IETF Logo Mail Archive

RE: Implications of default-only SADR (was: Re: multi-homing for provider-assigned IPv6 addresses)

Chris Bowers <cbowers@juniper.net> Tue, 12 April 2016 20:47 UTC

Return-Path: <cbowers@juniper.net>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BCA612DCA3 for <rtgwg@ietfa.amsl.com>; Tue, 12 Apr 2016 13:47:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KKf_teTE-m6A for <rtgwg@ietfa.amsl.com>; Tue, 12 Apr 2016 13:47:02 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0115.outbound.protection.outlook.com [65.55.169.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14CA312DC7F for <rtgwg@ietf.org>; Tue, 12 Apr 2016 13:47:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=H/kbYMicAp+anmXB1/0fVRzdwkfKmRZJK169P1jech8=; b=dLGf7MK/w1QKOISLijV5MSJzulAiop2zqlU9FwP6V2kf+YP3ZPU2+j41VvM1H//yeXSvtWKMc36g9pxZpifucUshcMN4MvGOFkynVsRhECSbuMFAuovxG8S2wqeXErFQ6jGOKR1N3pa54ksmpGMpTk3cMshI1mmXjPbozZ8L8K4=
Received: from DM2PR05MB623.namprd05.prod.outlook.com (10.141.157.24) by DM2PR05MB624.namprd05.prod.outlook.com (10.141.157.27) with Microsoft SMTP Server (TLS) id 15.1.453.26; Tue, 12 Apr 2016 20:47:00 +0000
Received: from DM2PR05MB623.namprd05.prod.outlook.com ([10.141.157.24]) by DM2PR05MB623.namprd05.prod.outlook.com ([10.141.157.24]) with mapi id 15.01.0447.029; Tue, 12 Apr 2016 20:47:00 +0000
From: Chris Bowers <cbowers@juniper.net>
To: "otroan@employees.org" <otroan@employees.org>
Subject: RE: Implications of default-only SADR (was: Re: multi-homing for provider-assigned IPv6 addresses)
Thread-Topic: Implications of default-only SADR (was: Re: multi-homing for provider-assigned IPv6 addresses)
Thread-Index: AQHRkN18eNXxcwTD7UKHbaSzuHwX95+E1wrwgAEZkYCAAHaOgIAAN3eAgAAScLCAABJwAIAADp9A
Date: Tue, 12 Apr 2016 20:47:00 +0000
Message-ID: <DM2PR05MB623CFDF88580BD9F95EDC8BA9950@DM2PR05MB623.namprd05.prod.outlook.com>
References: <BY2PR05MB614108C29A178E43A88B9D0A9890@BY2PR05MB614.namprd05.prod.outlook.com> <20160407145506.GD518778@eidolon> <DM2PR05MB623C6B4A94FE8BF2A179620A9950@DM2PR05MB623.namprd05.prod.outlook.com> <E1EC88A3-9745-4F49-8375-FF53325AB2D4@employees.org> <DM2PR05MB623F9FA7D3D2E3BFF955692A9950@DM2PR05MB623.namprd05.prod.outlook.com> <B7ECBBA3-CA67-41D9-A3C7-E398F6638958@employees.org> <DM2PR05MB623EE7D85198293BD380F80A9950@DM2PR05MB623.namprd05.prod.outlook.com> <D029A8F6-A79F-4E83-91D8-16401A87C9A9@employees.org>
In-Reply-To: <D029A8F6-A79F-4E83-91D8-16401A87C9A9@employees.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: employees.org; dkim=none (message not signed) header.d=none;employees.org; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [66.129.239.15]
x-ms-office365-filtering-correlation-id: 8ccb9e6d-34d7-4a89-3142-08d36313986d
x-microsoft-exchange-diagnostics: 1; DM2PR05MB624; 5:OLkyuJJONVJgrGpCcf+RQ0KvqzLcAYdveQQvanQDDtpBOQK7MjfHy71ge1Dr2/mj4g3WyZ0PK8LgOPX+4t250ZW8C0VWkhXhgXv7wCjdsptOocpH1H34bfmv2aSG2YmvHPyd0litT72nCHg1UdDoWw==; 24:eIelRaqAhHII8WGKzhofZ1y8pe8S6OjUgXxiNwQ7PxhEkLSaLd2oMEw1itR/XVaCcTrgbUlyanr1ZUi+V5E7kEc2m069nbJ7eF15+a274QY=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR05MB624;
x-microsoft-antispam-prvs: <DM2PR05MB624D1685BCFA09637DC69A7A9950@DM2PR05MB624.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(138986009662008);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026); SRVR:DM2PR05MB624; BCL:0; PCL:0; RULEID:; SRVR:DM2PR05MB624;
x-forefront-prvs: 0910AAF391
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(13464003)(377454003)(1096002)(9686002)(2906002)(3846002)(2950100001)(15975445007)(77096005)(6116002)(102836003)(5003600100002)(1220700001)(110136002)(74316001)(19580395003)(93886004)(19580405001)(86362001)(1730700002)(5640700001)(5002640100001)(164054004)(81166005)(92566002)(189998001)(586003)(54356999)(5004730100002)(76176999)(50986999)(2351001)(5008740100001)(33656002)(4326007)(122556002)(10400500002)(2501003)(76576001)(3660700001)(106116001)(87936001)(3280700002)(99286002)(11100500001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR05MB624; H:DM2PR05MB623.namprd05.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Apr 2016 20:47:00.0943 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR05MB624
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtgwg/ohIvsTK26Y2lcsED-7D67T380Dw>
Cc: "rtgwg@ietf.org" <rtgwg@ietf.org>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Apr 2016 20:47:04 -0000

Ole,

So here is my summary of the situation.

1) If DHCPv6 with extensions in RFC7078 is used to help the host to select the correct source address, then we could handle even walled garden use cases with default-only SADR.  See details for how this works in http://www.ietf.org/mail-archive/web/rtgwg/current/msg05472.html .  Another assumption would be that DHCP relay could be used so we wouldn't need the (D!=::/0 , S) routes in to reach R7 and R8.  

2) However, if we don't use DHCPv6 with RFC7078 for host source address selection, then Neighbor Discover Router Advertisements need to be extended using a new mechanism like draft-sarikaya-6man-sadr-ra-03 or draft-pfister-6man-sadr-ra-01.  In this case, default-only SADR is not sufficient to support walled gardens because we are relying on the (D!=::/0 , S) routes to be carried in the IGP so that R7 and R8 can then put the (D!=::/0 , S) information into the new ND Router Advertisements.  

Is this more or less accurate?

Thanks,
Chris

-----Original Message-----
From: otroan@employees.org [mailto:otroan@employees.org] 
Sent: Tuesday, April 12, 2016 2:37 PM
To: Chris Bowers <cbowers@juniper.net>
Cc: David Lamparter <equinox@diac24.net>; rtgwg@ietf.org
Subject: Re: Implications of default-only SADR (was: Re: multi-homing for provider-assigned IPv6 addresses)

Chris,

> Consider the topology below.  See https://www.ietf.org/mail-archive/web/rtgwg/current/msg05472.html for a more detailed description of the topology.  For H31 to send a packet to destination B3, H31 must choose a source address from within subnet A3x.

[very nice ASCII art ruined by my stupid MUA]

> For this example, we assume that the R1-R4 originate the following (D,S) routes in the IGP.
> R1 originates a route for (D=::/0, S=A1).
> R2 originates a route for (D=B2, S=A2).
> R3 originates routes for (D=::/0, S=A3) and (D=B3, S=A3).
> R4 originates routes for (D=::/0, S=A4) and (D=B4, S=A4).
> 
> R7 and R8 receive these routes via the IGP.  With the existing mechanisms in Neighbor Discovery Router Advertisements, R7 and R8 can advertise the following PIOs and RIOs.
> PIOs = A4x, A2x, A1x, A3x
> RIOs = B2, B3, B4, B1
> 
> I have intentionally changed the order of the prefixes in the set of PIOs and RIOs to emphasize that there is no required ordering or relationship between prefixes in PIOs and RIOs.
> 
> With only this information, I do not see how H31 can correctly choose a source address in A3x when it needs to send a packet with destination address B3. If this analysis is correct, then it seems like a mechanism like draft-sarikaya-6man-sadr-ra-03 is needed.

I take it B1, B2, B3 and B4 are walled gardens.

What I think you are suggesting is that the host could use a S,D FIB for source address selection. At least type D hosts could. https://tools.ietf.org/html/draft-pfister-6man-sadr-ra-01

RFC7078 is meant to solve this case though.

Best regards,
Ole

v2.23.0 | Report a Bug | By Email