IETF Logo Mail Archive

Re: [DNSOP] [v6ops] New Version Notification for draft-v6ops-xie-network-happyeyeballs-00.txt

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Wed, 26 September 2018 15:51 UTC

Return-Path: <prvs=1807f66189=jordi.palet@consulintel.es>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B634E130EBA; Wed, 26 Sep 2018 08:51:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VeC8ZkAt7OY8; Wed, 26 Sep 2018 08:51:49 -0700 (PDT)
Received: from mail.consulintel.es (mail.consulintel.es [IPv6:2001:470:1f09:495::5]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E98FE130E19; Wed, 26 Sep 2018 08:51:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1537977107; x=1538581907; i=jordi.palet@consulintel.es; q=dns/txt; h=User-Agent:Date: Subject:From:To:CC:Message-ID:Thread-Topic:References: In-Reply-To:Mime-version:Content-type:Content-transfer-encoding; bh=oibE6CQCHHOCC0ez39CAEhKMnDFrJUje4/abqpW6M6A=; b=i2mN0wcTOsR9y BYkojnbQz8nqQcEokOiaX5chnwFJB8b13rqA5JandII2zFiCxfzIsiTinBGzugBt ETlstEtqDi0bFKK/5OJ1Mvnmfi0T4CfmQA6qnJxggeeRTMOMyuElflpxniclu0by e3ZtcO00dbv3qvP+3d0wiFsYT3J0RM=
X-MDAV-Result: clean
X-MDAV-Processed: mail.consulintel.es, Wed, 26 Sep 2018 17:51:47 +0200
X-Spam-Processed: mail.consulintel.es, Wed, 26 Sep 2018 17:51:47 +0200
Received: from [45.6.251.186] by mail.consulintel.es (MDaemon PRO v16.5.2) with ESMTPA id md50005889253.msg; Wed, 26 Sep 2018 17:51:45 +0200
X-MDRemoteIP: 2001:13c7:7003:200:ac67:962a:35ef:c4d
X-MDHelo: [45.6.251.186]
X-MDArrival-Date: Wed, 26 Sep 2018 17:51:45 +0200
X-Authenticated-Sender: jordi.palet@consulintel.es
X-Return-Path: prvs=1807f66189=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
User-Agent: Microsoft-MacOutlook/10.10.2.180910
Date: Wed, 26 Sep 2018 12:51:37 -0300
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: "STARK, BARBARA H" <bs7652@att.com>, 'Tony Finch' <dot@dotat.at>, Gert Doering <gert@space.net>
CC: dnsop <dnsop@ietf.org>, "v6ops@ietf.org" <v6ops@ietf.org>
Message-ID: <C1CA71E7-C3FF-4F80-8EF6-D3A938F05FC8@consulintel.es>
Thread-Topic: [v6ops] [DNSOP] New Version Notification for draft-v6ops-xie-network-happyeyeballs-00.txt
References: <153751052820.5339.10049404273601155140.idtracker@ietfa.amsl.com> <CAAObRXLWpXVbPyyxuzJH8osi+R1rdV8N8=Woqvq3UR9nk8kDaA@mail.gmail.com> <CAJE_bqd4jjeZy9Stp-v6O0VOyvEJiE9vW1BLuy-wzqPGvDagoQ@mail.gmail.com> <CAAObRX+6ktcD8i_aToKbX7UJoSPT0NMPV0xKqT8-k+7_d0R5Nw@mail.gmail.com> <20180925072015.GV11393@Space.Net> <CAAObRXKhS++5_cmvjTx3LY+ti6NbGj1NvtL6XeQGOvYuJKw0uw@mail.gmail.com> <3BDC24C2-6D51-4FF1-8A48-CAD4F8CEBF9C@employees.org> <CAAObRXJd3Ym_JezijzFVGGUj6hnkLd78dA-B_oug1gZ_-kbeAw@mail.gmail.com> <2FEEAF29-E213-4DA3-8ECA-4EF51E170B50@employees.org> <CAAObRXJXv3iDg=k00FghuLQtSuogFD4FMr25krMSAXginAM5bg@mail.gmail.com> <20180926072839.GD11393@Space.Net> <alpine.DEB.2.20.1809261153450.3596@grey.csi.cam.ac.uk> <2D09D61DDFA73D4C884805CC7865E6114DECDB78@GAALPA1MSGUSRBF.ITServices.sbc.com>
In-Reply-To: <2D09D61DDFA73D4C884805CC7865E6114DECDB78@GAALPA1MSGUSRBF.ITServices.sbc.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/g1Qs0EGQKH_mhHD0CaiQdgGWhmU>
Subject: Re: [DNSOP] [v6ops] New Version Notification for draft-v6ops-xie-network-happyeyeballs-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Sep 2018 15:51:53 -0000

Hi Barbara,

In my experience, there are two ways IPv6 can be broken:
1) ICMPv6 being filtered, so PMTUD doesn't work.
2) IPv6 deployment issues (including having AAAA records with no or bad IPv6 connectivity).

HE only helps for 2).

But 2 can be caused in different points between the source and destination, and in most of the cases is bad transit/peering more often than the LANs or the ISP deploying IPv6 badly in its own network.

What is missing is that, unfortunately, many folks don't do the same level of monitoring on their IPv6 networks than IPv4 ones, or if the destination has AAAA, but they don't have IPv6 enabled, of course, they aren’t monitoring at all a non-existing IPv6 network.

Also, if the problem is caused by 1, is the ISP deploying IPv6, then one that need to get some kind of alert from the customers about failing end-sites, and contact them or their transits ...

At the end they need to be able to cooperate resolving the problem.

There is an example about this. I've detected several years ago that 1&1 deploys IPv6 to their customers, but even if I tried personally contacting them they did nothing. I kept insisting for 3 years, but I already give up.

This means that thousands of web site with IPv6 aren't reachable for many customers. Of course, because in this case is due to 1), you can't reach those web sites neither with IPv6 or IPv4 (unless you manually disable IPv6 in the browser or OS).

Regards,
Jordi
 
 

-----Mensaje original-----
De: v6ops <v6ops-bounces@ietf.org> en nombre de "STARK, BARBARA H" <bs7652@att.com>
Fecha: miércoles, 26 de septiembre de 2018, 10:45
Para: 'Tony Finch' <dot@dotat.at>, Gert Doering <gert@space.net>
CC: dnsop <dnsop@ietf.org>, "v6ops@ietf.org" <v6ops@ietf.org>
Asunto: Re: [v6ops] [DNSOP] New Version Notification for draft-v6ops-xie-network-happyeyeballs-00.txt

    > The point of happy eyeballs is to work around crappy or broken networks,
    
    That's my recollection, too. And I'm really struggling to figure out which are the broken IPv6 networks NHE is trying to work around. The possible networks are: LAN, ISP/access, core/transit, and destination. I'm not aware of issues with core/transit networks. I'm also not aware of major issues with IPv6 broken at the destination (authoritative DNS servers supplying AAAA records, but those IPv6 addresses aren't actually reachable over the Internet or have incredibly slow IPv6 connectivity to the Internet).
    
    My recollection is that the brokenness being worked around was primarily caused by non-functioning IPv6 connections that were being advertised to hosts, were provided AAAA addresses during DNS resolution (over IPv4), but didn't have actual IPv6 connectivity to The Internet. Teredo and 6to4 in CE routers and host OSs were primary causes of the problem, exacerbated by DNS resolvers (sitting on IPv4-only networks) providing AAAA records to DNS queries over IPv4. The destination network was *not* the source of the broken IPv6. The problem was very, very local. HE wasn't in response to minor performance differentials between IPv4 and IPv6 (to pick the one that worked better). It was about not waiting an entire 60 seconds (or more) for a 100% broken advertised IPv6 connection to fail before using IPv4. 
    
    Some questions I have are:
    Why would an ISP choose to deploy partial or broken IPv6 + NHE, rather than properly functioning IPv6? I would think we should be recommending deploying properly functioning IPv6 rather than broken IPv6 + NHE. I'm not aware of a compelling reason at this stage of the game for non-IPv6 or partial-IPv6 ISPs to be providing AAAA to DNS queries over IPv4. Not providing AAAA over IPv4 DNS in this case is much easier than the proposed NHE.
    
    As for CDN statements made in this thread: CDNs are in the business of optimizing connections to their content. HE isn't about optimizing connections -- it's about more quickly reacting to the likelihood of outright brokenness. But it sounds like NHE *is* about optimizing (where IPv6 isn't broken, but is just really slow)? I'm a bit confused about this.
    
    I've done various IPv4/IPv6 latency tests from inside my home, over time. 
    Back when I had an ISP that was experimenting with IPv6 by having a single 6rd BR in the center of the US and that ISP was having other "we don't know what we're doing" issues, the IPv6 and general IP-connectivity performance was pretty abysmal. Now that I have an ISP (for the past 6 years) that has deployed a rock solid IPv6 solution (and I successfully got all the Teredo, 6to4, and ISATAP disabled on every device in my home), I have no problem. Which suggests IPv6 issues related to poor IPv6 deployments in destination networks isn't an issue for me. If it's an issue elsewhere in the world, please provide statistics -- I haven't seen any statistics presented by proponents of NHE related to the severity of whichever problem they're trying to solve. My experience suggests that ISPs who deploy IPv6 properly have no need for NHE.
    
    It really sounds like the main thing NHE is trying to "solve" is "I'm an ISP who wants to deploy bad, partial, or broken IPv6 and need something that will keep my users from suffering too horribly from my ineptitude." I'm not sure that's a compelling reason for an RFC. I also question whether such inept ISPs would make use of NHE, even if it were available.
    Barbara
    
    
    
    _______________________________________________
    v6ops mailing list
    v6ops@ietf.org
    https://www.ietf.org/mailman/listinfo/v6ops
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

v2.23.0 | Report a Bug | By Email