Re: [homenet] Let's make in-home ULA presence a MUST !?

Lorenzo Colitti <lorenzo@google.com> Fri, 17 October 2014 13:48 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CC6A1ACDDA for <homenet@ietfa.amsl.com>; Fri, 17 Oct 2014 06:48:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.394
X-Spam-Level:
X-Spam-Status: No, score=-0.394 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, PLING_QUERY=0.994, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9fjgYRcGt_pw for <homenet@ietfa.amsl.com>; Fri, 17 Oct 2014 06:48:02 -0700 (PDT)
Received: from mail-ie0-x230.google.com (mail-ie0-x230.google.com [IPv6:2607:f8b0:4001:c03::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B63B41ACDD9 for <homenet@ietf.org>; Fri, 17 Oct 2014 06:47:16 -0700 (PDT)
Received: by mail-ie0-f176.google.com with SMTP id rp18so754008iec.21 for <homenet@ietf.org>; Fri, 17 Oct 2014 06:47:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=Y+5+Psy1E15x1tMggFRsjQxm9win1m4ZMAeTNw+ymnw=; b=cdpbJUtwt1nBlY5mI09zFbIH2+va4VBZ91w9tfJ0bkY5eanGzZRj5fLXHyrr+eB4Uo D5MG+H0eYfHe7V4lTGbdqMLrhkvgCDIc0VKAg56VmBY+tSC8/REg+rbMxspj468KX6vz Eqk7adVtiNogwqNbY7Wvs8ffW4Hl0B9xJzcziLr0GujmxXAPXTFZS18fegyl6xkNubVa KVikNtnpZRlkV8PuIh5Fhm5WvftaX3f4HGyuYKxv3M/eB/+qBR3MGdv1aOfcqtdnU3Vj ai0I229DxyGJEX8NxCPJrwYV1feD38E2VmWaocfnUDU0NPkSOSlbu36owG3OK+0t897/ f0cA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=Y+5+Psy1E15x1tMggFRsjQxm9win1m4ZMAeTNw+ymnw=; b=Z/dmnZNQ7SkSxBsoZ6UiOotvRLp/PreOXqH4BR233kUAGqlUjlN72MhFChXXeCG2Z9 OxTpSohgSnxGMEmZfZkk9WHhI2x3R0Rij6rez13NYI2oMyJgBsGNhc3hq6ZYgDLhgwBr mFigmE3aCDPi0LJxa/TpWkktODxkgefQiSIqOpJrmuHzn3D7VCxGdEmQ+4Tf97qB4+pq XWDtjg3QwZCgnHdIfBePW258clAqWaZ1iTZRkdSkcKdBi8+zyDaYd07ZnGhFE6/MrtFT a9EIIVhg5cczVi/D/I0H5CRNHaAW7vE9GmGW3DzUGs47z6xa67JNgIaXcpcIFGueFR7g YaPg==
X-Gm-Message-State: ALoCoQm3RHQ2k3H0qhXSzOmcVLSMAgkBR+ujGWBTMJsRuBQ90uwG8ZwE2u9bx16FNtYtSHHaX/0S
X-Received: by 10.50.164.233 with SMTP id yt9mr12645235igb.2.1413553636020; Fri, 17 Oct 2014 06:47:16 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.8.242 with HTTP; Fri, 17 Oct 2014 06:46:55 -0700 (PDT)
In-Reply-To: <3F36952F-CF6A-4F21-A713-A8A7DE7BDC42@fugue.com>
References: <CAAedzxp1R-C5E9RJVMVLRJxPc0w4zooPtqnvWK9eggpZu4=xtg@mail.gmail.com> <C7F3DE60-F596-4BAD-9C28-74006966E5B9@fugue.com> <20141014142746.GX31092@Space.Net> <69B1F2CB-88C6-4211-83F3-11C8A3E7BFD2@fugue.com> <20141014145930.GY31092@Space.Net> <m1Xe3jL-0000I7C@stereo.hq.phicoh.net> <20141014154111.GZ31092@Space.Net> <C6760B68-C913-4B22-98E6-6D29A66F80D9@fugue.com> <20141015150422.GW31092@Space.Net> <4E2E154E-D231-4E79-860A-56948A13CDD4@fugue.com> <20141015154841.GY31092@Space.Net> <CBC8A3D9-9EBD-47FF-B066-247898FF2000@fugue.com> <543EA248.2080700@mtcc.com> <CB50B30B-DC36-4354-96B7-19AE415BD03F@fugue.com> <543EBE40.3030201@mtcc.com> <BA5ABBFA-9D13-4975-A96C-530FE958322A@fugue.com> <543ED2A7.3090409@mtcc.com> <1569644A-50C4-47B6-908E-262BC62BCD14@fugue.com> <543EFBF1.6040101@mtcc.com> <457D177C-232E-4590-A9ED-80048140157F@fugue.com> <CAKD1Yr1kix0HxWsC4n7ta4EG-6YhMMdYCTnFFXGb2ATQBbkMHA@mail.gmail.com> <DCB62D43-DFD3-4985-8FAA-896CEA3BD342@fugue.com> <94C19398-AC5A-416F-8C3E-EA6B1750C22C@fugue.com> <CAKD1Yr1rpFeZuy=nXFSj+dpa749RhJJ2j9+U=cmFq_4cCsC_4g@mail.gmail.com> <4D6F2B13-D63E-4FEE-A136-B510126CC1C9@fugue.com> <2D09D61DDFA73D4C884805CC7865E61130EA3B9A@GAALPA1MSGUSRBF.ITServices.sbc.com> <1AA5DBBD-C3C5-4AFD-A043-6A69AE7FBDB9@fugue.com> <CAKD1Yr3Fa7hgXZReWFgmHA9pLnH=ezHLXh-aAdA-_N=AR3AiyA@mail.gmail.com> <3F36952F-CF6A-4F21-A713-A8A7DE7BDC42@fugue.com>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Fri, 17 Oct 2014 22:46:55 +0900
Message-ID: <CAKD1Yr3eP+8qs8uMzrfOmebp+bihGed7PjWi0=8+cV4N6Dx=ww@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
Content-Type: multipart/alternative; boundary=089e0149beac58e5b405059e9a65
Archived-At: http://mailarchive.ietf.org/arch/msg/homenet/G2nB6je9NyvYbaxFiDSnVyG85BQ
Cc: "homenet@ietf.org" <homenet@ietf.org>, Michael Thomas <mike@mtcc.com>, "STARK, BARBARA H" <bs7652@att.com>
Subject: Re: [homenet] Let's make in-home ULA presence a MUST !?
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Oct 2014 13:48:04 -0000

On Fri, Oct 17, 2014 at 10:29 PM, Ted Lemon <mellon@fugue.com> wrote:

> On Oct 17, 2014, at 1:35 AM, Lorenzo Colitti <lorenzo@google.com> wrote:
> > You keep mentioning this, but you're incorrect. Even if the ISP
> flash-renumbers, hosts will not lower the lifetime of their IP addresses
> below 2 hours, per RFC 4862.
>
> You are technically correct, and I will admit to having gone slightly into
> the weeds there, but let me remind you of how this conversation started:
> someone again proposed that we retain a stale GUA rather than having a
> ULA.   So if you go offline and then come back online, your stale GUA gets
> flash-renumbered even if your ISP doesn't have a policy of doing flash
> renumbering.   When I say it gets flash-renumbered, I mean that the ISP is
> no longer offering service on that GUA, regardless of whether hosts may
> still consider it valid.
>
> Why do we care?   Because you are now advertising an invalid GUA on the
> homenet.   Hosts will think that they can use that GUA to communicate _off_
> the homenet, and lossage will ensue.


No, they won't. The old GUA will be deprecated, and the hosts will not use
it if they have another GUA. If they don't have another GUA, they will
either use the deprecated GUA or the ULA, but it doesn't matter which they
use, because none of them will work anyway. Note that they *will* attempt
to use the ULA to talk to the outside world if they don't have a GUA, so
please don't come back saying "the hosts will know not to use it". :-)


> So when the upstream gets flash renumbered, you _really want_ to tell
> hosts on the local network that that prefix has a valid lifetime of zero,
> so that they don't mistakenly use it for communication off-homenet.
>

No, you don't want to tell them it has a valid lifetime of zero, you want
to tell them it has a preferred lifetime of zero. Which I think everyone
agrees with.


> And then there's the long-lived connection _in_ the homenet.   If we
> insist on using non-stable GUAs, then my ssh connection to my home server,
> which I often do keep open overnight doing something, would be killed by
> the renumbering that has to happen when the upstream is renumbered and
> there is no stable ULA.


Yes (but again, it won't be killed by the renumbering; it will be killed
*when its source address expires*). But I really doubt that real users have
long-lived connections from apps that don't reconnect on failure. Geeks
like us might, but that's not really who we should be designing for,
because geeks like us will know enough to pick an ISP that doesn't renumber
all the time.

Not all ISPs do constant renumbering. My prefix has been static for over
two years and it even followed me across an apartment move. And I just have
a standard residential service. US ISPs tend to renumber their users very
rarely (once every few weeks, at most).

So this is why I am arguing that homenets SHOULD have ULAs, and why Markus
> is arguing that they MUST.   We really do want hosts to prefer the ULA if
> they can use it, and we really do want to always have a ULA.   Hosts that
> are communicating on intra-homenet should not be using GUAs to do so, and
> it is worth a little effort to try to ensure that that is the case.
>

Oh, ULAs and stable addressing sound good on paper, sure. But as soon as
you actually try to use them, then suddenly there are a boatload of
scenarios that you need to deal with like the ones presented by James many
messages ago. What happens on splits? What happens on joins? Do you need to
keep old ULAs around? How many? Will implementations age them out? (I can
tell you the answer to that one: "no"; they're more likely to stop
accepting new ones than to have new ones replace old ones). And so on and
so forth.

I really don't think that it's worth accepting this complexity (and
brittleness, because home gateways are not the most well-tested or
frequently-upgraded of products) just for the sake of what is most likely a
minority of ISPs renumbering and breaking a tiny minority of users.

To my mind, ULAs are good for one thing, and one thing only: connectivity
when the network is bootstrapping or isolated and has no GUA. But using
them in that situation may well be an easier problem to solve.