IETF Logo Mail Archive

Re: [v6ops] new draft: draft-elkins-v6ops-multicast-virtual-nodes

Bill Cerveny <v6ops@wjcerveny.com> Sun, 21 September 2014 14:30 UTC

Return-Path: <v6ops@wjcerveny.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA16D1A010E for <v6ops@ietfa.amsl.com>; Sun, 21 Sep 2014 07:30:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 39ll2dQ5eNgV for <v6ops@ietfa.amsl.com>; Sun, 21 Sep 2014 07:30:31 -0700 (PDT)
Received: from new1-smtp.messagingengine.com (new1-smtp.messagingengine.com [66.111.4.221]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3C701A010A for <v6ops@ietf.org>; Sun, 21 Sep 2014 07:30:30 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by gateway2.nyi.internal (Postfix) with ESMTP id 926D11C24 for <v6ops@ietf.org>; Sun, 21 Sep 2014 10:30:28 -0400 (EDT)
Received: from frontend1 ([10.202.2.160]) by compute3.internal (MEProxy); Sun, 21 Sep 2014 10:30:28 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=content-type:mime-version:subject:from :in-reply-to:date:cc:message-id:references:to; s=smtpout; bh=6ZS pYNy+mp/QIt3m/wCT8rD6Y0k=; b=VcljNRd5xW2cqYhKkeo/3Au5CTU+szCkXYu sGCldnA+oyp8vipvsHTrs/oQJxu8n4hctq9S2MxMlvr0nvXJsJtX6wBN3X/Fn9v7 7TW775C56LQSV/hLjblyFRpYLkgjxZc/XF6n56du78x/TjerBqRM1rhSwdMf2JxF Bh79gybw=
X-Sasl-enc: jBFHj4A4KNdk3DHlQuDfHg6r0PYVb/omdme2hyKKjg+X 1411309827
Received: from [192.168.1.107] (unknown [96.35.101.179]) by mail.messagingengine.com (Postfix) with ESMTPA id F13E3C00910; Sun, 21 Sep 2014 10:30:26 -0400 (EDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_F5838D67-5ED1-45DB-903A-6F7012A65330"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Bill Cerveny <v6ops@wjcerveny.com>
In-Reply-To: <1411255504.4053.YahooMailNeo@web125102.mail.ne1.yahoo.com>
Date: Sun, 21 Sep 2014 10:29:39 -0400
Message-Id: <5C813403-8F3A-4A04-A746-359A60CEE6B3@wjcerveny.com>
References: <201409191147.s8JBl1Fe016458@irp-lnx1.cisco.com> <CAPi140O_WkcS9uFCSK0+tVDF3Z1sB4_UF5Zv9kpNEMh7m94Vww@mail.gmail.com> <1411154671.21942.YahooMailNeo@web125102.mail.ne1.yahoo.com> <CAPi140Ob+TeDyYfw_1A2Q55gEF5-rNrLynQ1LkGHOVnGcNcpLA@mail.gmail.com> <1411164118.44574.YahooMailNeo@web125106.mail.ne1.yahoo.com> <CAPi140M+RjEr_edAXZBuUv9dYTztQUHq5J6rTd6Ca0qHcuhrCA@mail.gmail.com> <1411170563.16646.YahooMailNeo@web125101.mail.ne1.yahoo.com> <CAPi140PC_rjguOVpyes74=by-Y504hcpsbWFxVfQ8GiudbR6sA@mail.gmail.com> <1411185266.51203.YahooMailNeo@web125102.mail.ne1.yahoo.com> <541D45DB.5010703@foobar.org> <1411222548.10128.YahooMailNeo@web125105.mail.ne1.yahoo.com> <541DB824.7080408@foobar.org> <1411255504.4053.YahooMailNeo@web125102.mail.ne1.yahoo.com>
To: Nalini Elkins <nalini.elkins@insidethestack.com>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/qS-H2X0N7duGGezHovZ_DZ3bzG4
Cc: "draft-elkins-v6ops-multicast-virtual-nodes@tools.ietf.org" <draft-elkins-v6ops-multicast-virtual-nodes@tools.ietf.org>, "v6ops@ietf.org" <v6ops@ietf.org>
Subject: Re: [v6ops] new draft: draft-elkins-v6ops-multicast-virtual-nodes
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Sep 2014 14:30:33 -0000

I personally think that the question "4.2 Should nodes respond to Ping to FF0x::1" in the recommendations section is an interesting one. Just as I would expect there is guidance (but don't know if there is) regarding responses to IPv4 broadcast ICMP echo requests, it seems it could be helpful to provide guidance to OS or OS firewall manufacturers regarding if or how nodes should respond to ICMPv6 echo requests via multicast addresses (if this guidance doesn't already exist).

Bill Cerveny

On Sep 20, 2014, at 7:25 PM, Nalini Elkins <nalini.elkins@insidethestack.com> wrote:

> 
> On 20/09/2014 15:15, Nalini Elkins wrote:
> > Situation:  node A is on a subnet with 25 other nodes (B-Z)
> >
> > 1.  Node A sends 10 ICMP ping requests to FF02::1
> > 2.  Nodes B through Z send Node A back ICMP 10 ping replies each
> >
> > Impact: with very little work by Node A, he has made B - Z do work &
> > created network congestion with 250+ packets.
> 
> >If the hosting provider has any sense, this will count towards node A's 
> >bandwidth allocation and if they persist in doing this, they will end up 
> >with a large bill as well as having trashed their connectivity.
> 
> >The lesson is that if you shoot yourself in the foot, it will hurt.  If 
> >your network design is such that shooting yourself in the foot causes other 
> >hosts to be shot in the foot, then your network design may have a problem.
> 
> >If you are a commercial hosting provider who provides third party shared 
> >tenancy networks which use this design, then you should expect problems of 
> >this sort.
> 
> >Most hosting providers know these things and there is no need for the IETF 
> >to remind them.
> 
> Really?
> 
> So then, are you saying that the hosting company example we gave was for a 
> particularly ignorant or incompetent firm?   That most hosting providers of IPv6
> services and most end user enterprises (because our draft is for them as well)
> are quite well aware of the potential drawbacks and implications of IPv6 link-local 
> and multicast traffic in the design of their subnets or broadcast domains.
> And, furthermore take such traffic and / or the need for isolation of nodes for
> security or regulatory purposes into account when doing their network design?
> 
> And, basically, the issues that we are trying to bring up are quite well known 
> to everyone.   You could be right (but I am betting against it!).    
> 
> Maybe my co-author, who works for a large end-user enterprise, and whose 
> organization is trying to implement IPv6, can chime in and let us know how 
> well known these issues are in his own organization and those he speaks to
> regularly.
> 
> Maybe other enterprise customers on the list can speak as well.  Would love
> to hear from them.  Having said that, probably if they are on this email list,
> they are probably orders of magnitude more sophisticated than most.
> 
> I can also take an informal poll.   I can call 2 -3 other hosting companies 
> to see what their IPv6 addressing structure is & let you all know.   I can also
> call 5 - 10 large enterprise companies in the US (Fortune 500 & large federal 
> agencies & the like) to tell you if they take such things into consideration.   
> 
> A few years ago, I compiled IPv6 addressing plans (subnet structure,
> naming conventions, etc) from 6 - 7 universities (commercial entities will
> generally not speak publicly about how they do things).   I can tell you there
> were no such considerations in their plans.  I can go back and ask them
> if they will allow me to distribute their plans publicly.
> 
> 
> 
> All this will take me a few days, so maybe we can pick up the discussion
> on Wed / Thurs of next week.
> 
> I believe that guidance on network design is needed for end-user sites -
> including hosting companies.   That was the reason for our draft.  If I am 
> wrong and no such guidance is needed, then I will be quiet and withdraw
> the draft.
> 
> Nalini
> 
> 
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email