[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Neighbor Discovery and on-link determination

To: v6ops@ops.ietf.org
Subject: Neighbor Discovery and on-link determination
From: David Miles <davidm@thetiger.com>
Date: Mon, 23 Jun 2008 00:21:16 -0500 (CDT)
User-agent: Alpine 1.10 (LRH 962 2008-03-14)

I have seen an unusual scenario which I was wanting to run past people tocomment on:


I have routerA and routerB connected to each other via Ethernet.

RouterA has the following addresses on the interface to RouterB:
2000:100::2/64
3000:100::2/64
With a default route to 2000:100::1

RouterB has the following addresses on the interface to RouterA:
2000:100::1/64
With a route for 3000:100::/64 to 2000:100::2

Per RFC4861, RouterA is sending ND as follows (assume it wants tosrc traffic from 3000:100::2 to a off-link address):

   3000:1::2 -> FF02::1:FF00:1
   Type: Neighbor Solicitation (135)
   Code: No Code (0)
      Tgt Addr: 2000:100::1
      Option  : Src Link Layer Addr 00:00:00:00:00:01

As 7.2.2 says "if the source address of the packet prompting thesolicitation is the same as one of the addresses assigned to the outgoinginterface, that address SHOULD be placed in the IP Source Address of theoutgoing solicitation."

When RouterB will receive the ND as it is sent to the solicited-node MCaddress and will check the target address is valid (matches an addresssassigned to the receiving interface).RouterB should then create a Neighbour Cache entry and set its state toSTALE using the link-layer address in the ND. It should then send asolicited neighbor advertisement.

This means that the RouterB will have a single address 3000:1::2 in itsNeighbour Cache, but the route will direct traffic to 2000:200::2.Obviously the Neighbour Cache would now contain an entry for an addressthat does not (appear) to be on-link from a route-table perspective.

How should Neighbour Cache and route table interact on a routerB? I hadalways assumed route table replaces Prefix List on a router, but thatwould mean Neighbour Cache would always be consulted with the next-hop ofthe static route (following the sending algorithm in RFC 4861).


This seems to directly relate to the definition of on-link as being:
- an address covered by on of the link's prefixes, or
- an address in the target of a rediect, or
- an address in the target of a neigbour advertisement, or
- an address in the source of a neighbour discovery message

Should a router really consider an address on-link just because itreceived a ND - I can see many potential security concerns if that is thecase.


Any clarifications or experiance appreciated.

Regards,

-David Miles

Follow-Ups:
- Re: Neighbor Discovery and on-link determination
  - From: Erik Nordmark <erik.nordmark@sun.com>
- Re: Neighbor Discovery and on-link determination
  - From: Thomas Narten <narten@us.ibm.com>

Prev by Date: Re: Router Solicitations
Next by Date: Fwd: New Version Notification for draft-arifumi-6man-rfc3484-revise-00
Previous by thread: How to include APBP scenarios in the Coexistence Requirement I-D
Next by thread: Re: Neighbor Discovery and on-link determination
Index(es):
- Date
- Thread