Re: [v6ops] privacy point re. unsolicited NA / router neighbor cache

Mark Smith <markzzzsmith@gmail.com> Mon, 22 July 2019 23:13 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A01F120048 for <v6ops@ietfa.amsl.com>; Mon, 22 Jul 2019 16:13:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.497
X-Spam-Level:
X-Spam-Status: No, score=-0.497 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iiRdiIlCt5DW for <v6ops@ietfa.amsl.com>; Mon, 22 Jul 2019 16:13:31 -0700 (PDT)
Received: from mail-ot1-x329.google.com (mail-ot1-x329.google.com [IPv6:2607:f8b0:4864:20::329]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3F16120045 for <v6ops@ietf.org>; Mon, 22 Jul 2019 16:13:31 -0700 (PDT)
Received: by mail-ot1-x329.google.com with SMTP id r21so36038739otq.6 for <v6ops@ietf.org>; Mon, 22 Jul 2019 16:13:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gfj4clfQIFMAHT6V6/WuoYlGABMTDfhxqjoGE5meSn0=; b=b+iXKwA1+TrWX15g09J7AAAACplZC7I2WLB923nwezy5Szjoj6K8Z8kyOqy+O/iyfU x26dxpKXxrR3BlG+rfLXgPaVG1Tj1TJMXn8O0qItCTlSI9InHypBSlk7MB+kwURAi5cj zT/SO+jwxQWS+mAOX0SHV9pfqYRqozaIqQ4CqM5gGDK4ywZiBowEASc1hqM3uu7HimRX 7+eKeHPhYFJG08m2VNADFwGdsUI3YtziUTG5ELvZBkqS1TnvFhVS8vOC1yqWIWnIqCkQ JKvIIIk8KR8vtBTLuW1O5IgEK7sxxT2F1GOpVr8gKuAOwlnuCX9huz8PoSs4I96Msvbo 9lSQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gfj4clfQIFMAHT6V6/WuoYlGABMTDfhxqjoGE5meSn0=; b=MS84WrCEucEY6g/HOEZTYsZ2xxF/lOUNKy03zZdBOtvOaP/6adNHwPyrkb5JZveTi2 6YHjPhZiRVIVcJb8Q2Qj1wRAn2RtlAUN8xlRl5xwcQAorX/zhSMYeP1nh1aBXLi6V+L/ iyRfiF+xBAkprw9lGOUsjPht4VIrDfyHup8r5+GhYgxHriqlisidzsOYTa84qYybHbN0 ZVFWACUn1zCPG7oNZhXCZEgGbl5kAclKquZbpYHy0sUEFFz630a3C0ezRzrmGKHPGFN8 W8dEuwAU30C5VQ48Qmshza0yjQO6IeTqtLNjph4huDV5LNufX0fEGfHbBdVRLq2GRsy3 pCtA==
X-Gm-Message-State: APjAAAXIo/QUjchcXfkvrlIUCfiO+1ztVjAjoFDD+yYAk16v1T53j/+5 Jom6LuhaWEBkIV942LlWBwJFrMjgwvwhZimKmwp9mQ==
X-Google-Smtp-Source: APXvYqz+xKRJQirtP+z9Fw0chpNMMuIb+nZtC5PFoA5hmgED6C/2AS0RFTPinQ8Ztq18DHVmgqYqA2LlMJKvybO3oHI=
X-Received: by 2002:a9d:65da:: with SMTP id z26mr43491158oth.257.1563837211008; Mon, 22 Jul 2019 16:13:31 -0700 (PDT)
MIME-Version: 1.0
References: <20190722213727.GI34551@eidolon.nox.tf>
In-Reply-To: <20190722213727.GI34551@eidolon.nox.tf>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Tue, 23 Jul 2019 09:13:19 +1000
Message-ID: <CAO42Z2zn-V9HrKGDC_api7BE4Sy6jmcrfKR7nbnSrHA5NpxYjQ@mail.gmail.com>
To: David Lamparter <equinox@diac24.net>
Cc: v6ops list <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000072e26b058e4d39a8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/_XLE7S3x3DcE9gvQLFcXCS2Nhd4>
Subject: Re: [v6ops] privacy point re. unsolicited NA / router neighbor cache
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jul 2019 23:13:33 -0000

On Tue., 23 Jul. 2019, 07:37 David Lamparter, <equinox@diac24.net> wrote:

> Hi all,
>
>
> to clarify and document the point I made on the mic a few minutes ago:
>
> I'm generating a privacy address.  I do DAD for it, and I send it to,
> say, ff02::1:ffc6:3a4b.  On shitty networks, this will be a broadcast,
> so everyone knows the address I'm using and can associate the MAC.  But
> on non-shitty networks, it doesn't go anywhere because no one is
> interested in that particular group.
>
> I really don't want to suggest advertising privacy addrs to ff02::1.
> Yes, the privacy might already be broken due to nonexistent multicast
> filtering, but it's not broken by design.  Broadcasting it to ff02::1
> breaks it by design.
>
> ff02::2 has the problem Lorenzo mentioned with battery lifetimes.  It
> might be broken in practice, but would work in theory, if you had proper
> multicast filtering everywhere.  That might not even be the device's
> wifi chip firmware, it could also be in APs.  I feel some strong deja vu
> here from 802.11 multicast discussions.
>
> The third option is for the router to pick up all DAD groups.  It
> certainly won't report /ALL/ DAD groups in MLD, so this would break if
> you have MLD-snooping switches... unless you configure multicast routing
> properly with "all multicast on router ports".
>
> Is there another choice? How about ff02::16 (All MLDv2-capable routers)?
>

Why not have routers on the link learn of a node's link-local address via
source addresses of the node's RSes and MLDv2 joins, and then have the
routers query the node via unicast for all its other addresses.

There's already two ways the unicast query could be supported to collect
the node's other addresses, via ICMPv6 Node Information queries (RFC 4620)
, or Inverse ND (RFC 3122).

Regards,
Mark.



>
> -David
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>