IETF Logo Mail Archive

Re: [v6ops] [homenet] Tsinghua work on source/destination routing

Brian E Carpenter <brian.e.carpenter@gmail.com> Thu, 07 November 2013 19:21 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B73E11E828C; Thu, 7 Nov 2013 11:21:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.548
X-Spam-Level:
X-Spam-Status: No, score=-102.548 tagged_above=-999 required=5 tests=[AWL=0.051, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rQ1Tixzmnvsa; Thu, 7 Nov 2013 11:21:44 -0800 (PST)
Received: from mail-bk0-x22b.google.com (mail-bk0-x22b.google.com [IPv6:2a00:1450:4008:c01::22b]) by ietfa.amsl.com (Postfix) with ESMTP id DDACA11E828D; Thu, 7 Nov 2013 11:21:43 -0800 (PST)
Received: by mail-bk0-f43.google.com with SMTP id mz13so413479bkb.30 for <multiple recipients>; Thu, 07 Nov 2013 11:21:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=bIabsIcHA6ZJfIhoiBbd8a0Et6dQt3lhQ/KaVsKekEo=; b=dL+dvjy21rbKNtySs8I4Ll7h2kZboPvNqZps7RDwYDKHeT2RBNL5X/exrJkQS0eYVL Pve9umjIctiRj9X+OiyAslgumzmlgQQbJ+Lsegj3DWVNMWbAG2v3TLAayhVuasTaMxdQ lrvN2etWMUlx4gCr5gwrGAX8bkGM+yE78ItqQpxGrbPUhkydcz4yJOgcyquDS0MpdZlg jrnhM60F210Pt1RK1+9qvxv31kxGcWBjNDIvYMTwLg4RIJinNwOjkII/UTBC4S3+YFR6 8JJMwyrpHPiiEg1enk1kdWOkE2oXqK9aPxY5pU5P12LkWLNnykUOW20a2mfMhmF2KdVg Vq8Q==
X-Received: by 10.204.171.142 with SMTP id h14mr7568747bkz.30.1383852102969; Thu, 07 Nov 2013 11:21:42 -0800 (PST)
Received: from [31.133.165.38] (dhcp-a526.meeting.ietf.org. [31.133.165.38]) by mx.google.com with ESMTPSA id no2sm3317936bkb.15.2013.11.07.11.21.40 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 07 Nov 2013 11:21:42 -0800 (PST)
Message-ID: <527BE84E.2000205@gmail.com>
Date: Fri, 08 Nov 2013 08:21:50 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: "Fred Baker (fred)" <fred@cisco.com>
References: <F7C18630-1964-4AFD-8549-559D7582B114@cisco.com> <CAFU7BAQT=+B==8pvOYSsWnCvcMEVzy2nh8dAZZXHzYjwmedRpg@mail.gmail.com> <CAJE_bqfU8C+Tc2rQCZ=vpmfTDdOiGz-sd-G4QNBpHdwXDz9bqQ@mail.gmail.com> <27F73F5B-6095-43E1-ADBE-2E05E8071E3F@cisco.com>
In-Reply-To: <27F73F5B-6095-43E1-ADBE-2E05E8071E3F@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: "v6ops@ietf.org WG" <v6ops@ietf.org>, 神明達哉 <jinmei@wide.ad.jp>, Routing WG <rtgwg@ietf.org>
Subject: Re: [v6ops] [homenet] Tsinghua work on source/destination routing
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 19:21:45 -0000

On 08/11/2013 07:56, Fred Baker (fred) wrote:
> On Nov 7, 2013, at 10:42 AM, 神明達哉 <jinmei@wide.ad.jp>
>  wrote:
> 
>> At Thu, 7 Nov 2013 17:58:56 +0100,
>> Jen Linkova <furry13@gmail.com> wrote:
>>
>>> Looks like we (finally) have a chance to enforce the requirement from
>>> RFC4007, Section9:
>>>
>>> "If transmitting the packet on the chosen next-hop interface
>>> would cause the packet to leave the zone of the source
>>> address, i.e.,
>>> cross a zone boundary of the scope of the
>>> source address, then the packet is discarded. "
>>>
>>> I'm seeing plenty of packets from link-local sources to global
>>> destinations which means that:
>>> 1) there are hosts with broken default address selection
>>> AND
>> (Probably an off-topic in this context but) this is not necessarily
>> accurate.  If a host only has a link-local address but somehow knows
>> the interface to send packets to a global destination, it would be
>> able to send packets with source being link-local and destination
>> being global, and validly (not breaking RFC 6724) so.  I believe it's
>> more likely to be a broken network configuration than a broken host
>> implementation.
> 
> I suspect it's some of each. The host should, I should think, set the hop limit to one on any packet that is to a link-local address, to ensure that the packet is not repeated by a broken router (apart from protocols that ask to have it set to 255 and have the receiving host check for that value). Also, upstream network's BCP 38 implementation sounds suspect, and I'm with Jen in wondering why a router forwarded the packet in the first place.

Are you sure these packets come from hosts? There is a known case
which is a router generating ICMP reply packets that has no GUA
configured since all its peers are link-local.

   Brian

v2.23.0 | Report a Bug | By Email