh +vbVEdcOVEja6XX1mPWHROKk7kE3ZlgW86/cmARg99MRvvLBrrdHrR2fBtmB55i/d1na qRXeTezFI3h6+/A1Id+jYYFr04Wj0080Ii82vPyBIoJcGwPngO2T3lIkBoSXvc0ZPndW 01sQ==
X-Gm-Message-State: AOJu0Ywoc3c+HRsM29pJ3afe+rF6LjoEF9VvYa7mxef0S0mhsxs5LE/y W/prwJIuJE2MsJ2/sM89xMrQGxO8hOl/0aBUfYH/uDRP0IXn1ITY8quQqx8DFuFeiZJIAGuiQXQ =
X-Google-Smtp-Source: AGHT+IGLd+xdJm/G3/qxTXzl/2uMfCsD4U00NPed15Zu/h4cWXG5L9FncucV1QrDdQQQlIb1Iyk56w==
X-Received: by 2002:a05:6a21:1583:b0:1c1:e75a:5504 with SMTP id adf61e73a8af0-1c4a129fe7dmr14115859637.15.1722315278908; Mon, 29 Jul 2024 21:54:38 -0700 (PDT)
Received: from ?IPV6:2603:8001:5900:6e22:394a:6bf9:62a8:bfdf? ([2603:8001:5900:6e22:394a:6bf9:62a8:bfdf]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-70ead8a3a86sm7568893b3a.205.2024.07.29.21.54.37 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 29 Jul 2024 21:54:37 -0700 (PDT)
Message-ID: <9a4ab4e0-a5aa-4c9b-bf02-01fd070858a8@ka9q.net>
Date: Mon, 29 Jul 2024 21:54:36 -0700
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: pim@ietf.org
Content-Language: en-US
From: Phil Karn <karn@ka9q.net>
Autocrypt: addr=karn@ka9q.net; keydata= xsBNBEw2mJ4BCADELiPsLFHDwapoSU7d2xNHxmwzzrFUCZWhO34kM6G5+o9GUNmGgMQ0BmXp I6hx77HHnrj9FC6kWh/bxBt3+o8HW+NTWzJSvf6kW7ThaNt7v9iewkS23JOMarAZs4qy6MhT 1RW1/yWY7RimWxrmkKPTKKa0Ad4CWT6fcP3t+doqGslSQIeoTh0C33ZT+LY59Wcr224iXohN 4Uu/nFe4yAHjtA+4Sesveo3Tyi8cbOgkcO6vij+pXesCcuhtGMlnE2dxRqbenrfVGLUVxNug LkQdLWezaGGm+dcjWYk1xjtaDnsCpVaYCMsfYNADQPJAjAFu37pVdoXhseVXfzOUN2EXABEB AAHNGVBoaWwgS2FybiA8a2FybkBrYTlxLm5ldD7CwHgEEwECACIFAkw2mJ4CGwMGCwkIBwMC BhUIAgkKCwQWAgMBAh4BAheAAAoJEPFOQ1TtRjRGU98H/Atsb/N4lNbzNdzdIRcHD9XgCEa1 UdR4mxgjwvLxS1nYRNdHwfTxvA5nxWfMx/0CB26VaNFdI3lkg/S0vYsSUu6M7l8Zb8v4JMyU 4B4yvkFHZ3II5oilzIMa3e2cMfDz7TSwO1JcXyI5y9vHnvH65/LQF+QojDgzf3vXKiNdTXJp 3nEa5IgMAB0rcSNsXFx8xbHi8s5niL9+1I7XTPvVMeXrMe8h4AG1nM/dK96WwmV+tLyXKYXn xVeb9F4X9CNQbkn/xAH+egvKHHT3V7K9cAhrDfu9Qwpo7zKk/akBpLWG2kmkTOfhXjm3UQhv MVgDmpeQIYa1HgAsKrsDQMzrIFnOwE0ETDaYngEIAJmFdm0MmENzLEosD1FvGPJleWDYb0ah 8dOk4XUug1RhW40f7AsugT75pKs9PolXt92920GdU727X3Jpgdj4kLDtIQA0KZrOXiEOZjIZ WcROAyvTGyMs/P7Um1AGNM161Ga6/Wtlc076FN7EUQtzPbthH26M3lGWUX0Ccls/8Ep4qbnF IrMRBxjaxKbqfKPTeU10pDykzA7s5hiNe7qaegvqD6YLseZ+6FqCn988YnLiIaFeNbWxUY5G spjAsfesnAmpn5vhUqAGiizkNlAMIN31xvpLd93oM4/vORszIuN1UP2RlxL3s30BncZl2XOd Mk1/59Sy70zVqF1ANyMrA18AEQEAAcLAXwQYAQIACQUCTDaYngIbDAAKCRDxTkNU7UY0Rszt B/9ZPH9xw47lPkVJRbhgf0G7fdsxsyiuouAqOKklUNFSy4+qeGomjwE6YvdMybwGtaUGla7t 2mDzrva+7Gzb0inXIgmahQPmM16F3GVxGoFL+QJ+7gD8Hco6e0/2kju7ZREDE7SOEwKb3lhD eNLccfX2AqAHfCT/LVLbgBpMRmwUJQThM+33Z2L9BqIM3awj2mOTmeDumpxiDfroU90mGc9c pXe4YrNIkL/N8eMzLe1bpu+mpPCiIrEO+dFA7N8jjVcOCQ4Lr8sU6cOsEdkaACZiNFKT99eb NkKigK8sEkDZc/AKhPCEsnaZpwBZPScOL88LLi7FHj9Osznt+uhWfbLe
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Message-ID-Hash: 4Y5HDIEG55RDLMBPS37MQHAU3QYD2JX2
X-Message-ID-Hash: 4Y5HDIEG55RDLMBPS37MQHAU3QYD2JX2
X-MailFrom: karn@ka9q.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-pim.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [pim] IGMP v3 update - clarification about which router queries cause version fallback
List-Id: Protocol Independent Multicast <pim.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/pim/Xs-ssTtfmJltbHjwQzLucCgcH8M>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pim>
List-Help: <mailto:pim-request@ietf.org?subject=help>
List-Owner: <mailto:pim-owner@ietf.org>
List-Post: <mailto:pim@ietf.org>
List-Subscribe: <mailto:pim-join@ietf.org>
List-Unsubscribe: <mailto:pim-leave@ietf.org>

Hi. I'm been trying to figure out why Linux on my network keeps falling 
back to IGMPv2, and I've found out why. I may need a clarification to 
RFC3376.

At first, all works fine. My snooping switch issues an IGMPv3 general 
membership query and my Linux system answers with IGMPv3 membership 
messages. Great.

Then my Linux system sees a IGMPv2 group-specific query for 224.0.0.251 
(the multicast DNS group). Since I'm running avahi-daemon (the mDNS 
service daemon) this elicits an outgoing IGMPv2 membership report for 
224.0.0.251. Then subsequent IGMPv3 general membership queries elicits 
IGMPv2 (not v3) membership reports for all my other multicast group 
memberships.

I believe this is a bug in Linux, but I want to make sure RFC3376 says 
what I think it says.

RFC3376 says an IGMPv2 general query should change the interface version 
to IGMPv2 and start the IGMPv2 querier-present timer, after which the 
interface reverts to v3 if enough time goes by without another IGMPv2 
general query. But it does not explicitly say that ONLY a IGMPv2 GENERAL 
query should do this -- that a group-specific IGMPv2 query should NOT 
cause the interface to drop into IGMPv2 mode even if we're a member of 
that group.

The problem is that buggy Apple devices frequently and gratuitously join 
and leave 224.0.0.251, and these devices don't speak IGMPv3. Whenever 
one leaves, the querier correctly issues a group-specific query to see 
if any other members are left -- and this group-specific query knocks 
Linux back to IGMPv2. Since these Apple devices gratuitously join and 
leave more rapidly than the IGMPv2-querier-present timer expires, the 
situation persists. IGMPv3 becomes unusable on my network.

So is it the intent of RFC3376 that ONLY a *general* IGMPv2/v1 query 
should trigger the version fallback logic, or should a group-specific 
IGMPv2 query do the same?

To summarize:

1. RFC 3376 is arguably vague about exactly which membership queries 
should invoke a version fallback. All IGMPv2/v1 queries, or only general 
ones?

2. Linux interprets any IGMPv2 membership query - not just a general 
query - as triggering a fallback. Right now I don't know if this is 
correct behavior or an honest misunderstanding of a vague specification.

3. Apple really should get with the program and implement IGMPv3. It's 
only what, 22 years old?

4. Apple really should get with the program and stop explicitly joining 
a very popular link-local multicast address (224.0.0.251) that every 
host is supposed to be an implicit member of anyway.

5. Apple really should get with the program and stop gratuitously 
leaving and re-joining said link-local multicast group.

But I'm only asking this list to address point #1. Should group-specific 
IGMPv2 membership queries trigger a version fallback until the IGMPv2 
Querier Present timer expires? Or should only general queries do so?

--Phil