Re: [shim6] Unknown locator [WG Last Call fordraft-ietf-shim6-multihome-shim-api]
"Henderson, Thomas R" <thomas.r.henderson@boeing.com> Mon, 21 December 2009 18:13 UTC
Return-Path: <thomas.r.henderson@boeing.com>
X-Original-To: shim6@core3.amsl.com
Delivered-To: shim6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2A41E3A6A8E for <shim6@core3.amsl.com>; Mon, 21 Dec 2009 10:13:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yOvazi5rINuz for <shim6@core3.amsl.com>; Mon, 21 Dec 2009 10:12:58 -0800 (PST)
Received: from blv-smtpout-01.boeing.com (blv-smtpout-01.boeing.com [130.76.32.69]) by core3.amsl.com (Postfix) with ESMTP id B38B328C0F7 for <shim6@ietf.org>; Mon, 21 Dec 2009 10:12:56 -0800 (PST)
Received: from blv-av-01.boeing.com (blv-av-01.boeing.com [130.247.48.231]) by blv-smtpout-01.ns.cs.boeing.com (8.14.0/8.14.0/8.14.0/SMTPOUT) with ESMTP id nBLICQUk007751 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 21 Dec 2009 10:12:26 -0800 (PST)
Received: from blv-av-01.boeing.com (localhost [127.0.0.1]) by blv-av-01.boeing.com (8.14.0/8.14.0/DOWNSTREAM_RELAY) with ESMTP id nBLICQlw022567; Mon, 21 Dec 2009 10:12:26 -0800 (PST)
Received: from XCH-NWHT-08.nw.nos.boeing.com (xch-nwht-08.nw.nos.boeing.com [130.247.25.112]) by blv-av-01.boeing.com (8.14.0/8.14.0/UPSTREAM_RELAY) with ESMTP id nBLICQ7s022555 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=OK); Mon, 21 Dec 2009 10:12:26 -0800 (PST)
Received: from XCH-NW-10V.nw.nos.boeing.com ([130.247.25.85]) by XCH-NWHT-08.nw.nos.boeing.com ([130.247.25.112]) with mapi; Mon, 21 Dec 2009 10:12:25 -0800
From: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
To: 'Shinta Sugimoto' <shinta.sugimoto@ericsson.com>, Brian E Carpenter <brian.e.carpenter@gmail.com>
Date: Mon, 21 Dec 2009 10:12:25 -0800
Thread-Topic: Unknown locator [WG Last Call fordraft-ietf-shim6-multihome-shim-api]
Thread-Index: Acp89uTD7ECcjlo5R5yeHzsVKcuvLwCLbuFgAGVeWiAAXRNKcAAN6A8w
Message-ID: <7CC566635CFE364D87DC5803D4712A6C4C1CAF19B2@XCH-NW-10V.nw.nos.boeing.com>
References: <D20B2D29-D285-43A0-A1F8-AA12055059B5@apnic.net><4B246C43.903000 3@gmail.com><541EE6CB2B85BE4389E2910C9B4BC77E01C40860EC@ESGSCCMS0002.eapac. ericsson.se><4B269750.8040505@gmail.com><541EE6CB2B85BE4389E2910C9B4BC77E01 C40C6E71@ESGSCCMS0002.eapac.ericsson.se><7CC566635CFE364D87DC5803D4712A6C4C1CAF19AD@XCH-NW-10V.nw.nos.boeing.com> <541EE6CB2B85BE4389E2910C9B4BC77E01C5081A80@ESGSCCMS0002.eapac.ericsson.se>
In-Reply-To: <541EE6CB2B85BE4389E2910C9B4BC77E01C5081A80@ESGSCCMS0002.eapac.ericsson.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "shim6@ietf.org" <shim6@ietf.org>, Kristian Slavov <kristian.slavov@ericsson.com>, "miika@iki.fi" <miika@iki.fi>
Subject: Re: [shim6] Unknown locator [WG Last Call fordraft-ietf-shim6-multihome-shim-api]
X-BeenThere: shim6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SHIM6 Working Group Mailing List <shim6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/shim6>, <mailto:shim6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/shim6>
List-Post: <mailto:shim6@ietf.org>
List-Help: <mailto:shim6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shim6>, <mailto:shim6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Dec 2009 18:13:03 -0000
Shinta, some more responses inline below > -----Original Message----- > From: Shinta Sugimoto [mailto:shinta.sugimoto@ericsson.com] > Sent: Monday, December 21, 2009 3:38 AM > To: Henderson, Thomas R; Brian E Carpenter > Cc: shim6@ietf.org; Kristian Slavov; miika@iki.fi > Subject: RE: Unknown locator [WG Last Call > fordraft-ietf-shim6-multihome-shim-api] > > Hi Thomas, > > Thanks for your comments and please find my responses inline. > > > -----Original Message----- > > From: Henderson, Thomas R [mailto:thomas.r.henderson@boeing.com] > > Sent: Sunday, December 20, 2009 1:34 AM > > To: Shinta Sugimoto; Brian E Carpenter > > Cc: shim6@ietf.org; Kristian Slavov; miika@iki.fi > > Subject: RE: Unknown locator [WG Last Call > > fordraft-ietf-shim6-multihome-shim-api] > > > > > > > > > > > > > > Well, I don't quite understand how an extra locator > > provided by the > > > > upper layer can ever pass the CGA/HBA test. So I don't really > > > > understand the unknown locator mechanism, I guess. > > > > Maybe it can never work in the case of SHIM6 or HIP but > > might work > > > > with some other kind of shim? > > > > I think it will work with HIP, perhaps not with shim6. My > > original read of the draft was that this case of the shim > > rejecting a locator provided by the application was covered > > by returning an error EINVALIDLOCATOR (see the very end of > > Section 5 of the draft). > > > > It seemed to me that the open issue in practice is to be able > > to pass the knowledge of a new possible locator that was > > provided by the application to the shim layer, and might then > > need to be communicated via some kind of upcall to a > > user-space daemon doing reachability tests, etc. However, > > such an upcall is outside the scope of this draft. > > > > > > > > After re-thinking, I think we need to handle two cases: 1) > > application > > > sending data with unknown source/destination locator, 2) > > application > > > requesting for using unknown source/destination locator. > > > > > > As to the former case, the multihoming shim sub-layer must > > reject the > > > request and send an error message to the application. The > > reason is > > > simply because the packet with unknown source locator will > > be dropped > > > by the peer and sending packet to unknown destination > > locator should > > > be prohibited for security reasons. > > > > Can you clarify what you mean by 1)? I thought that > > applications sent data to identifiers in this framework. > > 1) means that application sends data by specifying source (or > destination) locator, e.g., by using SHIM_LOC_*_SEND socket > options. Of course, the socket is bound to identifiers. But > the app can optionally specify source and/or desination > locator(s). This is what we call "locator management" and we > define socket API extensions for enabling this function. Yes, but I meant that applications send data by send, sendto, or sendmsg, and SHIM_LOC_*_SEND are set as socket options, not as ancillary data to sendmsg(). So it seemed to me that case 1) becomes case 2). > > > > > > > As to the latter case, the multihoming shim sub-layer > should do the > > > following: > > > > > > In response to the request for using unknown source locator: > > > > > > - check if the requested source locator is available on > any of the > > > local interface > > > > (I would add that "available" means that it is configured on > > some interface and it satisfies whatever requirements are > > placed on its usage by the shim, such as hba). > > > > > - if the source locator is available, then the multihoming shim > > > sub-layer MAY initiate procedure to update its own locator > > list with > > > the peer > > > > By specifying as a MAY, applications will have a hard time > > relying on it being available. Applications may know best > > about what locators they want to use with the shim. I'd > > rather see API that supported two cases: 1) locators > > provided as hints to the shim (where the MAY would apply), > > and 2) locators provided as application policy that should > > not be ignored; i.e. the connection should perhaps fail if > > the locators provided cannot be used > > I understand. I am not quite sure if we should say MAY or > SHOULD here, but I think application should be fine as far as > it knows if the requested locator was accepted or not (by the > multihoming shim sub-layer). Can you explain the difference between SHIM_LOC_LOCAL_PREF and SHIM_LOC_LOCAL_SEND? To me, it is the difference between SHOULD and MUST. It seems to me that if you make SHIM_LOC_LOCAL_SEND either a MAY or a SHOULD, it becomes basically the same as SHIM_LOC_LOCAL_PREF, and applications can't tell the shim that they insist on specific locators being used (regardless of what REAP, ICE, etc. may learn). > The acceptance means the result > of the first check, i.e., availability of the source locator. > Reachability from the source locator in question to the > peer's locator, is another issue, IMO. So, what about this: > > - the multihoming shim sub-layer MUST return the result to > the application (whether the request for updating the source > locator was accepted or not. When it is accepted, it means > that the locator list is updated accordingly. When it's > rejected, no changes to the locator list). > - when the request for updating the source locator was > accepted, the multihoming shim sub-layer SHOULD initiate the > procedure to update the locator list accordingly. > > > > > > > In response to the request for using unknown destination > > locator, the > > > situation is a bit tricky because it means that the application > > > somehow knows another locator (IP address) to reach the > > peer while the > > > multihoming shim sub-layer does not. > > > I am not sure if we have such a case in reality, but in > > > > this seems to me to be potentially a very common case for > > locator- and shim-aware applications > > > > > theory, I think the multihoming shim sub-layer must reject > > the request > > > at least in the case of SHIM6. In the case of HIP, I am > clarifying > > > this with HIP experts what to do. > > > > For HIP, I would suggest to accept it. I think it will > > probably be a common case because it allows the application > > to provide locators to HIP so that HIP doesn't have to do an > > address lookup based on the HIT. > > Ok, I think this point is where we have significant > difference with HIP and SHIM6. Identifiers are non-routable > in case of HIP. > > > I suggest to clarify what is meant by "unknown locator" > > perhaps in the terminology section. I think that what is > > meant by the text is that there is an existing context and a > > locator is provided that was not announced in the context > > handshake or subsequent signaling. However, what about > > providing a locator before any context is set up? In this > > case, all locators are potentially "unknown" at this stage. > > Ok, I understand. > > Then we should probably prepare an exceptional case for HIP > when the app requests to use specific destination locator(s) > for a given application session even when there is no context > associated with the socket. Such a case should be the > initial case where the app starts communication with the peer > using HIP. > > > I think it is a very important piece of the API for HIP to be > > able to have an application associate a destination locator > > with a destination HIT (and also source locator for policy or > > reachability purposes) before the HIP handshake starts. > > Ok. Let me come back with a proposal soon (tomorrow at the > latest). I guess we should have separate email thread for this topic. > > >For > > shim6, before context is set up, it seems that identifiers > > are initial contact locators too. In this case, it should be > > defined what should be the behavior if bind(address) > > conflicts with SHIM_LOC_LOCAL_SEND or if connect(address) > > conflicts with SHIM_LOC_PEER_SEND. > > Well, the conflict actually does not matter. The IP address > used for bind() is the source identifier, and the IP address > used for connect() is the destination identifier. As you > mentioned, identifier and locator could be identical, or > could be different. SHIM_LOC_LOCAL_SEND will give the source > locator and SHIM_LOC_PEER_SEND will give the destination locator. > If SHIM_LOC_*_SEND are not possible to be set before a shim6 context is set up, then I agree that it seems to not make a difference. - Tom
- [shim6] WG Last Call for draft-ietf-shim6-multiho… Geoff Huston
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Brian E Carpenter
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Brian E Carpenter
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Miika Komu
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Miika Komu
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Shinta Sugimoto
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Shinta Sugimoto
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Brian E Carpenter
- [shim6] Unknown locator [WG Last Call for draft-i… Brian E Carpenter
- Re: [shim6] Unknown locator [WG Last Call for dra… Shinta Sugimoto
- Re: [shim6] Unknown locator [WG Last Call for dra… Brian E Carpenter
- [shim6] FW: WG Last Call for draft-ietf-shim6-mul… Shinta Sugimoto
- Re: [shim6] Unknown locator [WG Last Call fordraf… Henderson, Thomas R
- Re: [shim6] Unknown locator [WG Last Call fordraf… Miika Komu
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… SCHARF, Michael
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Shinta Sugimoto
- Re: [shim6] Unknown locator [WG Last Call fordraf… Shinta Sugimoto
- Re: [shim6] Unknown locator [WG Last Call fordraf… Henderson, Thomas R
- Re: [shim6] Unknown locator [WG Last Call fordraf… Shinta Sugimoto
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Geoff Huston
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Shinta Sugimoto
- Re: [shim6] Unknown locator [WG Last Callfordraft… Henderson, Thomas R
- [shim6] FW: WG Last Call for draft-ietf-shim6-mul… Shinta Sugimoto
- [shim6] FW: WG Last Call for draft-ietf-shim6-mul… Shinta Sugimoto
- Re: [shim6] FW: WG Last Call for draft-ietf-shim6… Miika Komu
- [shim6] WG Last Call for draft-ietf-shim6-multiho… Geoff Huston
- [shim6] WG Last Call for draft-ietf-shim6-multiho… Geoff Huston
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Brian E Carpenter
- Re: [shim6] WG Last Call for draft-ietf-shim6-mul… Geoff Huston