Radia Perlman | 16 Jul 18:52 2004
Picon

Re: VRRP version 3 and IPv6 Neighbor discoveryRouterAdvertisement

I don't really understand this issue, but I want to make sure that we 
have consensus, so
first I'd like to know if
people are happy with just leaving the spec the way it is, or whether 
there are people
that think changes are required, and if so, what changes.

Then, I'd like to ask a couple of naive questions about IPv6 ND.
I would have assumed that if there are multiple routers, and each is 
sending an ND router
advertisement, that endnodes would either choose one at random (so there 
would be
some load splitting going on) or endnodes might do something fancier 
like keep a cache
of all recently received advertisements and load split between them. My 
reading of
RFC 2461 seems to imply that endnodes are required to be able to store
at least two router addresses, and may store more. But John Cruz's original
message seemed to imply that this was not the case:

>>Since both R1 and R2 are masters, both will send out
>>ND router advertisements. All the hosts on the network
>>will choose one of the advertisements and therefore 
>>choose one of the routers to be their default router.
>>If this happens, then there is no load balancing. The
>>purpose of configuring 2 virtual routers is lost.

In another message on the thread it seemed to say that ND only
allows a router to send an ND for a single router address on a particular
interface. Is this true? I couldn't find
(Continue reading)

John.Cruz | 19 Jul 19:59 2004
Picon

RE: VRRP version 3 and IPv6 NeighbordiscoveryRouterAdvertisement

It is likely that hosts that receive multiple ND RA
advertisements will choose one of them as their default
gateway though they store possible candidates. Also, only
when the current gateway is identified as DOWN, hosts
choose an alternative. This is what is implied in the
VRRP for IPv6 draft (first two paragraphs in the
introduction) as well. Also, it is possible that all
hosts on a network could potentially choose the same
default router. This was my first concern.

My other concern is the implementation - coupling ND RAs
with VRRP - as specified in the current draft. ND runs
per link and the source IP address for the ND RAs is the
interface IP address. Typically, there exists configuration
information for an interface on which ND RAs are being
sent.

(a) When coupling ND RAs with VRRP, the RAs must be
sent out using the virtual link-local address (this is not
mentioned in the VRRP draft). If RAs are not sent with virtual
address, consider what would happen the current master for a
VR dies and this router becomes the master. It can't
send two RAs with the same link-local address. RFC 2461
Section 6.2.8 says that hosts identify senders using the 
source address. This will cause confusion.

(b) Each router may have different ND parameters. When
a router dies and another one becomes the master for the
virtual address of the router that died, it needs to know
about the ND parameters that the other router was using.
(Continue reading)

Don Provan | 19 Jul 22:08 2004
Picon

RE: VRRP version 3 and IPv6NeighbordiscoveryRouterAdvertisement

My response to John's first point remains the same:
VRRP allows but does not itself implement load sharing.
So the problem of all hosts choosing a single VR when
two different physical routers are available is out of
scope of VRRP: the problem remains regardless of whether
those two routers use VRRP.

On the other hand, although I'm not very familiar with
either ND or the VRRPv3 draft, I just did some quick
checks in the appropriate specs, and I think John has
some very good points about how well VRRP fits into
the IPv6 environment. In particular, IPv6 has some
very precise concepts about things like addresses and
node and interface identification that, in my opinion,
call for some very precise specifications in the VRRPv3
spec, yet I don't see where the required blanks are
being filled in. As John suggests, this problem seems
to become particularly acute in the area of ND. VRRP's
distinction between the physical router and the virtual
router does not seem to map too well into ND's addressing
model. From my quick check of the VRRPv3 spec, I wouldn't
be sure when an ND packet should reflect the VR's identity.

The people that should be chiming in here are the people
that have actually implemented v3. Perhaps their
experience in working through these issues can
provide the insight necessary to clarify the situation.
But now that I see what John's talking about, I'm a
little worried that John may actually be the first person
walking this road.
(Continue reading)

Mukesh.Gupta | 20 Jul 02:25 2004
Picon

RE: VRRP version 3 and IPv6NeighbordiscoveryRouterAdvertisement

> The people that should be chiming in here are the people
> that have actually implemented v3. Perhaps their
> experience in working through these issues can
> provide the insight necessary to clarify the situation.
> But now that I see what John's talking about, I'm a
> little worried that John may actually be the first person
> walking this road.

Someone was implementing VRRPv3 on Kame stack but I am 
not sure if they finished it or not.  If they did, it
would be nice to hear from them.

Except that John is pretty much the first implementor.

Regards
Mukesh

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp

Yasuhiro Ohara | 20 Jul 22:14 2004
Picon

Re: VRRP version 3 and IPv6NeighbordiscoveryRouterAdvertisement


Hi, I and my yonger colleague are the someone implemented VRRPv3
on Kame and Zebra.

The issues John pointing out seems reasonable to me. We did some
information handing between vrrpd and zebra (which sends ND RA).
We made the feature of enabling/disabling the interaction with ND RA,
and if enabled, let vrrpd hand IPv6 address (which is VIP) to zebra
so that the zebra daemon can use the address as source IPv6 address
of the ND RA.

Our interpretation of VRRPv3 draft (it was -4 or -5 at that time)
is like that of Don does, where we thought it is assumed that
ND RA must not be used when load-balancing is desired.
ND RA is too simple to use in load-balancing, because it does not
have the assumption that VRRP does, i.e. the hosts on the LAN segment
can be grouped. We imagined that when load-balancing is desired,
some sort of last hop routing system which can identify the individual
user-host and can treat each separately is necessary. We imagined
it's DHCPv6. The load-balancing feature was not implemented in our
implementation, because it seems to involve a lot of tasks.

My comment on this thread is that it is good to add some text for
load-balancing, as it seems to involve other features to be implemented
when one wants to implement load-balancing on VRRPv3.
The same goes for ND RA, e.g. we have to implement zebra-vrrpd interaction
to make the implementation really useful.

Below is just FYI, you can skip. It explains the status of our code.

(Continue reading)

Jun-ichiro itojun Hagino | 21 Jul 02:49 2004

Re: VRRP version 3 and IPv6NeighbordiscoveryRouterAdvertisement

> I remember I said "I will study about IPR" when Mukesh kindly told me
> the IPR status. I haven't yet, this laziness of mine does not have
> any particular reason, and I'm sorry ;p). If someone do something about
> the IPR issue, I can convince Kame project to include vrrp interface
> in their implementation, and try to include the VRRPv3 code in Zebra.
> I'm familier with both Kame and Zebra project.

	http://www.ietf.org/ietf/IPR/cisco-ipr-draft-ietf-vrrp-ipv6-spec.txt

itojun

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp

Mukesh.Gupta | 25 Jul 02:23 2004
Picon

VRRP WG Meeting Agenda

Virtual Router Redundancy Protocol WG (vrrp)

Tuesday, August 3, 2004 at 1415-1515 (Afternoon Sessions II)
======================================================

CHAIRS: Mukesh Gupta <Mukesh.Gupta <at> nokia.com>
        Radia Perlman <radia.perlman <at> sun.com>

AGENDA:
Agenda Bashing		Chairs		5 mins

Current Drafts' status	Chairs		5 minutes

VRRPv3 and IPv6 ND RA   Bob Hinden        15 minutes
http://www1.ietf.org/mail-archive/web/vrrp/current/index.html

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp

John.Cruz | 30 Jul 02:43 2004
Picon

VRRP for IPv6 and ND RA

Some questions on VRRP and ND RA.

The current VRRP draft allows one to have more than
one virtual address in a Virtual Router. The draft
also specifies that the first virtual address in a
VRRP for IPv6 packet must be a link-local address.

Can we have more than one link local virtual address
in a virtual router? Does it make sense to have more
than one link-local address on an interface?

If the answer is YES, then which address should be used to
send out ND RAs? Or should we send a ND RA for each link
local virtual address?

John

_______________________________________________
vrrp mailing list
vrrp <at> ietf.org
https://www1.ietf.org/mailman/listinfo/vrrp


Gmane