Hello Mark: > > A sense of lifetime; how long should the router/L3AP expect that the > address will be used; at time out, the router can clean up the state. > > Already being performed by NUD right now. > > NUD avoids the possibility of the router's view of when an address expires > getting out of sync with when the address does or has expired on a host.
NUD is still important in RFC 6775/8505. The lifetime of a registration has additional value. It is a negotiated contract that the router will maintain and possibly defend / re-advertise the state during that period. It can be very short for short-lived address (e.g., one wake time of your tablet) and very long for an exit sign. NUD defaults show limits there. > > > A sense of order; if a wireless node moves rapidly from a L3AP to the > > next, or a VM moves rapidly from a server to the next, which is the > > most recent point of attachment > > What sort of device is a "L3AP"? In RFC 8200 we don't have that sort of device > defined, we just have links, hosts, routers and nodes (IPv6 host or router). Like a L3-switch but wireless. An AP is a bridge that is proactively programmed on the wireless side with the association process, as opposed to a learning (transparent) bridge that requires the broadcast. RFC 6775 / 8505 is the same thing at L3. If you add L3 features like an SVI to the AP, and L3 functions in there like RFC8505, routing, and/or ND proxy, then you have an L3-AP. > I'm guessing it is a combined layer 2/layer 3 device with tight integration > between layer 2 and layer 3 processing? If it is, we wouldn't want to create a > requirement that all layer 2 devices are also layer 3 routers for all IPv6 > networks. There should be one such thing on the path, we usually place it at the edge, device facing, aka Border Nodes. There are roles to be played at ingress, like the registration, ND snooping, and overlay encapsulation. Others at egress like multicast suppression. > > > A sense of ownership; if the router maintains a state about the > > address for a requested lifetime, then a proof of ownership can be > > attached, so only the owner of the address can modify the state (SAVI) > > I think that can be achieved using using the state that NUD maintains and is > already occurring. For example, an unsolicited NA can be sent to update > remote devices' neighbor cache entry for the address with a new link-layer > address, however the update only occurs if the remove device already has an > existing neighbor cache entry for the address. > True, and we do that already. But a solid and local proof that it is the same guy is better, e.g. in fast mobility to avoid slowing down the roaming, or if the target is unreachable for a second, sleeping, rebooting, whatever, in which case the address is easy to steal. The companion draft for RFC 8505 is https://tools.ietf.org/html/draft-ietf-6lo-ap-nd. > > A sense of service; what should the router do with that address? Examples > that come to mind are inject in a routing protocol, play sleeping proxy or ND > proxy. > > > > These requirements seem to be more specific to 6lo environments, rather > than a more general and common cases. For example, hosts' > addresses aren't injected into a routing protocol in most networks. Another example is the data center underlay, see https://tools.ietf.org/html/draft-ietf-rift-rift-06#section-5.3.3. Also 802.11OCB, see https://datatracker.ietf.org/doc/draft-thubert-6man-ipv6-over-wireless/. As soon as your link is multiaccess yet non-transitive, or your subnet is multilink, you should consider L3 routing. Alt you let the L2 do it for you like in Switched Ethernet and Wi-Fi infrastructure mode, but then it comes at a cost that you may be willing to avoid, e.g., L3 broadcasts. The /64 per host is a valid approach to get there, but it throws ND with the water of the bath and seems wasteful at scale, e.g. , for IOT devices and VMs. I'm advocating for a modernization of ND that is not antagonistic to that but complementary with the /64 per host towards a same goal of more L3 / proactive, less broadcasts / reactive. > However, once a router has knowledge of the existence of an address, then I > think what the router uses that address knowledge for, in addition to > forwarding, is out of scope for an address discovery or registration protocol. > Agreed, the registration is abstract to the router operation. The point is that the router operation can be vastly improved by simple things like a sequence number or a lifetime. All the best, Pascal _______________________________________________ 6lo mailing list [email protected] https://www.ietf.org/mailman/listinfo/6lo
