From owner-freebsd-hackers@freebsd.org Thu Apr 29 10:36:55 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2457F6228AF for ; Thu, 29 Apr 2021 10:36:55 +0000 (UTC) (envelope-from zlei.huang@gmail.com) Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FWBkt1N9jz4YLw for ; Thu, 29 Apr 2021 10:36:54 +0000 (UTC) (envelope-from zlei.huang@gmail.com) Received: by mail-pf1-x430.google.com with SMTP id i190so6201986pfc.12 for ; Thu, 29 Apr 2021 03:36:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=rsi2wI8abJdIH1oZRfLjpK9ZzU5K6KDwlFNgJwvdo4Y=; b=hzxt3tnUfSKa9fHsv8aoho3aomQTwpZuNPEf+fpl46oihNkstjSKgTbwDfJh+52ixg 9qd67rffS1H0kss9XLm2f4QF3N5xzTYBKdNcePFGWqN46hIM7PciZ4Og5gvar/IAbzXM 83n0SEK/A5g+C1VWJtz/okz3VFzHadJNsxBLm9uKtxSNHI/IlMFUpHcYIXTSATCBvSNW w+lkahl9jVM24BOY7OdINtVCpgajPzKoDsu8G3v+/QmX5L5t7eQYvEo16DG3yZbEXeh7 9De4lIaOnbA0YhgiwuS8eBeSQhW4jejJ+XKLllmn0otoq0hDM+y0CxYtXUKXtK/pmMXz OtSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=rsi2wI8abJdIH1oZRfLjpK9ZzU5K6KDwlFNgJwvdo4Y=; b=YT8/dKKPEqbrWxbXj+v9RTuu+aNFcbK7tbN3BDCvjZtBxF+2dgvIt03h5c31d9oTM5 jUHdjRa78kMesjFkR/ssHfBU7w9JarLruw2xsPZJgLyS2ILvq3Y1WdykdGjxJQ758Fgp NDamjA/ULq3v+rml/ASj1pj3A2QCCy+dcNOZ4CTShhCqWf27ncDChu503CjVMFAOvGjI QCsTNO3PWR8DFPKm0lx/BijvtB56ClCsXWcl8VXM8uDrCjwI/VCYN6uU5iQMMzwjbHAm AgByDc7rZ9g8EX12ae9526q2W/x6iWmzU11NoqvjQJFZDVDIPvADjuaF/NOqDLTL7HFD zm/A== X-Gm-Message-State: AOAM5320JtF+fAOi6C9QFIuV5UEW6ZGqUMOcrgEITLDBuOrTZGa4pM0n MTwqXkl2RDtIFQniGGdGJOs= X-Google-Smtp-Source: ABdhPJxwWNbpKU+bECG9q9wbih+CayoPYLHauD3IBdcIfxfdbJNOJsU7FCPZVY+6jOL45AIaJMiXvw== X-Received: by 2002:a05:6a00:2389:b029:261:abe:184 with SMTP id f9-20020a056a002389b02902610abe0184mr33270979pfc.52.1619692612122; Thu, 29 Apr 2021 03:36:52 -0700 (PDT) Received: from [192.168.10.252] ([112.66.191.211]) by smtp.gmail.com with ESMTPSA id q10sm7451476pjf.1.2021.04.29.03.36.49 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 29 Apr 2021 03:36:51 -0700 (PDT) From: Zhenlei Huang Message-Id: Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Subject: Re: Are there any RFCs for address selection for IPv4 Date: Thu, 29 Apr 2021 18:36:44 +0800 In-Reply-To: Cc: freebsd-hackers@freebsd.org To: Zhenlei Huang References: X-Mailer: Apple Mail (2.3608.120.23.2.4) X-Rspamd-Queue-Id: 4FWBkt1N9jz4YLw X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=hzxt3tnU; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of zleihuang@gmail.com designates 2607:f8b0:4864:20::430 as permitted sender) smtp.mailfrom=zleihuang@gmail.com X-Spamd-Result: default: False [-3.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::430:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RECEIVED_SPAMHAUS_PBL(0.00)[112.66.191.211:received]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::430:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::430:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Apr 2021 10:36:55 -0000 > On Apr 25, 2021, at 6:20 PM, Zhenlei Huang = wrote: >=20 > Hello hackers, >=20 > For IPv6 there's RFC 6724 to clarify the default address selection = procedure,=20 > both for source address selection and destination address selection. = Are there > any RFCs like RFC 6724 that are for IPv4?=20 >=20 > I'm exploring RFC 3927, consider this situation, a host configured = with link-local > address on NIC and global unicast alias address on loopback interface, = and default route to=20 > the link-local address of router (some ISPs do this). The current = implementation kernel > will use the link-local address as the source address when = initializing a connection to=20 > remote host via the default route. It seems wrong, as link-local = address are not=20 > routable as per RFC 3927. >=20 > So it is important if there's corresponding RFC clarify the source = address selection=20 > for IPv4. >=20 > Thanks :) After googling and hunting I found a fairly old RFC 1122. The section = 3.3.4.3 `Choosing a=20 Source Address` looks what I'm looking for. I did not find any further RFCs that update the section 3.3.4.3 of RFC = 1122. So I think it still applies to hosts / routers with link-local addresses. Then the source address selection falls into these three situation: 1. Multi-homed host with strong ES model. 2. Multi-homed host with weak ES model. 3. Router Suppose the host / router has one interface configured with LL address, = and routable addresses configured on other interfaces, to respect RFC 3927 section = 2.7, then for situation 2 and 3, a routable address should be selected if the = next-hop interface is unnumbered, ie. the interface is configured with only LL addresses. For situation 1, since it is strong ES model, and the interface is = unnumbered, no routable address is available, and the kernel should return a error EADDRNOTAVAIL = . I would like to borrow some rules from RFC 6724, for two addresses SA = and SB from the candidate set , a given destination address D Rule 1. Prefer same address. If SA =3D D, then prefer SA. Similarly, if SB =3D D, then prefer SB. Rule 2. Prefer appropriate scope. If Scope(SA) < Scope(SB): If Scope(SA) < Scope(D), then prefer SB and otherwise prefer SA. Similarly, if Scope(SB) < Scope(SA): If Scope(SB) < Scope(D), then prefer SA and otherwise prefer SB. Rule 3. Prefer outgoing interface. If SA is assigned to the interface that will be used to send to D and SB is assigned to a different interface, then prefer SA. Similarly, if SB is assigned to the interface that will be used to send to D and SA is assigned to a different interface, then prefer SB. Rule 4. Prefer directly connected. If DirectlyConnected(SA, D) and not DirectlyConnected(SB, D) then = prefer SA. If DirectlyConnected(SB, D) and not DirectlyConnected(SA, D) then = prefer SB. For situation 1, the order of rules should be 1, 3, 2, 4. And that might = result in un-routable packets with LL source address sent to next-hop. For situation 2 and 3, the order is 1, 2, 3, 4.=20 Feedbacks are welcome. Thanks, Zhenlei Huang