[Starlink] Measuring the Satellite Links of a LEO Network
Alexandre Petrescu
alexandre.petrescu at gmail.com
Tue Feb 13 12:44:02 EST 2024
Le 13/02/2024 à 18:12, J Pan a écrit :
> yes, the mac for fe80::200:5eff:fe00:101 is 00:00:5e:00:01:01 (a
> virtual mac used by the virtual router redundancy protocol commonly
> used by service providers in point-of-presence?)
maybe they should rather use the IPv6 anycast concept?
Alex
> --
> J Pan, UVic CSc, ECS566, 250-472-5796 (NO VM), Pan at UVic.CA, Web.UVic.CA/~pan
>
> On Mon, Feb 12, 2024 at 6:14 AM Alexandre Petrescu via Starlink
> <starlink at lists.bufferbloat.net> wrote:
>> this is an issue for 6MAN WG at IETF, but this is the text with the
>> issue in the paper:
>>
>>> From the user device or customer router at 192.168.1.1,
>>> we can reach its GS gateway at 100.64.0.1 (or equivalently
>>> fe80::200:5eff:fe00:101 for IPv6)
>> That IPv6 link-local address has an 'ff:fe' in it; the prefix is 'fe80'
>> and the rest is an 'Interface ID', in RFC parlance.
>>
>> That IID should be more random in its appearance. It is called an
>> 'opaque' IID, and specified in RFC 7217 "Stable and Opaque IIDs with
>> SLAAC" of year 2014.
>>
>> That IPv6 address corresponds to earlier forms of these IIDs (RFC2464 of
>> year 1998); they had that IID to be derived from a 48bit MAC address and
>> inserted an 'ff:fe' string in it to become 64bit.
>>
>> Most embedded linux platforms (v2.x kernels?) still use that ff:fe.
>> Migrating these kernels is sometimes very difficult. One might not want
>> to migrate an kernel to a bloated and slower v3 or higher just for that
>> little 'ff:fe'. Maybe one wants to migrate just its IPv6 stack, but
>> it's not easy.
>>
>> The reason of making this IID more opaque is to resist scanning
>> attacks. A scanning attack is when a user might have somehow an
>> illegitimate starlink terminal and tries to connect to the legitimate
>> starlink network. Part of that trying is to know the IP address of the
>> next hop. With IPv6 it comes down to testing all these addresses. If
>> they have a constant 'ff:fe' in them, it is easier to find them by brute
>> force than if they were opaque. It is also true that if in IPv4 that
>> next hop is always the same then the easiest attack is to simply use
>> IPv4 instead of IPv6. But this 'opaqueness' of the IID in the IPv6 ll
>> address might still be needed when IPv4 is get rid of.
>>
>> This could be discussed at IETF, could be suggested to starlink to
>> upgrade, etc.
>>
>> Alex
>>
>> Le 12/02/2024 à 07:59, J Pan via Starlink a écrit :
>>> http://pan.uvic.ca/webb/viewtopic.php?p=124670#p124670 to appear at
>>> ieee icc 2024. feedback welcome, especially during the camera-ready
>>> stage this week. thanks! -j
>>> --
>>> J Pan, UVic CSc, ECS566, 250-472-5796 (NO VM), Pan at UVic.CA, Web.UVic.CA/~pan
>>> _______________________________________________
>>> Starlink mailing list
>>> Starlink at lists.bufferbloat.net
>>> https://lists.bufferbloat.net/listinfo/starlink
>> _______________________________________________
>> Starlink mailing list
>> Starlink at lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/starlink
More information about the Starlink
mailing list