Re: [v6ops] SLAAC renum: Problem Statement & Operational workarounds

Fernando Gont <fgont@si6networks.com> Thu, 31 October 2019 19:13 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95D0A120800 for <v6ops@ietfa.amsl.com>; Thu, 31 Oct 2019 12:13:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b5QgRU2eS8el for <v6ops@ietfa.amsl.com>; Thu, 31 Oct 2019 12:13:48 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D7B9120018 for <v6ops@ietf.org>; Thu, 31 Oct 2019 12:13:48 -0700 (PDT)
Received: from [192.168.1.36] (unknown [177.27.208.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id A1B078691B; Thu, 31 Oct 2019 20:13:45 +0100 (CET)
To: Owen DeLong <owen@delong.com>
Cc: v6ops@ietf.org
References: <m1iNIFE-0000IwC@stereo.hq.phicoh.net> <d1b6855d-bde9-7b53-4809-0846bb9772e4@si6networks.com> <7C913CC2-938F-449C-9750-85C36EC05E38@delong.com> <48c864c7-589d-23cf-417e-6f4ec012a76a@si6networks.com> <7C142F1F-04C6-48A2-A65A-7CADD3691ECF@delong.com>
From: Fernando Gont <fgont@si6networks.com>
Openpgp: preference=signencrypt
Message-ID: <8dbfb1b6-5efa-019f-313b-e8045ee277ee@si6networks.com>
Date: Thu, 31 Oct 2019 16:13:34 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <7C142F1F-04C6-48A2-A65A-7CADD3691ECF@delong.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/Y4spuMRxDoIH11DF_R7Y8_H7Ucg>
Subject: Re: [v6ops] SLAAC renum: Problem Statement & Operational workarounds
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Oct 2019 19:13:51 -0000

On 27/10/19 01:48, Owen DeLong wrote:
>>> It is worth noting that these values are tunable by the administrator
>>> and the
>>> RFC suggested defaults should never be a hard-coded value.
>>>
>>> With the following exception, I don’t advocate modifying this on the
>>> client
>>> side:
>>> +Section 5.5.3 of RFC4862 should be amended to specifically
>>> allow the immediate deprecation of a prefix by sending a valid
>>> lifetime of 0 seconds. Hosts should be required to honor
>>> this as a signal that the prefix is no longer valid.
>>
>> Could you please elaborate on this one?
> 
> I’m not sure what I could do to elaborate. The addition of a specific
> call-out that
> even if the current behavior of ≤2 hours = 2 hours is to be preserved,
> there should
> be a special case for “0 seconds” which causes the prefix to be immediately
> deprecated with extreme prejudice.
> 
> Hosts should be required to treat an RA containing a prefix with a 0 second
> valid lifetime as an invalid prefix and immediately deprecate it from
> the interface
> if it is in use.

OK, so you do agree with the proposed change? (in
draft-gont-6man-slaac-renum, not in *this* document)




>>> I do think that generally speaking, your proposed modifications to
>>> CPE and
>>> router behavior should be standardized and implemented.
>>>
>>>> A better mitigation is to affect the preferred and possibly the valid
>>>> lifetimes in response to consecutive RAs from the same router that lack
>>>> the original (stale) prefix. e.g., after two consecutive RAs that do not
>>>> contain the existing prefix, reduce the preferred lifetime. After two
>>>> additional RAs, reduce the valid lifetime.
>>>
>>> In the crash scenarios you describe, you’re assuming a single router on
>>> the network or
>>> at least only one router announcing the prefix(es) in question with no
>>> persistent
>>> memory of the prefixes it was announcing across a reboot. In such a
>>> scenario,
>>> it seems to me that the following are also likely valid assumptions:
>>>
>>> +The network has significant excess bandwidth compared to demand.
>>> +The small overhead of frequent RAs and short lifetimes is probably
>>> an acceptable tradeoff in this environment.
>>>
>>> However, there are lots of other scenarios in the world where those
>>> assumptions
>>> won’t hold true and we should not seek to solve this problem (which is
>>> generally
>>> applicable to residential and SMB environments) at the expense of all of
>>> those
>>> other professionally administered environments.
>>
>> Even with the default RA frequency, if you were to unprefer a prefix
>> upon, say, second RA that doesn't advertise it, and say, remove the
>> prefix after many other RAs are received, that would be a *big*
>> improvement to what we have now.
> 
> I don’t like this idea because I can think of some scenarios where you
> may receive multiple RAs from router A not containing the prefix in the
> same time frame that router B has not sent an additional RA containing
> the prefix, but it will do so in its next RA.

Maybe it wasn't clear in the I-D, but the basic idea is:
If you receive multiple RAs from router A that do not advertise the
prefix, then you disassociate such prefix with router A. If nobody else
is advertising the prefix, you'd deprecate it. If other routers are
advertising it, this would not change the status quo of the prefix wrt
such other routers.


> There is no requirement for all routers on the same link to provide the
> same set of PIOs, nor are they required to use the same advertisement
> timers.

Agreed. Please see above.






>>> In section 3.2.1, you advocate setting the A and L bits to their
>>> previous values
>>> for prefixes which are being deprecated. IMHO, this is incorrect and the
>>> announcements calling for immediate deprecation should also indicate that
>>> the prefix should no longer be auto-configured and should no longer be
>>> considered on-link.
>>
>> Not sure I follow. Could you please elaborate?
> 
> Sure… In section 3.2.1 of your document, you advocate that if the previously
> valid PIOs were set A=1 and/or L=1, then those values of the A and L bits
> should be preserved in the RAs sent to deprecate them.
> 
> My argument is that since you are attempting to make this a prefix that
> hosts
> will no longer autoconfigure (A) and will no longer consider on-link
> (L), that
> in reality, regardless of the previous state of the A and L bits in the RAs
> announcing the prefix in a valid PIO, the new RAs since the prefix has been
> deprecated should be sent with A=0, L=0 in order to signal the host
> that this prefix should not be auto configured and should no longer be
> considered on-link.

You really make a good point. I will go through RFC4861 and see what's
the current expected behaviour in such case.





>>> Is there some unfortunate widely deployed behavior that interacts poorly
>>> with setting A and L to 0 for these previously valid prefixes?
>>>
>>> Finally, An editorial note… In Section 3, you state “Finally, Section
>>> 2.5 analyzes…”
>>> I believe this is intended to be a reference to section 3.2.2.
>>
>> Nope. Section 3.2.2 talks about the interaction between dhcpv6-pd and
>> slaac. BUt it is section 2.5 that discusses other considerations for
>> dynamic/stable prefixes. For example, stable prefixes are not nice for
>> privacy.
> 
> 
> Fair enough, but in that case, I don’t think I would put it after the
> description of section 3.2,
> nor would I use the word “Finally” as a lead-in to a back-reference.

Will tweak the text accordingly.

Thanks!

Cheers,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492