Samita Chakrabarti writes: 6. The spec does not say that HA MUST not respond to NS when src=HOA before MN deregisters. Spec states a few steps regarding what HA should do during deregistration, however the above not clear. Thus some HA make the mistakes easily. ------------------ Jari Arkko responds to Samita Chakrabarti: Agree. Suggested text: "The home agent MUST NOT respond to Neighbor Solicitations sent to its own address when the Source Address of the solicitation is a home address of a mobile node for which the home agent has a Binding Cache entry." ------------------ Samita Chakrabarti responds to Jari Arkko: Looks fine to me. ------------------ Ed Remmell responds to Jari Arkko: Looks good. ------------------ Brian Haley responds to Jari Arkko: Is that right? It doesn't respond to its own address? Is this proposed for 11.5.4? ------------------ Jari Arkko: Samita didn't say why this rule would be needed. But my assumption was: the answer would go to the home agent itself and not to the sender of the NS. OTOH, the home agent would drop the NA since it didn't send any NS, and the end result would be the same. Hmm.... maybe its better if Samita or someone else from the Connecthathon would say more about this item and why its needed. ------------------ Vijay Devarapalli responds to Jari Arkko: I can give some details. This happens when the MN comes home. The MN needs a neighbor cache entry for the HA's address before sending the deregristration BU. Currently the spec says Neighbor Solicitation by the mobile node for the home agent's address will normally not be necessary, since the mobile node has already learned the home agent's link-layer address from a Source Link-Layer Address option in a Router Advertisement. However, if there are multiple home agents it may still be necessary to send a solicitation. In this special case of the mobile node returning home, the mobile node MUST multicast the packet, and in addition set the Source Address of this Neighbor Solicitation to the unspecified address (0:0:0:0:0:0:0:0). The target of the Neighbor Solicitation MUST be set to the mobile node's home address. The destination IP address MUST be set to the Solicited-Node multicast address [3]. The home agent will send a multicast Neighbor Advertisement back to the mobile node with the Solicited flag (S) set to zero. In any case, the mobile node SHOULD record the information from the Source Link-Layer Address option or from the advertisement, and set the state of the Neighbor Cache entry for the home agent to REACHABLE. but at Connectathon some mobile node implemenations didnt do this. instead they send a NS (src=MN_HoA, dst=HA, target=HA). some home agent implmenations respond to this, because they dont check the source address of the NS against the proxy neighbor cache (no spec says you should and you shouldnt, IMO). Samita is asking for this check. There is more. section 11.5.4 When sending this Binding Update to its home agent, the mobile node must be careful in how it uses Neighbor Solicitation [12] (if needed) to learn the home agent's link-layer address, since the home agent will be currently configured to intercept packets to the mobile node's home address using Duplicate Address Detection (DAD). In particular, the mobile node is unable to use its home address as the Source Address in the Neighbor Solicitation until the home agent stops defending the home address. going by this paragraph, the MN shouldnt be sending the NS (src=MN_HoA, dst=HA, target=HA). maybe nothing needs to be changed in the spec. (?) ------------------ Jari Arkko responds to Vijay Devarapalli: So, what we are seeing is an illegal situation, and different home agents respond in different ways. As far as I can see, the NAs from some of the home agents -- even if a bit suspicious -- do not really cause damage. So, perhaps we should not change anything... ------------------ Samita Chakrabarti writes: The draft is very clear what MN should do in case it needs to do the NS for HA's link-layer address before sending de-registration request. But the question is : Should the draft specify HA behavior if in case it receives a NS from a src=MN's HOA for which it's defending. Currently draft does not specify that and perhaps that's why some implementations did not have a check for BCE entry when it receives a NS (src=MN_HoA, dst=HA, target=HA). Naturally, if the HA is defending MN's homeaddress it should not be able to NA to the same homeaddress. I guess it is safe to clarify the HA behavior in this case. ------------------ Samita Chakrabarti responds to Jari Arkko: > So, what we are seeing is an illegal situation, and different > home agents respond in different ways. As far as I can see, the NAs > from some of the home agents -- even if a bit suspicious -- do not > really cause damage. So, perhaps we should not change anything... I don't have a strong opinion on this. I am OK either way. ------------------ ------------------ ------------------ ------------------ ------------------ ------------------ ------------------ ------------------ ------------------