IETF Logo Mail Archive

Re: [Snac] M/O Bit reflection behavior of draft-hui-stub-router-ra-flag-02

Ted Lemon <mellon@fugue.com> Wed, 17 April 2024 12:37 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: snac@ietfa.amsl.com
Delivered-To: snac@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F12A7C14F618 for <snac@ietfa.amsl.com>; Wed, 17 Apr 2024 05:37:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lKFFC21w9xkk for <snac@ietfa.amsl.com>; Wed, 17 Apr 2024 05:37:17 -0700 (PDT)
Received: from mail-oo1-xc36.google.com (mail-oo1-xc36.google.com [IPv6:2607:f8b0:4864:20::c36]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B6F3C14F60E for <snac@ietf.org>; Wed, 17 Apr 2024 05:37:16 -0700 (PDT)
Received: by mail-oo1-xc36.google.com with SMTP id 006d021491bc7-5aa27dba8a1so3358865eaf.0 for <snac@ietf.org>; Wed, 17 Apr 2024 05:37:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20230601.gappssmtp.com; s=20230601; t=1713357436; x=1713962236; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=0RamdTJZPoTzYClaP+AHQcSIP2x+4wlQbk/YQqNKgBM=; b=U5yJ5iv+8De47hjF9Ep9Qgj/W3YQtoEQ1lL6/JToStcsIkCpoNLr4OI6mahgxKgKdh B5wi/0l0d+plz7BMdjBlGicWsAc1ejfWqFT1jn6SysMjW6UQbVUGPPRbXoFSGcjKu0+P OYnbPPss3rIP0nTMqppqzwvnHIAuWBsKnDvNo90ocy5MRmSGe19CxPDVjJC1EAA+WW7n VO9aIF+h2AvayyE4sSJ60FkJBnualG1Zyku/94QmqsXfZcFyPwo1I2uJMLIrzvYRgKY7 VO63/Tnd/FaZNlhj2Hu18peNEpJugWVGFn3+E4tCIGY2MosXvuXtQJSFeQAdu42L7iM2 +IGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713357436; x=1713962236; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0RamdTJZPoTzYClaP+AHQcSIP2x+4wlQbk/YQqNKgBM=; b=B8B0Ul4HDwmCS7QxhQZcKxXCW/ey46MZBLALZ+vbgxbXL5CEVsjPwXP4qx9tbd7Y8R bIIIOnPwpYYAe3L8+4WgAohgMviBy4v61f978zoB5nNxoldQTlS2iped/bCd+fP+TIRy iWQFUsJzxdw/aCpUJHF+BovUXpGYxK1HOZGtZOV5YVmFOuhQnFAU2SobxVJ4n89WpBz1 fBCCQM3dhAFilUN7rXIBsaZYDVNJaFVQfB4mODcN62CDLWw3g33uUF2RfT2I6qTTtOmQ Wi5/vSWlE8sOKq2/3wTl7gixM41k+hIh55F9MKW+LKYD/unBxXDSCMCtRYnfGor1A9w2 zUog==
X-Gm-Message-State: AOJu0Yy19G1HqNvk6MpuVO/j2WdsMZsD0cZvaPe6hSggzjen3uuc7ImZ sHMTkYmSNwlsgL8MNpmQdQTvT8n+pMG+Gx/LWI7pHIQWOlgMotSNaUYBEQHsvizxo5/xIY92Qe9 hj9cJvaPZwJiZW/NozkHbgeKVa8b20Jc+JL2kKdqDbu6PxOwl
X-Google-Smtp-Source: AGHT+IGbHIbGTooMbJB3Qrn3zjMZJvpnjDXBfgjWZSpuSjLWxKwtaStPLqKNSiwGHv6MHojVqYCdwi9xjpnjRw3slBg=
X-Received: by 2002:a05:6358:8395:b0:183:645b:cfa4 with SMTP id c21-20020a056358839500b00183645bcfa4mr16613999rwk.16.1713357435825; Wed, 17 Apr 2024 05:37:15 -0700 (PDT)
MIME-Version: 1.0
References: <D993DD7C-4133-4C9A-B9BD-D38A37CC8A4F@gmail.com> <DU0P190MB1978A6D7BBCE565E0C9018F7FD2C2@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <DU0P190MB1978D701C90820D8DB97CCEDFD332@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <46119458-8B82-4DE0-A5BC-C58F64436FDB@gmail.com> <CAPt1N1mXSPR=7XwyobZhOSZppFohjJd-8DirqM6QFYihQXbvDQ@mail.gmail.com> <DU0P190MB1978F520A848CB9F32AA2385FD082@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <CAPt1N1=c5_GHXqqGFzTKrRdg9x1wOgq7Vw=Q0+FsyTHEgSQS8A@mail.gmail.com> <20240417114328.GA18918@unix-ag.uni-kl.de>
In-Reply-To: <20240417114328.GA18918@unix-ag.uni-kl.de>
From: Ted Lemon <mellon@fugue.com>
Date: Wed, 17 Apr 2024 08:37:04 -0400
Message-ID: <CAPt1N1=eyR6f_5UOn2N3g79QyJcur4jw18MJiCy34vMBu9O1SA@mail.gmail.com>
To: Erik Auerswald <auerswal@unix-ag.uni-kl.de>
Cc: SNAC ML <snac@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000560d8e06164a1d9e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/snac/YUdNIXa9W_VhRIMHEqgsuRb0NzQ>
Subject: Re: [Snac] M/O Bit reflection behavior of draft-hui-stub-router-ra-flag-02
X-BeenThere: snac@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Mailing list for discussing problems relating to the automatic connection of stub networks to existing infrastructure networks. " <snac.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/snac>, <mailto:snac-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/snac/>
List-Post: <mailto:snac@ietf.org>
List-Help: <mailto:snac-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/snac>, <mailto:snac-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Apr 2024 12:37:22 -0000

The rogue router problem was really competing dhcp servers, so I don’t
think we have to worry about that.  The current design is very much
informed by that experience—you may recall that I was the author of one of
the more popular dhcp servers at that time…  :)

Op wo 17 apr 2024 om 07:43 schreef Erik Auerswald <
auerswal@unix-ag.uni-kl.de>

> Hi,
>
> back in the day, introducing rogue routers (i.e., Windows home systems
> with their default behavior back then) into a managed WLAN using DHCPv6
> resulted in client-side problems.  The clients would alternate between
> DHCPv6 address assignment and SLAAC for the rogue prefix(es).
>
> Today, RA Guard should help.  It might interfere with SNAC, though. ;-)
>
> Br,
> Erik
>
>
> On Tue, Apr 16, 2024 at 10:22:52PM -0400, Ted Lemon wrote:
> > Hm. The consensus that seemed to arise in discussion in the room(s) is
> that
> > we can't really fix this, and it doesn't make sense to try. That is, we
> > shouldn't track the M&O bits sent by other routers. If they send
> > inconsistent bits, too bad, the host stack already has to deal with that
> > anyway.
> >
> > On Tue, Apr 16, 2024 at 6:15 AM Esko Dijk <esko.dijk@iotconsultancy.nl>
> > wrote:
> >
> > > > is the current requirement that the M&O bits be consistent between
> RAs
> > > actually a good idea? And separately, is it necessary?
> > >
> > >
> > >
> > > To get it 100% consistent all the time seems to make a solution complex
> > > (as our past discussions about reboot corner cases show). It would
> need a
> > > distributed consensus algorithm.
> > >
> > >
> > >
> > > One simpler solution is
> > >
> > > 1 - copy/mirror the latest values advertised by a non-stub-router, if
> any
> > >
> > > 2 - when a stub router boots/reboots, first send an RS to get
> > > non-stub-routers on the link to respond to see their M/O flags, if any
> > > (this RS is anyway needed after startup, to know whether existing
> on-link
> > > prefixes are “suitable” in the SNAC sense).
> > >
> > > 3 - if no regular routers are found (only SNAC stub routers) – then
> > > advertise M&O flags with value ‘0’ . This may conflict with other stub
> > > routers that advertise ‘1’ – but only for a limited time.
> > >
> > >   (Eventually these stub routers will switch back to ‘0’ or to the
> > > RA-advertised value, if such a non-stub-router RA ever shows up again
> in
> > > the future)
> > >
> > >
> > >
> > > Agree with your 3 questions but I don’t know answers. Btw what does
> > > “DHCPv6 is wanted” mean here – that the client or the higher layer
> > > controlling this client gets a sudden instruction or preference for
> > > obtaining a DHCPv6 based address/prefix/information ?
> > >
> > >
> > >
> > > Esko
> > >
> > >
> > >
> > > *From:* Ted Lemon <mellon@fugue.com>
> > > *Sent:* Wednesday, March 20, 2024 08:07
> > > *To:* Suresh Krishnan <suresh.krishnan@gmail.com>
> > > *Cc:* Esko Dijk <esko.dijk@iotconsultancy.nl>; snac@ietf.org; 6MAN <
> > > 6man@ietf.org>
> > > *Subject:* Re: [Snac] M/O Bit reflection behavior of
> > > draft-hui-stub-router-ra-flag-02
> > >
> > >
> > >
> > > [Adding 6man to this discussion for reasons that will shortly become
> > > apparent]
> > >
> > >
> > >
> > > Suresh and I had a conversation offline about persisting the M&O bits
> > > advertised by other routers. Suresh accumulated quite a few battle
> scars
> > > over this back in the day. I think we could solve this problem, but
> just
> > > the stub router bit isn't going to be enough to solve it. And then the
> > > question came up: is the current requirement that the M&O bits be
> > > consistent between RAs actually a good idea? And separately, is it
> > > necessary?
> > >
> > >
> > >
> > > I don't think we can answer that here, but it might be worth trying to
> get
> > > an answer to that before proceeding with a complicated solution. At
> present
> > > at least Apple BRs do not in fact reflect the M&O bits received from
> > > infrastructure routers, and we haven't had any bug reports as a result.
> > > That's not a particularly good indication, but I think it's worth
> > > investigating what DHCPv6 IA_NA and IA_PD and Information-Request
> clients
> > > actually do when the M&O bits go away.
> > >
> > >
> > >
> > > There are three questions I would ask:
> > >
> > > 1. What happens if the M&O bits are advertised, and a DHCPv6 client of
> any
> > > of the three types starts, and then a new RA is seen with the relevant
> > > bit(s) clear?
> > >
> > > 2. What happens if the M&O bits are not advertised, but DHCPv6 is
> wanted,
> > > and then an RA shows up with the M&O bits set. Does DHCPv6 start?
> > >
> > > 3. What happens if the we get an RA with the M&O bits set, and then an
> RA
> > > with them clear, and /then/ an indication that DHCPv6 is wanted?
> > >
> > >
> > >
> > > Some of these questions may not make sense in all situations, but I
> think
> > > this is the complete set of questions. Suresh's and my belief is that
> once
> > > a client has started doing DHCPv6, it's going to continue to do so
> even if
> > > it sees an RA with the relevant bit(s) clear. But it would be good to
> test
> > > that theory.
> > >
> > >
> > >
> > >
> > >
> > > On Wed, Mar 20, 2024 at 12:12 PM Suresh Krishnan <
> > > suresh.krishnan@gmail.com> wrote:
> > >
> > >
> > >
> > > > On Mar 20, 2024, at 11:03 AM, Esko Dijk <esko.dijk@iotconsultancy.nl
> >
> > > wrote:
> > > >
> > > > PS:
> > > >
> > > >> What the draft-hui-stub-router-ra-flag could do is just refer to
> this
> > > one, perhaps?
> > > >
> > > > My remark may not be fully clear. What I meant here is that the
> sentence
> > > stating that the values of M and O are mirrored, could refer to this
> > > behavior with a sentence like "as defined in [draft-ietf-snac-simple]."
> > > > This avoids explaining the mirroring in much detail within
> > > draft-hui-stub-router-ra-flag. And it directly answers the question the
> > > reader may have on how this works in detail.
> > >
> > > Thanks for that clarification Esko. That will certainly clarify the
> > > intended behavior for this draft. I do have further concerns regarding
> race
> > > conditions copying bits between stub routers, but that is not a
> concern for
> > > this draft.
> > >
> > > Regards
> > > Suresh
>
> --
> Snac mailing list
> Snac@ietf.org
> https://www.ietf.org/mailman/listinfo/snac
>

v2.23.0 | Report a Bug | By Email