[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: ND-proxy applicability and loop-prevention

> One easy way to do this would be define a special multicast group,
> to which all routers will listen, thus parse and forward these
> packets to their uplinks. The packet would contain the primary
> identification of that host and the uplink over which the packet
> gets sent, one could include a 'trace' of where the packet passed
> to aid in further diagnosis. When a router gets a packet containing
> it's own ID it can use the link field contained in the packet to
> see where it sent the packet too and then simply disable that link
> from being used for forwarding packets too, notifying the admin
> in some way or another. This at least prevents the loop from
> happening for too long and thus minimizes damage.

There are essentially two ways to break loops: either by using a
"routing protocol" of some kind that imposes a correct routing structure
on the set of proxies; or by using a form of "loop detection" option in
the ND messages. The spanning tree algorithm is an example of the first
class of solution; we could also conceivably use RIP or OSPF with host

I looked at the second class of solutions in a now expired draft. The
basic idea is to add a "forwarded by" option in the discovery messages
sent by the proxy, and to use that option to detect loops, either with a
hop limit (don't forward more that N times) or with a packet inspection
(don't forward what you have already forwarded once).

The routing or spanning tree solution is the most transparent to the
hosts, since it does not change any byte in the ND packets. However,
transparency may not be entirely desired, since SEND requires being
fairly explicit about relays. The "forwarded by" option is perhaps more
powerful, as it allows for real-time discovery of alternate paths. 

-- Christian Huitema

IETF IPv6 working group mailing list
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6