On 06/ 1/10 04:23 AM, Pascal Thubert (pthubert) wrote:
So a host with EUI-64=X boots, and uses boot-time-random=Y. Registers
with
a lifetime of say three days.
Then the host is rebooted, comes back up and uses boot-time-random=Z.
Then it will fail to register its EUI-64-based, since it will be a
duplicate.
The issue is that the information used to identify the node (to tell
two nodes
apart) must be in stable storage.
That probably means that a spoofed/cloned host would duplicate that
information as well.
Hence adding more information doesn't seem to help.
>> [...]
>>
[Pascal] In the simplest instance I expected to use the rnd as a simple
correlator, though.
But if it helps to call it a key let's call it that way. We seem to have
problems with agreeing on names :)
I think you are missing or ignoring my point about stable storage. That
is the key point - not the name.
If DAD fails for a short address, then the host should try a different
short
address. Ditto if it is a RFC 4941 temporary address.
[Pascal] I was asking about the EUI-64 based address. A node registers,
and the router says no.
Please read 6lowpan-nd-09.
A 6LR doesn't say no for an EUI-64 based address because we assumes
EUI-64 are globally unique, hence no duplicates can exist by definition.
And as I outlined in an email earlier, I believe forgeries/spoofs/clones
are undetectable in 6lowpan networks.
Like I said, most probable cause are misconfig and silicon forgery.
The EUI-64 shouldn't be configurable; it should come from the factory.
Erik
_______________________________________________
6lowpan mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/6lowpan
