Fair point about the possible problems - thanks for the explanation. I
understand what you mean there now.
Unfortunately since there are several independent dynamic and
pseudo-dynamic allocation mechanisms in play, you are only going to get
absolute guarantees if you partition the group id space further.
(RFC2809 has some words on this). Just making the name lookup addresses
somewhere in the dynamic area still risks collisions. If you want to go
down this path I think one solution would be to overload the group space
which is already used for ND OxFFxxxxxx. ND and name lookups would not
find occasional clashes a big problem as the Layer 3 addresses differ
and the packet rates are low. Name lookups could just use the top 24
bits instead of the top 32 bits of the MD5 hash, and collisions would
start to be likely with a few hundred nodes on a link. Applications
that have a problem can try to avoid this part of the space.
The alternative is to turn the problem around and tell applications that
are worried to test if anybody else is using the group (check with the
MLD queries or send a name lookup NOOP?) and get a different address if
there is a collision. The problem is what happens when new nodes arrive
- so maybe not?
Regards,
Elwyn
Pashby, Ronald W CTR NSWCDD-B35 wrote:
I disagree that layer2 collisions are unavoidable. If you follow RFC3307 then
collisions between dynamically assigned and permanent assigned addresses are
totally avoidable (like they are intended). The issue here is that this draft
does not follow the intent of 3307.
As far as benign goes, everyone considers the effect of sending "Name Queries" and
because of a collision a host that joined "another" group gets those queries. But the
opposite case is the major one. Take for instance that a multicast group is being used to send
large amounts of packets per second. Another host is running a real-time mission critical
application that it not designed to receive a large number of packets per second. The second host
just happens to join the same (layer 2) group because of the MD5 hash on its name. Then the host
will be flooded with multicast traffic and may cause it to fail to perform its real-time task.
The solution is to insure that certain ranges of address can be used to
guarantee that collision will not happen.
-----Original Message-----
From: Elwyn Davies [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 20, 2005 11:29
To: [EMAIL PROTECTED]
Cc: Elwyn Davies; [email protected]; Pashby, Ronald W CTR NSWCDD-B35
Subject: Re: Comments on draft-ietf-ipngwg-icmp-name-lookups-12.txt
JINMEI Tatuya / 神明達哉 wrote:
On Wed, 20 Jul 2005 11:43:45 +0100,
Elwyn Davies <[EMAIL PROTECTED]> said:
As I said in my previous posting, I don't think you ought to think
of either solicited node multicast groups or these groups as
dynamically allocated. The groups exist statically whether any
nodes are using them or not. The dynamically allocated ones are
(IMO) those that an application needs to create with some guarantee
of uniqueness in order to send on. No dynamic allocation is needed
for the name lookup addresses.
Whether it's really a 'dynamically allocated' address or not is just a
matter of definition. I won't surprise if different people have
different views on this. I just represented my own interpretation of
the sense of RFC3307. Of course, I could be wrong, in which case the
author of the RFC will hopefully correct me.
Indeed RFC3307 has to some extent been overtaken by events and the exact
meaning is now unclear. As you say it doesn't really matter for the
purposes of this discussion.
In any case, I don't think the definition of 'dynamic' is a real
issue. The issue is whether it makes sense to try avoiding layer-2
and layer-3 collisions for the multicast groups regarding the
icmp-name-lookup protocol.
In my understanding, a very rough summary of your argument against
this point is "the probability of collisions should be very rare due
to the use of MD5 hashing, so don't bother" (correct?). I see the
point, and I can live with that.
In my undersatnding, however, the trend of the IETF is to not rely on
that type of arguments and is to try avoiding possible collisions more
and more explicitly. In fact, we rejected the idea of "duplicate
interface-ID detection' instead of 'duplicate address detection',
based on the argument of "the probability of collisions should be rare
since the IDs should be highly unique, so why not optimize?". Also,
RFC3307 seems to try avoiding collisions even though it recommends the
use of good random group IDs (according to the second paragraph of
Section 4.3.2). So, it seems more consistent to me to avoid
collisions in this case despite the use of reasonably distributed IDs.
The real point I was trying to get across is that Layer 2 multicast
address collisions are essentially unavoidable, but that they are, at
least in the name lookup case, benign, especially as far as performance
is concerned. So I wouldn't change the algorithm.
I agreed with the DAD decision, and making sure the layer 3 addresses
are unique for a given purpose is clearly the right answer, because a
collision could have disastrous effects unless nodes/applications are
expecting it.
The name lookup and ND solicited node Layer 3 addresses are taken from
different spaces from any of the RFC3307 addresses so there can never be
a collision between these different types of addresses at Layer 3.
The name lookup (and ND) solution reduces the probability of multiple
nodes using the same Layer 3 and Layer 2 addresses for this purpose but
ensure that a collision doesn't matter, although there will be a small
amount of wasted effort on nodes with Layer 3 collisions.
As far as I can see, there is bound to be a small residual probability
of a Layer 2 multicast address collision on account of there being many
less Layer 2 multicast addresses than Layer 3 multicast addresses. In
the vast majority of cases this will not matter because nodes will
receive and process just the packets they would have received anyway.
There will be a small number of (relatively) pathological cases where a
packet goes to a number of listeners that aren't interested. However,
especially in the case of name lookup, the number of packets involved at
any one node is likely to be very small.
Regards,
Elwyn
It's not a strong opinion though. If a majority prefers keeping the
current range, I won't fight against that.
JINMEI, Tatuya
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.
[EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
