.de Sc \\s-1\\$1\\s0\\$2 .. .ds cA 2005/314 .ds aR \s-1PSARC\s0 .LP .so ../../amac .Co .ds LF \fI\*(aR/\*(cA\fP .ds RF \fICopyright 2006 Sun Microsystems, Inc.\fP .if n .ds CF .IP \fBSubject:\fP 15 IP Duplicate Address Detection .IP "\fBSubmitted by:\fP" 15 James D. Carlson .IP \fBFile:\fP 15 \*(aR/\*(cA/opinion.ms .IP \fBDate:\fP 15 August 8th, 2006 .IP "\fBCommittee:\fP" 15 Bill Sommerfeld, James D. Carlson, Ed Gould, Glenn Skinner, Gary Winiger, Shudong Zhou. .IP "\fBProduct Approval Committee:\fP" 15 Solaris PAC .br solaris-pac-opinion@sun.com .pn 2 .NH Summary .LP This project proposes to make several infrastructural improvements to how Solaris's IPv4 ARP and IPv6 Neighbor Discovery implementations detect and handle situations where two nodes on a network claim the same IP address. This work will enable several follow-on projects in the general area of dynamic network autoconfiguration. .NH Decision & Precedence Information .LP This project is approved as specified in reference [1]. .LP The project may be delivered in a Patch/Micro release of Solaris .bp .NH Interfaces .LP The project exports the following interfaces. .if n .ne 8 .if t .ne 3 .TS H box; c s s l | l | l. Interfaces Exported _ Interface Classification Comments _ .TH IPv6 DAD probing Committed RFC 2462 IPv4 DAD probing Committed RFC 3927 [1] T{ Ongoing address defense behavior T} Committed T{ UnARP (listen-only) T} Committed RFC 1868 T{ kernel warning messages T} Uncommitted arp(7P) new ndd parameters T{ Project Private T} arp(1M) "permanent" flag Committed arp(1M) output Uncommited [4] ATF_AUTHORITY Committed ifconfig up/down Committed IFF_DUPLICATE Committed [2] IFF_UP behavior Committed IFF_NOLOCAL behavior Committed rtsock DAD delay Committed AR_* STREAMS messages T{ Consolidation Private T} DHCP PRE_BOUND state Project Private [3] .TE .IP 1 As revised to add ongoing address defense in the event of a collision; see below. .IP 2 New output-only flag; also visible in ifconfig output .IP 3 New state; visible in ifconfig dhcp status output .IP 4 Flag output changed to match command line keywords .bp .LP The project imports the following interfaces. .if n .ne 8 .if t .ne 3 .TS H box; c s s l | l | l. Interfaces Imported _ Interface Classification Comments _ .TH ire_cache_lookup T{ Consolidation Private T} kernel function ire_refrele T{ Consolidation Private T} kernel function .TE .NH Opinion .LP .NH 2 Never give up, never surrender! .LP The Duplicate Address Detection algorithm described in RFC 3927 is designed for the allocation of a randomized link-local IPv4 addresses, and thus will back off (and pick a new address) in the event of a collision. This algorithm is inappropriate when applied to authoritatively assigned addresses (i.e., manual assignment or DHCP) as it renders the host subject to a difficult-to-diagnose "drive by" denial-of-service attack. If a duplicate is detected, rather than giving up on a particular address forever, we instead back off for a time and try again later. .NH 2 Logging on both parties in the event of a conflict .LP In the event that a conflict is detected between two systems with this project installed, warning messages logged on each system will contain the layer-2 addresses of the other system, permitting any conflict to be diagnosed starting from either system. .NH 2 Need efficient PRNG for protocol use. .LP Most protocols involving periodic broadcast messages will self-synchronize unless timers have substantial random jitter added. The Solaris kernel contains several common random number generator functions; however, they are designed for cryptographic use and are thus computationally expensive per bit generated. A lighter weight function would be useful both for this protocol and several other projects; see the Advisory information below. .NH Minority Opinion(s) .LP None .NH Advisory Information .LP .RS .IP 1. The Solaris PAC should prioritize the establishment of a project to provide a high-efficiency common random number generator for non-cryptographic use (for instance, for adding random variability to protocol timers to avoid self-synchronization). .IP 2. Once this project integrates and begins to be used on Sun's internal network, the project team should make the operators of the network aware of the new behavior in the event that there is unexpected adverse behavior. .RE .NH Appendices .NH 2 Appendix A: Technical Changes Required .LP None. .NH 2 Appendix B: Technical Changes Advised .LP None. .NH 2 Appendix C: Reference Material .LP Unless stated otherwise, path names are relative to the case directory \*(aR/\*(cA. .IP 1. Solaris IP Duplicate Address Detection, version 1.6 .br File: final.materials/dad-design.pdf .IP 2. RFC 1868 UnARP .br http://www.ietf.org/rfc/rfc1868.txt .IP 3. RFC 2462 IPv6 Duplicate Address Detection .br http://www.ietf.org/rfc/rfc2462.txt .IP 4. RFC 3927 Dynamic Configuration of IPv4 Link-Local Addresses .br http://www.ietf.org/rfc/rfc3927.txt