Current Issues with DNS Configuration Options for SLAAC

Slides:



Advertisements
Similar presentations
73rd IETF meeting, November 16-21, 2008
Advertisements

Benoit Lourdelet Wojciech Dec Behcet Sarikaya Glen Zorn July 2009 IPv6 RADIUS attributes for IPv6 access networks IETF-75
Design Guidelines for IPv6 Networks draft-matthews-v6ops-design-guidelines-01 Philip Matthews Alcatel-Lucent.
Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,
Deployment Considerations for Dual-stack Lite IETF 80 Prague Yiu Lee, Roberta Magione, Carl Williams, Christian Jacquenet Mohamed Boucadair.
Security Assessment of the Internet Protocol version 4 (IPv4) draft-ietf-opsec-ip-security Fernando Gont project carried out on behalf of UK CPNI 76th.
Progress Report: Metering NSLP (M-NSLP) 66th IETF meeting, NSIS WG.
Mitigating Teredo Routing Loop Attacks (draft-gont-6man-teredo-loops-00 ) Fernando Gont on behalf of UK CPNI IETF 79 November 7-12, Beijing, China.
1 Behcet Sarikaya Frank Xia July 2010 Flexible DHCPv6 Prefix Delegation in Mobile Networks IETF 78
Port randomization (draft-ietf-tsvwg-port-randomization) Michael Larsen & Fernando Gont 73rd IETF Meeting, November 16-21, 2008 Minneapolis, MN, USA.
DHCPv6/SLAAC Interaction Gaps ( draft-liu-6renum-dhcpv6-slaac-switching-01) [Note: the title is different with the original one in the draft] draft-liu-6renum-dhcpv6-slaac-switching-01.
IPv6 RADIUS attributes for IPv6 access networks draft-lourdelet-radext-ipv6-access-01 Glen Zorn, Benoit Lourdelet Wojciech Dec, Behcet Sarikaya Radext/dhc.
ICMP attacks against TCP draft-ietf-tcpm-icmp-attacks-01.txt Fernando Gont (UTN/FRH) 67 th IETF Meeting, San Diego, California, USA November 5-10, 2006.
Draft-ietf-v6ops-scanning-implications-00 IPv6 Implications for Network Scanning Tim Chown University of Southampton (UK) IETF 66,
Prefix Delegation Protocol Selection T.J. Kniveton MEXT Working Group IETF 70 - December ’07 - Vancouver.
1 Behcet Sarikaya Frank Xia Ted Lemon July 2011 DHCPv6 Prefix Delegation as IPv6 Migration Tool in Mobile Networks IETF 81
Draft-chown-v6ops-port-scanning-implications-02 IPv6 Implications for TCP/UDP Port Scanning Tim Chown IETF 65, March 23rd 2006 Dallas,
DHCPv6/SLAAC Address Configuration Interaction Problems and Operational Guidance Bing Liu, Ronald Bonica (Speaker) Sheng Jiang, Xiangyang Gong, Wendong.
Deterministic Fast Router Advertisement Configuration Update draft-daley-dna-det-fastra-01.txt Presenter: Greg Daley.
Managing the Use of Privacy Extensions for SLAAC in IPv6 (draft-gont-6man-managing-privacy- extensions-01.txt) Fernando Gont (UTN/FRH) Ron Broersma (DREN)
Guidance for Running Multiple IPv6 Prefixes (draft-liu-v6ops-running-multiple-prefixes-02) Bing Liu, Sheng Jiang (Speaker), Yang Bo IETF91
IPv6 Site-Local Discussion Bob Hinden & Margaret Wasserman IETF 56 San Francisco March 2003.
1 Requirements for Internet Routers (Gateways) and Hosts Relates to Lab 3. (Supplement) Covers the compliance requirements of Internet routers and hosts.
RTCWEB STUN Usage for Consent Freshness and Session Liveness draft-muthu-behave-consent-freshness-01 Authors: D. Wing, Muthu A M. Perumal, R. Ram Mohan,
IPv4 over IEEE IP CS draft-ietf-16ng-ipv4-over-802-dot-16-ipcs-03 Samita Chakrabarti IP Infusion Syam Madanapalli Ordyn Technologies Daniel Park.
Slide title In CAPITALS 50 pt Slide subtitle 32 pt Simple DNA draft-ietf-dna-simple-03 Suresh Krishnan Greg Daley.
BSR Spec Status BSR Spec authors 03/06. Status ID refreshed (now rev-07) Resolved remaining issues we had on our list Updated to reflect WG
Extension of the MLD proxy functionality to support multiple upstream interfaces 1 Luis M. Contreras Telefónica I+D Carlos J. Bernardos Universidad Carlos.
CHAPTER 6: STATIC ROUTING Static Routing 2 nd semester
IETF 80: NETEXT Working Group – Logical Interface Support for IP Hosts 1 Logical Interface Support for IP Hosts Telemaco Melia, Sri Gundavelli, Carlos.
IPv6 over ’s IPv6 Convergence Sublayer IPv6 over ’s IPv6 Convergence Sublayer draft-madanapalli-ipv6-over ipv6cs-00 Syam Madanapalli.
CCNA 2 Router and Routing Basics Module 8 TCP/IP Suite Error and Control Messages.
1 IGP Data Plane Convergence draft-ietf-bmwg-igp-dataplane-conv-meth-21 draft-ietf-bmwg-igp-dataplane-conv-term-21 BMWG, IETF-78 Maastricht, July 2010.
DHCP Options for Configuring Multicast Addresses in VXLAN draft-sarikaya-dhc-vxlan-multicast-02 Behcet Sarikaya Frank Xia November 2013 nvo3 WG IETF-88.
Security Implications of Predictable Fragment Identification Values
Host Scanning in IPv6 Networks (draft-gont-opsec-ipv6-host-scanning) IETF 84 Vancouver, Canada. July 29-August 3, 2012.
EAP Applicability IETF-86 Joe Salowey. Open Issues Open Issues with Retransmission and re- authentication Remove text about lack of differentiation in.
A Fragmentation Strategy for Generic Routing Encapsulation (GRE)
Host Configuration: BOOTP and DHCP
Chapter 05 Exam Review CCNA Discovery 01 – Computer and Network Fundamentals Presented by: Phillip Place Cisco Academy Instructor Lake Michigan College.
Security Implications of IPv6 on IPv4 Networks
UDP Encapsulation for IP Tunneling
draft-nitish-vrrp-bfd-02
draft-patel-raszuk-bgp-vector-routing-01
Booting up on the Home Link
Unified IPv4-in-IPv6 Softwire CPE: Focus on DHCP IETF 87-Berlin, July 2013 M. Boucadair & I. Farrer.
Syam Madanapalli Basavaraj Patil Erik Nordmark JinHyeock Choi
IPv6 Flow Label Specification
IETF 55 IPv6 Working Group IPv6 Node Requirements
Requirements for Ad Hoc IP Address Autoconfiguration
Lionel Morand DHCP options for PAA Lionel Morand
Teemu Savolainen (Nokia) MIF WG IETF#75 28-July-2009
Ch.8 Dynamic IPv6 Address Allocation
Chapter 10: DHCP Routing & Switching Chapter 10: DHCP
DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers
Router Advertisement Link Identifiers (LinkID)
ND-Shield: Protecting against Neighbor Discovery Attacks
Fragmentation issues in IPv4/IPv6 translation
Distributed Mobility Management (DMM) WG DMM Work Item: Forwarding Path & Signaling Management (FPSM) draft-ietf-dmm-fpc-cpdp-01.txt IETF93, Prague.
November 7-12, Beijing,China.
Chapter 10 IGMP Prof. Choong Seon HONG.
draft-pim-with-ipv4-prefix-over-ipv6-nh
Technical Issues with draft-ietf-mpls-bfd-directed
PIM Backup DR Mankamana Mishra IETF-102
Static Routing 2nd semester
PIM Assert Message Packing
Dayong GUO Sheng JIANG (Speaker) Remi Despres
Sheng Jiang(Speaker) Bing Liu
draft-ietf-pim-ipv4-prefix-over-ipv6-nh
Presentation transcript:

Current Issues with DNS Configuration Options for SLAAC (draft-gont-6man-slaac-dns-config-issues) Fernando Gont Pavel Simerda SI6 Networks RedHat IETF 84 Vancouver, Canada. July 29-August 3, 2012

Background Two ND options convey DNS-related info: RDNSS: Recursive DNS servers DNSSL: DNS Search List These options include a “lifetime” value: It is the amount of time during which the info is valid It is selected as a function of “MaxRtrAdvInterval”: MaxRtrAdvInterval <= Lifetime <= 2*MaxRtrAdvInterval

Problem statement The RDNSS/DNSSL “Lifetime” has been found to be too short Packet loss causes DNS info to be discarded Problem exacerbated in some implementations DNS failures considered a “hard error”, affecting both IPv6 and IPv4 connectivity

Potentian config oscillation problem RFC 6106 mandates that newly received info should replace existing info If more than one router sends RDNSS/DNSSL options, network config would oscillate This does not happen with any other info learned with SLAAC

draft-gont-6man-slaac-dns-config-issues Discusses the problem Describes some alternative workarounds: Change the semantics of the Lifetime field Change the default Lifetime value Use RSes for active probing Sanitize the received Lifetime value We expect 6man to converge to one of them

Change the semantics of “Lifetime” “Lifetime: amount of time during which the corresponding info is expected to be stable” If the lifetime expires: The corresponding info should not be discarded Newly received data should replace expired info Pros: Addresses all potential problems Receiving-side fix! Cons: ?

Change the default “Lifetime” value Change the default “Lifetime” to 5*MaxRtrAdvInterval Pros: ? Cons: Sending-side workaround May still fail with networks with huge multicast packet loss Does not address the config oscillation problem

Sanitize the received “Lifetime” values Enforce a lower limit on the Lifetime value Pros: Receiving-side fix Cons: No hints for a proper limit Does not address the config oscillation problem

Use RSes for active probing Send RSes when Lifetime-expiration is imminent Pros: Receiving-side fix Cons: Leads to increased traffic Does not address the config oscillation problem No other SLAAC info requires this “probing”

Moving forward Comments? Adopt this document as a 6man wg item?

Feedback? Fernando Gont fgont@si6networks.com

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.