Re: draft-wbeebee-nd-implementation-pitfalls-00 with urgent changessuggested to 2462bis-08

Fri, 29 Jun 2007 07:26:46 -0700
On Jun 28, 2007, at Jun 28, 2007,1:14 AM, JINMEI Tatuya / 神明達哉 wrote: 


At Wed, 27 Jun 2007 14:27:37 -0400,
Ralph Droms <[EMAIL PROTECTED]> wrote:


One bug that may or may not be common is to make assumptions about
the prefixes on a link based on addresses assigned to an interface.
I can imagine (and I believe we've actually made a real sighting of
this scenario) that an IPv6 implementor might extrapolate IPv4
conventions and extract the /64 prefix from an assigned address
(either SLAAC, DHCP or manual config), and add a route to the host
table indicating that the prefix is on-link, regardless of whether
the prefix is advertised as "on-link" in an RA.


[...]

If the system administrator manually configures an IPv6 address with a
prefix length smaller than 128, the kernel will assume that the
corresponding prefix is on-link.  But I believe this should be
reasonable.

                                        JINMEI, Tatuya
                                        Communication Platform Lab.
                                        Corporate R&D Center, Toshiba Corp.
                                        [EMAIL PROTECTED]



I see where draft-wbeebee-nd-implementation-pitfalls also mentions  
manual configuration as a special case:


   2.  The RA and ICMPv6 Redirects from the default router are the only
       sources of information for on-link determination.  DHCPv6 or any
       other configuration on the host MUST NOT be used for on-link

       determination.  Manual configuration of a host introduces its  
own

       set of security considerations and is beyond the scope of this
       document.


Is there some reason to believe the information about on-link  
prefixes should be implicitly overridden in the case of manual  
address assignment?  I can understand explicitly overriding  
information from RAs by manually configuring the on-link information  
as a separate step from manual address assignment.  But it seems to  
me that assuming the prefix from a manually configured address is on- 
link might cause unexpected loss of connectivity if the prefix does  
require off-link delivery through the router.


- Ralph


--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
























					Reply via email to