Re: [v6ops] ref Hosts dont MLD to join LL groups

Enno Rey <erey@ernw.de> Wed, 22 July 2015 12:50 UTC

Return-Path: <erey@ernw.de>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F24771B32EF for <v6ops@ietfa.amsl.com>; Wed, 22 Jul 2015 05:50:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pMwS4MHq80bB for <v6ops@ietfa.amsl.com>; Wed, 22 Jul 2015 05:50:48 -0700 (PDT)
Received: from mx1.ernw.net (mx1.ernw.net [62.159.96.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 503241B32E6 for <v6ops@ietf.org>; Wed, 22 Jul 2015 05:50:48 -0700 (PDT)
Received: from mh1.ernw.net (unknown [172.31.1.10]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "mh1.ernw.net", Issuer "ernw ca1" (verified OK)) by mx1.ernw.net (Postfix) with ESMTPS id E3EB815EC2E for <v6ops@ietf.org>; Wed, 22 Jul 2015 14:52:59 +0200 (CEST)
Received: from ws25.ernw.net (ws25.ernw.net [172.31.100.10]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "ws25.ernw.net", Issuer "ernw ca1" (verified OK)) by mh1.ernw.net (Postfix) with ESMTPS id 96F6E64A for <v6ops@ietf.org>; Wed, 22 Jul 2015 14:50:46 +0200 (CEST)
Received: by ws25.ernw.net (Postfix, from userid 1001) id 707FDC4876; Wed, 22 Jul 2015 14:50:46 +0200 (CEST)
Date: Wed, 22 Jul 2015 14:50:46 +0200
From: Enno Rey <erey@ernw.de>
To: v6ops@ietf.org
Message-ID: <20150722125046.GB47052@ernw.de>
References: <55AE42A4.8020908@gmail.com> <5CD05758-D7B7-476D-9936-E5A1D0614AF8@employees.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5CD05758-D7B7-476D-9936-E5A1D0614AF8@employees.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/OUs0SqfP0Wv0t4a4h6Zu1UQdWQ4>
Subject: Re: [v6ops] ref Hosts dont MLD to join LL groups
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2015 12:50:56 -0000

On Wed, Jul 22, 2015 at 02:27:42PM +0200, Ole Troan wrote:
> > Regarding the mic discussion about unicast RAs a SHOULD.
> > 
> > I have been directed that the reference saying that Hosts dont MLD to join multicast groups is RFC3810:
> > 
> > "  The link-scope all-nodes multicast address, (FF02::1), is handled as
> >   a special case.  On all nodes -- that is all hosts and routers,
> >   including multicast routers -- listening to packets destined to the
> >   all-nodes multicast address, from all sources, is permanently enabled
> >   on all interfaces on which multicast listening is supported.  No MLD
> >   messages are ever sent regarding neither the link-scope all-nodes
> >   multicast address, nor any multicast address of scope 0 (reserved) or
> >   1 (node-local).???
> 
> I do wonder if we should expand that exception to all link-scope multicast addresses.
> 
> the bridge implementors I speak to tell me that they don???t have enough state to do MLD snooping for link-local scoped multicast addresses anyway...

I can confirm that many switches do not apply MLD snooping/the subsequent "limited forwarding" to link-local MC groups, namely solicited-node. Read: they send those out an all ports, even with MLD snooping enabled.
[see also https://www.troopers.de/media/filer_public/7c/35/7c35967a-d0d4-46fb-8a3b-4c16df37ce59/troopers15_ipv6secsummit_atlasis_rey_salazar_mld_considered_harmful_final.pdf]
There's also https://tools.ietf.org/html/draft-pashby-magma-simplify-mld-snooping-01.

best

Enno





> 
> cheers,
> Ole



> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops


-- 
Enno Rey

ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de
Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 

Handelsregister Mannheim: HRB 337135
Geschaeftsfuehrer: Enno Rey

=======================================================
Blog: www.insinuator.net || Conference: www.troopers.de
Twitter: @Enno_Insinuator
=======================================================