Project

General

Profile

Actions

Bug #8761

closed

IPv6 default policy table needs update for RFC6724

Added by Sebastian Wiedenroth over 3 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Category:
networking
Start date:
2017-11-04
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

RFC6724 published a newer version of the default policy table used for source and destination address selection.
Without this updated policy table some addresses won't be labled correctly resulting in inferior or even unroutable addresses getting selected.

Actions #1

Updated by Sebastian Wiedenroth over 3 years ago

Testing notes:

I added a ULA and a global address to an interface.
Ran "traceroute" to a hostname which had also one ULA and one global address.
With the old policy table the unique local address would get picked as source address, with the new table the global one is correctly selected.

One production webserver with IPv6 connectvity has been running with the new policy table for ~2 months.

To measure the performance impact of this change I did some (limited) measurements with dtrace:

fbt:ip:ip6_asp_lookup:entry {
  self->ts = vtimestamp
}
fbt:ip:ip6_asp_lookup:return /self->ts/ {
  @a[probefunc] = quantize(vtimestamp - self->ts);
  self->ts = 0;
}

new table:

  ip6_asp_lookup                                    
           value  ------------- Distribution ------------- count    
             512 |                                         0        
            1024 |@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@      30       
            2048 |@@@@@                                    4        
            4096 |                                         0        

old table:

  ip6_asp_lookup                                    
           value  ------------- Distribution ------------- count    
             256 |                                         0        
             512 |                                         1        
            1024 |@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@        67       
            2048 |@@@@@@@                                  14       
            4096 |                                         0        

So the impact seems neglectable.

Jorge Schrauwen commented on reviewboard:

I used MTR to check if the selection matched what RFC6724 mentions after loading the new ipaddrsel.conf

Actions #2

Updated by Electric Monk over 3 years ago

  • Status changed from In Progress to Closed
  • % Done changed from 30 to 100

git commit 81f499d2b4ccf5e24f8550abdfaf18142b430f5f

commit  81f499d2b4ccf5e24f8550abdfaf18142b430f5f
Author: Sebastian Wiedenroth <wiedi@frubar.net>
Date:   2017-11-11T18:44:38.000Z

    8761 IPv6 default policy table needs update for RFC6724
    Reviewed by: Dan McDonald <danmcd@joyent.com>
    Reviewed by: Jorge Schrauwen <sjorge@blackdot.be>
    Approved by: Richard Lowe <richlowe@richlowe.net>

Actions

Also available in: Atom PDF