Issue 3:
> ISSUE 3. 3697bis RECOMMENDS pseudo-random flow label values. The goal is be
> able to
> use just the 3-tuple {dest addr, source addr, label} as input to load
> distribution hashes. There have been a couple of objections to this:
> - This property is not required for effective hashes for load distribution;
> - Not all load distribution methods are statistical, so there may be some
> need for
> deterministic flow label values.
> On the other hand, the arguments for formally recommending pseudo-random
> labels are
> that
> - pseudo-randomness has security value (draft-gont-6man-flowlabel-security);
> - pseudo-randomness does have value as input to hashes;
> - a MAY would not have much impact on implementers, so nothing would change.
>
> QUESTION: do we change the recommendation to set pseudo-random flow label
> values?
>
Change the recommendation to set pseudo-random flow label values, but also add
that all possible re-setting of the value (e.g. on domain exit) be consistent
(i.e. a mapping). This mapping can provide the desired randomization of the
used label values. Also, this concept can naturally be extended to the case of
zero label. In this case the mapping needs to be consistent for the input
packet's 5-tuple.
I provided a text proposal to this effect on the mail about issue 1 & 2.
Jarno
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
