IETF Logo Mail Archive

Re: [Snac] Router using Ipv6 prefix length = 67

Alexandre Petrescu <alexandre.petrescu@gmail.com> Fri, 09 June 2023 08:33 UTC

Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: snac@ietfa.amsl.com
Delivered-To: snac@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D7E1C1519A8 for <snac@ietfa.amsl.com>; Fri, 9 Jun 2023 01:33:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.671
X-Spam-Level:
X-Spam-Status: No, score=0.671 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FREEMAIL_FROM=0.001, GB_SUMOF=5, NICE_REPLY_A=-0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8tREVDKrqMI9 for <snac@ietfa.amsl.com>; Fri, 9 Jun 2023 01:33:25 -0700 (PDT)
Received: from oxalide-smtp-out.extra.cea.fr (oxalide-smtp-out.extra.cea.fr [132.168.224.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05E68C1519AB for <snac@ietf.org>; Fri, 9 Jun 2023 01:33:24 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by oxalide-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 3598XMvp024533 for <snac@ietf.org>; Fri, 9 Jun 2023 10:33:22 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 5F9D8204F44 for <snac@ietf.org>; Fri, 9 Jun 2023 10:33:22 +0200 (CEST)
Received: from muguet1-smtp-out.intra.cea.fr (muguet1-smtp-out.intra.cea.fr [132.166.192.12]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 546A8204EFC for <snac@ietf.org>; Fri, 9 Jun 2023 10:33:22 +0200 (CEST)
Received: from [10.8.32.70] (is156570.intra.cea.fr [10.8.32.70]) by muguet1-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 3598XMOX035209 for <snac@ietf.org>; Fri, 9 Jun 2023 10:33:22 +0200
Message-ID: <44f07e07-ebce-d69b-188e-de4f0696fa23@gmail.com>
Date: Fri, 09 Jun 2023 10:33:22 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0
Content-Language: fr
To: snac@ietf.org
References: <6B9F7642-2FB0-420A-9ADA-59A3BDEF7276@amazon.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
In-Reply-To: <6B9F7642-2FB0-420A-9ADA-59A3BDEF7276@amazon.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/snac/n93o4vgcK95MqvoEo5GrQ4KviCQ>
Subject: Re: [Snac] Router using Ipv6 prefix length = 67
X-BeenThere: snac@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Mailing list for discussing problems relating to the automatic connection of stub networks to existing infrastructure networks. " <snac.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/snac>, <mailto:snac-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/snac/>
List-Post: <mailto:snac@ietf.org>
List-Help: <mailto:snac-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/snac>, <mailto:snac-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jun 2023 08:33:29 -0000


Le 08/06/2023 à 17:38, Collins, Alan a écrit :
> Hello everyone.
> 
> Thank you for looking into this. I agree with the defensive strategy
> to remove ambiguity on the “usable PIO”. FYI, we confirmed the RA
> with PIO /67 was coming from backend router.
> 
> There is another scenario from old models e.g. Arris TG1682 which 
> enabling IPv6 support defaults an empty prefix, which waterfalls into
>  getting OTA icmvp6 RAs with ::/64.

If I remember correctly, :: is reserved as an address in a particular
RFC.  Also, the ::/128 has a specific meaning, IIRC, related to default
route in a routing table.

An ::/64 is actually meaning two things: an address :: and/or its prefix
::/64.  I know that in English it is difficult to translate the term
and/or in an algorithm, because one never knows whether someone saying 
in English and/or actually means 'and' or she means 'or'.  These two 
words have specific meaning in programming, and 'and/or' has no clear 
meaning in programming.  Then there is also the term 'either - or', 
which does translate into XOR (exclusive or) in programming.  But we 
cant say that ::/64 is either a prefix or an address, because it can be 
both.

My explanatory speculation of the presence of ::/64 in RA is that the
programmer needed to put something there, but empty.  That empty value
is 0.  And s/he added the plen 64 because s/he felt that all there is to
be as prefix length is 64.  Because s/he felt that 64 is actually the
only 'usable' (so to say) prefix length.

That feeling (64 is the only usable plen) is a misunderstanding, in my
humble oppinion.

Alex


  Then, SLAAC comes back with: inet6
> addr: ::f603:2aff:fe66:c090/64 Scope: Global ,  - snac could also 
> include it in the upcoming improvement.
> 
> Cheers,
> 
> Alan Collins
> 
> *From: *Esko Dijk <esko.dijk@iotconsultancy.nl> *Date: *Tuesday, June
> 6, 2023 at 4:09 AM *To: *Jonathan Hui <jonhui@google.com>, "Collins,
> Alan" <alaclli@amazon.com> *Cc: *"snac@ietf.org" <snac@ietf.org>,
> Gabe Kassel <gabe@eero.com> *Subject: *[EXTERNAL] [UNVERIFIED SENDER]
> RE: [Snac] Router using Ipv6 prefix length = 67
> 
> *CAUTION*: This email originated from outside of the organization. Do
>  not click links or open attachments unless you can confirm the
> sender and know the content is safe.
> 
> Hi,
> 
> On the requirements in RFC 7084 Section 4.3: specifically this is
> about requirements 2 and L-2 if I’m correct.
> 
> On RFC 2464: this has been obsoleted by RFC 4862. See Section 5.5.3 
> which has this requirement:
> 
> If the sum of the prefix length and interface identifier length
> 
> does not equal 128 bits, the Prefix Information option MUST be
> 
> ignored.  An implementation MAY wish to log a system management
> 
> error in this case.  The length of the interface identifier is
> 
> defined in a separate link-type specific document, which should
> 
> also be consistent with the address architecture [RFC4291 
> <https://www.rfc-editor.org/rfc/rfc4291>] (see
> 
> Section 2 <https://www.rfc-editor.org/rfc/rfc4862.html#section-2>).
> 
> So per this requirement the host would ignore the PIO /67 and not use
> it for SLAAC on Wi-Fi.
> 
> Agree to clarify the usable PIO to include the prefix length. Maybe
> it could refer to RFC 4862 5.5.3 for the exact requirements because
> that has quite some detail.
> 
> Regards
> 
> Esko
> 
> *From:* Snac <snac-bounces@ietf.org> *On Behalf Of * Jonathan Hui 
> *Sent:* Tuesday, June 6, 2023 00:25 *To:* Collins, Alan
> <alaclli=40amazon.com@dmarc.ietf.org> *Cc:* snac@ietf.org; Gabe
> Kassel <gabe@eero.com> *Subject:* Re: [Snac] Router using Ipv6 prefix
> length = 67
> 
> Hi Alan,
> 
> Thanks for sharing this information.
> 
> It seems the Netgear WNP3000 is not conformant to RFC 7084 Section
> 4.3 <https://datatracker.ietf.org/doc/html/rfc7084#section-4.3> and
> RFC 2464 Section 4
> <https://datatracker.ietf.org/doc/html/rfc2464#section-4>. That said,
> I think it makes sense for the stub router implementation to be
> defensive in these situations and include prefix length in the 
> definition of a "usable prefix".
> 
> As for spec text, draft-ietf-snac-simple-01 Section 5.1.1 already
> states:
> 
> IPv6 addressing is considered to be present on the link if a usable 
> on-link prefix is advertised on the adjacent infrastructure link.  A 
> usable on-link prefix is a prefix advertised on the link that has a 
> preferred time of 30 minutes or more, is marked on-link and allows 
> autonomous configuration.
> 
> One could argue that "allows autonomous configuration" already covers
>  this requirement, given that RFC 2464 Section 4 states:
> 
> An IPv6 address prefix used for stateless autoconfiguration [ACONF] 
> of an Ethernet interface must have a length of 64 bits.
> 
> If we wanted to make a change, we could add some clarifying text
> like:
> 
> A prefix that allows autonomous configuration includes having the
> PIO
> 
> A-flag set to 1 and required prefix length for the given link.
> 
> Thoughts?
> 
> --
> 
> Jonathan Hui
> 
> On Sun, Jun 4, 2023 at 10:33 AM Collins, Alan 
> <alaclli=40amazon.com@dmarc.ietf.org 
> <mailto:40amazon.com@dmarc.ietf.org>> wrote:
> 
> Hello Ted, Jonathan.
> 
> We have multiple test setups testing Matter over Thread back-to-back
> pairing while connected to infrastructure using different (hundreds)
> of Wifi AP with default settings. The setup:
> 
> Recently, while using Netgear WNP3000 , the Matter pairing failed. 
> The non-thread matter controller is not getting an IPv6 global 
> address, so even that the routing table contains the prefix to reach 
> into the Thread BR, the IP stack does not allow it without a global 
> IP of its own.
> 
> Thread BR is only sending icmpv6 RA with RIO. The PIO is not included
> because there is another router in the network already sending PIO.
> 
> However, since that PIO has length = 67, the non-Thread matter 
> controller won’t use it to create a global IP. It’s not even sending 
> NS for DAD.
> 
> We think the abnormal ipv6 PIO prefix RA is from the backend Cisco 
> OUI MAC address. We are investigating.
> 
> However, this opens an opportunity to create a more robust behavior 
> from Thread BR, to add more logic into processing the existing PIO 
> before deciding not to send a PIO of its own.
> 
> Thank you in advance for looking into this.
> 
> Cheers,
> 
> Alan Collins
> 
> -- Snac mailing list Snac@ietf.org <mailto:Snac@ietf.org> 
> https://www.ietf.org/mailman/listinfo/snac 
> <https://www.ietf.org/mailman/listinfo/snac>
> 
>

v2.23.0 | Report a Bug | By Email