IETF Logo Mail Archive

Re: [v6ops] draft-linkova-v6ops-nd-cache-init to working group draft

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Tue, 23 July 2019 13:16 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA471120119; Tue, 23 Jul 2019 06:16:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=ckI7Yl/o; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=ycpWMBcp
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eVCnDoVeVpmW; Tue, 23 Jul 2019 06:16:35 -0700 (PDT)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E0E412006D; Tue, 23 Jul 2019 06:16:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4312; q=dns/txt; s=iport; t=1563887795; x=1565097395; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=lGwwZVBJR7UFLpfWJlTybTpOTp/FRBWRZWVEn1suVU4=; b=ckI7Yl/oYLIoTEFXITNm9KOcH0axa6At8KKoS69+DwV/Lt5OlyulXgYb ovQ7swULw43dR40tRmFbVfNaWhiiu/pzYzfWC16ePRc81+Y37w2x+ki67 yQUGbrjBPRtBupPiMDo2qdOPEEL8sb7StOTK7GAvjAudhyqEgDInx9bhO E=;
IronPort-PHdr: 9a23:hBhcrR3hGri1diegsmDT+zVfbzU7u7jyIg8e44YmjLQLaKm44pD+JxKGt+51ggrPWoPWo7JfhuzavrqoeFRI4I3J8RVgOIdJSwdDjMwXmwI6B8vQEVH7MfTndTASF8VZX1gj9Ha+YgBY
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AGAADnBTdd/4QNJK1mGQEBAQEBAQEBAQEBAQcBAQEBAQGBUwQBAQEBAQsBgUNQA21VIAQLKoQdg0cDhFKJLYJbiVSNfIEugSQDVAkBAQEMAQEYBg8CAQGEQAIXgjcjNAkOAQMBAQQBAQIBBm2FHgyFSgEBAQMBAQEQBgsRDAEBLAsBBAsCAQgOCgICJgICAh8GCxUQAgQOBRsHgwABgWoDDg8BAgyfWwKBOIhgcYEygnkBAQWBMgEDAgKBDYJADQuCEwMGgQwoAYkVgkkXgUA/gREnH4JMPoIaIiUBAQOEaTKCJo54my9ACQKCGYZYiUCDdBuCLZVdjmaGF4F1jhMCBAIEBQIOAQEFgVA4gVhwFTsqAYJBgkKDcYUUhT9yAYEojiUBAQ
X-IronPort-AV: E=Sophos;i="5.64,299,1559520000"; d="scan'208";a="600874094"
Received: from alln-core-10.cisco.com ([173.36.13.132]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 23 Jul 2019 13:16:34 +0000
Received: from XCH-ALN-011.cisco.com (xch-aln-011.cisco.com [173.36.7.21]) by alln-core-10.cisco.com (8.15.2/8.15.2) with ESMTPS id x6NDGYdY018903 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 23 Jul 2019 13:16:34 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-ALN-011.cisco.com (173.36.7.21) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 23 Jul 2019 08:16:33 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 23 Jul 2019 08:16:33 -0500
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 23 Jul 2019 08:16:31 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Jv1x/BS1znmJw+i+JnFKZnQowg3yl9jp7SmSfbdyHma+nERTEOYMJMFqg2yX9cl+g8gywJZxuNzvtbGN0Q9xMT9Ny4c72jIhQSbMS89N6WsuYQkCWLQE8Dc0qldaduikOBGm9FUktyCC7QnUgPCS8uKPpr/BUsLMqND4DSxJreat0ypLAdubk5FSg90TqYSwVpyGj17rs1Btd63g8ZoyHpMWIDlt33+N951zD5SZOR6i/SPNFDecvPct/zB0xSSaq/hjaxmFPN+yKAd+FJw6FnnbASgJupp2lTUvYgLMwUBWGr9RTougQI3efFKP/WvfBMHh455P97wzWPZE7UfeCA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lGwwZVBJR7UFLpfWJlTybTpOTp/FRBWRZWVEn1suVU4=; b=VO/2NQQSaL5VBLJ6eOZgBnTXh4mHBF3OfpgKcRha2DukhW1lJZ4zCutPFMiFi02n1GHjzBSv1uJbPFigAf8Z4yaik+LFIXpZu/zLnHDkr+SQudUmofJg07dZwVVTPmAG7Dsi3bi+MS8mvLCDMI+4S3r6Kx17bUZUc0o+iSUqA0mpHH1io+KLrh/VgsoivC6KTDBCUrkkM2NQuAfVxzIUnM1Zo823/PaciI31nYIBEmah/vzgw/c7tsYBZ1fmNqXjjSoGDCCT00HmUloen0mR7G+aIjjbNhKiCkyF7bLLhFO/8pNpe0ZUAkk75P5LnEmgYSfcQducXb/tosZ21pBOZg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=cisco.com;dmarc=pass action=none header.from=cisco.com;dkim=pass header.d=cisco.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lGwwZVBJR7UFLpfWJlTybTpOTp/FRBWRZWVEn1suVU4=; b=ycpWMBcppz7HxgstSaEyoOR2JLPKmkjlTmRB8egPGglrkL4W6sihUyuODdXAZFrt4EAhAuJlMQ010JJIhzFIIugZICiBv9FpTkAPXSLXEUxq29pB+WljcsTAVkb/lyRrstIEY8lZYUnnMhn11pfljKAk9ZNJt20ITJlY7tYQf14=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4128.namprd11.prod.outlook.com (20.179.150.153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.16; Tue, 23 Jul 2019 13:16:29 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::1ce9:1582:146c:c50a]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::1ce9:1582:146c:c50a%6]) with mapi id 15.20.2094.013; Tue, 23 Jul 2019 13:16:29 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: David Lamparter <equinox@diac24.net>
CC: IPv6 Operations <v6ops@ietf.org>, 6man Chairs <6man-chairs@ietf.org>
Thread-Topic: [v6ops] draft-linkova-v6ops-nd-cache-init to working group draft
Thread-Index: AQHVQTDJQIJu4w3G6EWWHtrdc581RKbYFBSAgAAGiwCAABEDgIAAA6lR
Date: Tue, 23 Jul 2019 13:16:29 +0000
Message-ID: <4F9991E5-AB39-464E-BBF8-87D3B6A6B677@cisco.com>
References: <351E8A83-734C-448D-B0C6-212C09D564F4@gmail.com> <ea7438f2-b917-60eb-88bc-a375246a0cf9@gmail.com> <CAOSSMjUrtjxuA+fSmidP+CYVyPxbMhB88oXCZfwvORZi1_w19g@mail.gmail.com>, <20190723130323.GK34551@eidolon.nox.tf>
In-Reply-To: <20190723130323.GK34551@eidolon.nox.tf>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:67c:370:128:7150:45d3:56e4:b349]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 034ec00c-bfbb-4fc4-83b4-08d70f6ff986
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MN2PR11MB4128;
x-ms-traffictypediagnostic: MN2PR11MB4128:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <MN2PR11MB4128D6F28F4C0FF715411CB8D8C70@MN2PR11MB4128.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0107098B6C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(136003)(366004)(396003)(39860400002)(376002)(189003)(199004)(86362001)(6512007)(81156014)(6306002)(14454004)(6436002)(2906002)(36756003)(6246003)(81166006)(33656002)(256004)(6486002)(7736002)(68736007)(6116002)(53936002)(8936002)(66574012)(71200400001)(71190400001)(5660300002)(14444005)(4326008)(229853002)(54906003)(186003)(476003)(25786009)(66446008)(66946007)(446003)(91956017)(316002)(64756008)(66556008)(66476007)(76176011)(966005)(478600001)(76116006)(11346002)(6916009)(2616005)(102836004)(46003)(486006)(6506007)(53546011)(8676002)(305945005)(99286004); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4128; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: /o6XqqO1e6l+J37ZC5yZGafo55K5xP6uJ7atknK+E7XngqtWQ8NK7K2gIF+L5ncKF/6J5CxzDQT/B0nKLyPDJ4eIy9UqX+0kV7mSBtaC46TSkR02yZ+0j3mcprqZ+dIVtv1nmzYaifFCESNXqkimjins1ydewVPGiwbFMrh8mmvNXTKvZQ9hxgu86k+Wf2wgXhhkqI35n66yI4H0dJhoaDt1pwQfYB1v4B+bjEdozXR2aY4Sk6Ev+6UosHWOztQqeGO4041hEK93VQ83Vjyxv5JgJjn33cAfUkwaDq3rN0vQQ8B2+OtHN4xYbivYjz9DHglcTZOq11eJ5sxK2HybiP1qgwomffVx3yCWMquKIJZsyjo1hQEh49PKffwdgMWqOddDNokSortiGvZxrNfLZdi9j+wnCJ48cEqfCHJyBtw=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 034ec00c-bfbb-4fc4-83b4-08d70f6ff986
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jul 2019 13:16:29.7393 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pthubert@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4128
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.21, xch-aln-011.cisco.com
X-Outbound-Node: alln-core-10.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/ObNEKsDsDGG7wt5HUogeR8qYUQw>
Subject: Re: [v6ops] draft-linkova-v6ops-nd-cache-init to working group draft
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jul 2019 13:16:38 -0000

I support the idea to adopt the draft and document the general problem that’s behind it.
The attack vectors on the router are part of that general problem.

As I understand Lorenzo ‘s point, the full solution probably belongs to 6man. We are now finding that we need to reconsider the reactive behavior of ND AR. Tricking the current model can improve things but only so far. 


Regards,

Pascal

> Le 23 juil. 2019 à 09:05, David Lamparter <equinox@diac24.net> a écrit :
> 
> +1
> 
> -David
> 
>> On Tue, Jul 23, 2019 at 08:02:30AM -0400, Timothy Winters wrote:
>> I also think this should be working group draft, as I mentioned at the mic
>> I'm happy to help survey what current implementations are capable of.
>> 
>> I also agree with Lozenzo last statement.
>> 
>> ~Tim
>> 
>> On Tue, Jul 23, 2019 at 7:39 AM Brian E Carpenter <
>> brian.e.carpenter@gmail.com> wrote:
>> 
>>> 1) Yes, we should *obviously* do this.
>>> 2) If the charter prevents that, fix the charter.
>>> 3) I'm not convinced it needs to update 4861. If what it does is explain
>>> the conditions in which an RFC2119 "SHOULD" should be ignored, that is
>>> *not* an update to the standard. To me it sounds exactly like a Best
>>> Current Practice.
>>> 4) In any case, if the IETF rules are alleged to prevent doing the obvious
>>> right thing, the IESG can vary the rules, as allowed by BCP9.
>>> 
>>> Regards
>>>   Brian Carpenter
>>> 
>>>> On 23-Jul-19 20:29, Fred Baker wrote:
>>>> In yesterday's meeting, the sense of the room and a discussion of
>>> charters at the mike suggested that draft-linkova-v6ops-nd-cache-init
>>> should become a working group draft. Doing so will require 6man to agree to
>>> let v6ops suggest specific changes to RFC 4861 under the rubric of
>>> "operational solutions", as discussed in the draft and
>>> https://datatracker.ietf.org/meeting/105/materials/slides-105-v6ops-neighbor-cache-entries-on-first-hop-routers-operational-considerations-00;
>>> the argument for not kicking those out to 6man is that the authors of RFC
>>> 4861 are no longer in a position to approve errata to it, which would be
>>> the other obvious approach (I'm not sure that's true of Erik Nordmark, but
>>> whatever). It would also need to be considered to update RFC 4861.
>>>> 
>>>> Do we agree to take draft-linkova-v6ops-nd-cache-init as a working group
>>> draft?
>>>> 
>>>> Ron and I look through this thread next week and take the necessary
>>> action, whatever the outcome might be.
>>>> _______________________________________________
>>>> v6ops mailing list
>>>> v6ops@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/v6ops
>>>> .
>>>> 
>>> 
>>> _______________________________________________
>>> v6ops mailing list
>>> v6ops@ietf.org
>>> https://www.ietf.org/mailman/listinfo/v6ops
>>> 
> 
>> _______________________________________________
>> v6ops mailing list
>> v6ops@ietf.org
>> https://www.ietf.org/mailman/listinfo/v6ops
> 
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email