MIF Working Group J. Laganier
Internet-Draft Qualcomm Inc.
Intended status: Informational G. Montenegro
Microsoft
J. Korhonen
Nokia Siemens Networks
T. Savolainen
Nokia
Z. Cao
China Mobile
2010

MIF Current Practice Analysis

Abstract

This document analyzes whether the problems encountered by a multi-homed host are satisfactorily addressed by mechanisms currently implemented in operating systems.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http:/⁠/⁠datatracker.ietf.org/⁠drafts/⁠current/⁠.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

Copyright Notice

Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http:/⁠/⁠trustee.ietf.org/⁠license-⁠info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.


Table of Contents

1. Introduction

A multihomed host have multiple provisioning domains via virtual and/or physical interfaces. A multihomed host receives node configuration information from each of its access networks, through various mechanisms such as DHCP, PPP's IPCP and IPv6 Router Advertisements. When the multihomed host receives various configuration objects (e.g., DNS server address, default gateway, address selection policies) with values that differ from one administrative domain to another, the node has to decide which one to use or how to reconcile them.

Issues regarding how the multi-homed host uses the configuration objects have been addressed in [I-D.ietf-mif-problem-statement]. Current practices of how the various implementations handle these problems are introduced in [I-D.ietf-mif-current-practices]. This document analyzes whether the problems encountered by a multi-homed host are satisfactorily addressed by mechanisms implemented in operating systems.

2. Terminology

The following terms are used throughout this document:

3. Problem Analysis

We group the problems raised in [I-D.ietf-mif-problem-statement] into specific categories as per the subsections below.

3.1. Naming and Addressing

  1. The operating systems has node-scoped DNS server addresses but the DNS server addresses provided by a given domain are only reachable through that domain.
  2. The answers to DNS queries returned by the DNS server of a given domain are only valid and/or reachable within that domain (e.g., split horizon DNS) but the operating system treats these answers as valid on any domain.
  3. Private IPv4 addresses [RFC1918] and Unique Local IPv6 Unicast Addresses [RFC4193] are reachable from within a given domain (i.e., they are site-scoped) but the operating system doesn't know the domain boundary and treats these as reachable on any domain (i.e., they have global scope.)
  4. Private IPv4 addresses [RFC1918] are only unambiguous within a given domain but the operating system doesn't know the domain boundary and cannot associate a Private IPv4 Address to a given domain and thus treats those as valid on any domain.

3.2. Routing

  1. Routing tables entries to ambiguous subnet prefixes in [RFC1918] addressing space are only unambiguous within a given domain but the operating system doesn't distinguish routes to the same prefixes belonging to different communication domains, thus leading to use of the wrong outbound interface and wrong destincation gateway.
  2. Routing tables entries with an ambiguous next hop IP address in [RFC1918] addressing space are only to be used within a given domain but the operating system doesn't necessarily know which was the communication domain thus leading to use of the wrong outbound interface and wrong destination gateway, and/or communication failure if no destination gateway is reachable at the destination address or if the destination gateway has no upstream route to the final destination of the packet.
  3. Host implementations usually do not implement the [RFC1122] model where the Type-of-Service are in the routing table which could be use to choose between routes with same longest prefix match and same metrics but different Type-of-Service characteristics, e.g., low delay, high throughput.

3.3. Reachability

  1. Ingress filtering can prevent communication when a node sends packets from a source address allocated from a given domain to a (default) router in another domain.
  2. Strong host model implementaion can cause incoming packets to be discarded when they are sent to a destination address assigned to one of the interface of the node that is not the interface on which the packet is incoming.
  3. There is no interface between a router and a host for the router to indicate that there is no default route but only specific routes to some prefixes. As a result, a node that discovers a router assumes that any destination is reachable, which might not always be the case: in some case only connectivity to destination in the domain is available, and other destinations are unreachable, e.g., walled gardens, corporate intranets, etc.

3.4. Domain Selection

  1. Application usually does not specify to which domain they want to communicate. When the destination has an unambiguous address the domain can sometimes be derived from that. This is however not the case when the destination is an ambiguous address from [RFC1918].
  2. Some applications require domain affinity. There should be some way to set it either by the application itself or by the system on behalf of the application. Therefore the system should be cognizant of domains.

3.5. Configuration and Policy

  1. Operating system does not keep separate, per domain copies of same configuration objects (e.g., DNS server addresses, NTP server addresses, ..) and thus these are either overwritten by the operating system when received from multiple provisioning domains, or ignored when not received on a so-called primary interface.
  2. There's no way yet to handle multiple policies coming from different domains. E.g., corporate node usage typically means that the corporation issues some policy on that Wi-Fi interface (and others as well). In this case, the carrier and corporation domains and their policies will overlap over the Wi-Fi interface. Having a common policy language might help to detect and reason about such conflicts, but conflict resolution is another problem. Ultimately, the issue are the different authorities on these domains (e.g., user at home, admin at corporation and carrier for wireless broadband) and how they resolve their conflicts in the overlap situations. Note: Domains and their policies may span multiple interfaces. There is a fixed hierarchy of domains and their authorities, but the top authority may decide to delegate to others certain parts of the system and to their policies, as long as these don't conflict with his. A conflict resolution that respects the hierarchy is needed.

4. Current Practice Analysis

4.1. Mobile Handset Operating Systems

4.1.1. Nokia S60 3rd Edition, Feature Pack 2

The following problems occurs:

4.1.2. Microsoft Windows Mobile 2003 Second Edition

The following problems occurs:

4.1.3. RIM BlackBerry

The following problems occurs:

4.1.4. Google Android

The following problems occurs:

4.1.5. Qualcomm AMSS

The following problems occurs:

4.1.6. Arena Connection Manager

The following problems occurs:

4.1.7. Access Selection

The following problems occurs:

4.2. Computer Operating Systems

4.2.1. Microsoft Windows

The following problems occurs:

4.2.2. Linux and BSD-based Operating Systems

The following problems occurs:

4.2.3. Apple MacOS X

The following problems occurs:

5. Security Considerations

TBD.

6. IANA Considerations

This document does not require any IANA actions.

7. References

[RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G. and E. Lear, "Address Allocation for Private Internets", BCP 5, RFC 1918, February 1996.
[RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast Addresses", RFC 4193, October 2005.
[I-D.ietf-mif-problem-statement] Blanchet, M and P Seite, "Multiple Interfaces and Provisioning Domains Problem Statement", Internet-Draft draft-ietf-mif-problem-statement-15, May 2011.
[I-D.ietf-mif-current-practices] Wasserman, M and P Seite, "Current Practices for Multiple Interface Hosts", Internet-Draft draft-ietf-mif-current-practices-12, July 2011.
[I.D-MIF-DNS] Savolainen, T., "DNS Server Selection on Multi-Homed Hosts", February 2010.

Authors' Addresses

Julien Laganier Qualcomm Incorporated 5775 Morehouse Drive San Diego, CA 92121 USA Phone: +1 858 858 3538 EMail: julienl@qualcomm.com
Gabriel Montenegro Microsoft EMail: gmonte@microsoft.com
Jouni Korhonen Nokia Siemens Networks Linnoitustie 6 FI-02600 Espoo FINLAND EMail: jouni.nospam@gmail.com
Teemu Savolainen Nokia Hermiankatu 12 D FI-33720 Tampere FINLAND EMail: teemu.savolainen@nokia.com
Zhen Cao China Mobile EMail: zehn.cao@chinamobile.com