Subject: Re: Router Alert IPv4 Option
To: Hitoshi Asaeda <asaeda@producegate.net>
From: Paul Goyette <paul@whooppee.com>
List: tech-net
Date: 07/24/2001 04:09:23
On Tue, 24 Jul 2001, Hitoshi Asaeda wrote:
> > > One should note that almost all modern routing protocols (even IGMP v2)
> > > mandate that their packets be sent with the Router Alert option set.
> >
> > If that's the case then we need to implement something, maybe even by 1.6.
>
> Actually, as a spec of IGMPv2/v3, router alert option is mandatory
> even in a report message. This means it should be set or check not
> only by a router, but by a host.
It should definitely be set by both router and host. But a host is not
a router, so there is no need for the host to process a Router Alert,
and no need for the host to demand that the option be set.
> So, IMO, it's good to modify kernel to implement IGMP with RA.
> In addition, set/getsockopt implementation is necessary to handle this
> option, in order to make routing daemon, like pimd, know that kernel
> would set/check RA. After set/getsockopt implementation for RA is
> done, routing daemon with using this set/getsockopt can handle whether
> it should set/check by daemon itself.
>
> The problem is - actually, it's not a problem, it's a spec, though -
> when kernel modification strictly follows IGMP's specs, every IGMP
> packet with no RA is ignored. ...
This may be in the spec, but it is a bad idea. When implementing a
protocol, any protocol, it is best to be as conservative as possible
when creating packets (adhere to the spec as closely as you can) but
be as LIBERAL as possible (ignore the little things that can't make
any difference).
It doesn't make any sense to check that the RA option is present, nor
to ignore packets where it isn't present. The whole purpose of the
RA option is to make certain that the router processes the packet. If
you have processed the packet enough to notice that the RA isn't
there, then you've gotten past the point where RA would have made a
difference (ie, you've already noticed that the packet exists). So
discarding the packet at that point does nothing useful.
Besides, although I haven't read the IGMP v2/v3 specs in the last
couple of weeks, I don't think there's anything in there that actually
says that the receiving router has to discard packets without the RA
being set.
> ... So if someone who doesn't implement RA
> sends IGMPv2/v3 message, then strictly modified node, which may be a
> host or may be a router, cannot communicate the sender.
> So, as my ideal way:), sysctl implementation to able or disable strict
> RA check is also a good idea.
PS This E-mail represents my personal views, and in no way does it
represent the view of my employer!
----------------------------------------------------------------------
| Paul Goyette | PGP DSS Key fingerprint: | E-mail addresses: |
| Network Engineer | BCD7 5301 9513 58A6 0DBC | paul@whooppee.com |
| & World Cruiser | 91EB ADB1 A280 3B79 9221 | pgoyette@juniper.net |
----------------------------------------------------------------------