From owner-freebsd-net@FreeBSD.ORG Fri Aug 25 19:26:48 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0D14D16A4DA for ; Fri, 25 Aug 2006 19:26:48 +0000 (UTC) (envelope-from patl+freebsd@volant.org) Received: from smtp.volant.org (gate.volant.org [207.111.218.246]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1A42F43D6D for ; Fri, 25 Aug 2006 19:26:17 +0000 (GMT) (envelope-from patl+freebsd@volant.org) Received: from adsl-065-081-071-131.sip.gnv.bellsouth.net ([65.81.71.131] helo=[192.168.1.167]) by smtp.volant.org with asmtp (TLSv1:AES256-SHA:256) (Exim 4.34 (FreeBSD)) id 1GGhMn-000CvP-Qh; Fri, 25 Aug 2006 12:29:34 -0700 Date: Fri, 25 Aug 2006 15:24:55 -0400 From: Pat Lashley To: Chuck Swiger Message-ID: <17A034A7E9A76AA9FD37FC11@garrett.local> In-Reply-To: <5D1A78C8-674C-428D-83B6-3CD2F654A69B@mac.com> References: <20060823221835.GA28978@lor.one-eyed-alien.net> <23D2619F6BACE4E728178EE5@garrett.local> <44ED3BD1.3030206@shapeshifter.se> <44EDA9A5.2050108@shapeshifter.se> <44EDBDD0.4050000@shapeshifter.se> <7CC9AC69410B69EBD31122E4@garrett.local> <44EDDB8C.9090504@shapeshifter.se> <0EC404BA0CA363942D250766@garrett.local> <20060824182640.GA37561@lor.one-eyed-alien.net> <22D92E8D-DE18-4883-8E77-5567AF63DFE0@mac.com> <961EF4A5A611779A598DE704@garrett.local> <5D1A78C8-674C-428D-83B6-3CD2F654A69B@mac.com> X-Mailer: Mulberry/4.0.0 (Mac OS X) MIME-Version: 1.0 X-Scan-Signature: 9147617073217ecfb3d211acd5b6c66e5c05ce85 X-Spam-User: nobody X-Spam-Score: -4.3 (----) X-Spam-Score-Int: -42 X-Spam-Report: This mail has matched the spam-filter tests listed below. See http://spamassassin.org/tag/ for details about the specific tests reported. In general, the higher the number of total points, the more likely that it actually is spam. (The 'required' number of points listed below is the arbitrary number above which the message is normally considered spam.) Content analysis details: (-4.3 points total, 5.0 required) 0.1 HTML_MESSAGE BODY: HTML included in message 0.1 HTML_FONTCOLOR_RED BODY: HTML font color is red -4.9 BAYES_00 BODY: Bayesian spam probability is 0 to 1% [score: 0.0000] 0.4 AWL AWL: Auto-whitelist adjustment Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org Subject: Re: Zeroconfig and Multicast DNS X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Aug 2006 19:26:48 -0000 > I believe Apple creates /32 host-specific routes for Zeroconf traffic on the > other interfaces, if seen. That may actually just be the normal ARP-handling > code in operation rather than Zeroconf, per se, although Apple's > implementation of ARP is Zeroconf-compliant in terms of timing, setting > "sender IP address" (aka arphdr->ar_spa) field to all zeroes to avoid > polluting other systems' ARP caches, announcing & defending LLA IP > reservations, etc. As ours should be. The only part of that that should be affected by whether or not LLA is enabled is the announcing and defending portion. > I would be entirely happy if FreeBSD could do better than MacOS with regard to > this matter, but my observation suggests that the dudes working on this at > Apple have a working implementation which is becoming widely used in userland > applications for things like printer discovery on unconfigured LANs, chat, > music sharing on the LAN (via iTunes), and for which the potential problems > involved with things like multihomed machines are somewhat well understood. Apple's primary consumer base for Zeroconf systems doesn't normally have to deal with multi-homed systems; so it probably isn't much of a priority for them. They also need to maintain a higher level of easy configurability by non-technical users. FreeBSD's target user base leans towards the more technical and the more server-oriented. I don't know any of the people working on Zeroconf at Apple; and have no idea how well they have investigated the issues surrounding multi-homed machines. I suspect that the decision was made fairly early to only support it on one interface at a time. That certainly made it easier to concentrate on getting the more common one-interface scenario to work correctly. But they, and others working on Zeroconf, have pretty well identified the one-interface issues and come up with solutions; so we don't have to duplicate that research. Which means that we're free to look at the implications for multi-homed machines. I would agree that our first implementation should focus on the single-interface situation; but we should keep the multi-homed machines in mind while designing it. It's OK if we say "you can enable it on more than one interface; but we're not going to guarantee that you won't run into problems." > >> See section 4 of RFC-3927. > > > > No, that covers merging two previously disjoint networks; I don't > > think that it is intended to handle the case of a multi-homed host > > that is connected to both of them while keeping them separate. > > That section covers the merging of two previously disjoint networks, agreed; > for the case of connecting a multihomed host which is bridging them, this > section is entirely relevant. Otherwise, LLA only deals with one collision > domain (or link, etc) by definition, and one requirement which is relevant to > a multihomed host is that it must ensure that the system assigns a different > LLA to each interface. Yes, as you say, it is relevant if the host is bridging, but not if it is treating them as separate subnets. Which requires separate LLA negotiations; but I don't see where section 4 requires them to have separate IP addresses. (It's probably a good idea; but it doesn't seem to be required by section 4.) Multi-homed hosts are covered in section 3. Which is basically a discussion of some of the problems that are likely to be encountered; without mandating (or forbidding) any particular solution. Section 3.4 does require separate LL Ip addresses IF the interfaces are on the same link. But, as they point out, the easiest method of avoiding auto-immune response is to run the algorithm separately for each interface. In which case no special action need be taken to determine whether they are on the same link, or to avoid requesting the same address; the normal LLA negotiation will ensure that one of them wins and the other picks another address. > The probability that you will have the same LLA appear on two distinct subnets > is a variant of the "birthday paradox"; there's a 10% chance of a collision > with ~120 hosts, and a 50% chance of a collision with 300, assuming the code > copied below is right. Not exactly. I think that that computes the probability that a newly attached host will pick an initial IP address that is already in use. To apply it to a pair of networks, you need to deal with how many hosts are on each network and the fact that within each network, the IPs are already guaranteed to be unique. So, given two networks, one with N hosts, the other with M; for the first host in N, the chance of collision is M / 65024; for the second it is M / 65023; etc. (Each host in N reduces the available address space from which the other N-hosts may be chosen; it does not increase the number of hosts that they must be compared against.) The total probability is the sum of the probabilities for each of the N hosts. I think that you;ll find that the minimum number to produce a 50% probability will require that both networks have the same number of hosts (or differ by only one); and that as the populations become unbalanced, the total required rises fairly rapidly. (E.g., if N is 1, M must be 32512 for a total of 32513.) -Pat