Re: [homenet] Support for RFC 7084 on shipping devices...

Michael Thomas <mike@mtcc.com> Sun, 06 October 2019 22:46 UTC

Return-Path: <mike@fresheez.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DC2C1200CE for <homenet@ietfa.amsl.com>; Sun, 6 Oct 2019 15:46:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.649
X-Spam-Level:
X-Spam-Status: No, score=-1.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fresheez.com header.b=jmhtpN3d; dkim=pass (2048-bit key) header.d=mtcc-com.20150623.gappssmtp.com header.b=EC1Rkfx5
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ndb4S43bn8Q1 for <homenet@ietfa.amsl.com>; Sun, 6 Oct 2019 15:46:02 -0700 (PDT)
Received: from mail-pg1-x52a.google.com (mail-pg1-x52a.google.com [IPv6:2607:f8b0:4864:20::52a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0332F12003E for <homenet@ietf.org>; Sun, 6 Oct 2019 15:46:01 -0700 (PDT)
Received: by mail-pg1-x52a.google.com with SMTP id p1so5248988pgi.4 for <homenet@ietf.org>; Sun, 06 Oct 2019 15:46:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fresheez.com; s=fluffulence; h=sender:subject:to:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=ha6fg7takm4NmyQtNO+CBol7tfIyTnVU05JQl65PDqw=; b=jmhtpN3dPkQYF0xzjZWcFswQtPWW/GoeUnp41jExd/EhMTyw5XJnyl4LURzKwn/E0J /QW0Q/X1AmjGiilOhLEw2ngrSRV7rw7vCep0UKhGULNxzVcTV4Tvu2mXYO6wZq1aAu3w bENmNwOfu1DGhBkf0q0DW1bBPrTTO15QhG+2M=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc-com.20150623.gappssmtp.com; s=20150623; h=sender:subject:to:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=ha6fg7takm4NmyQtNO+CBol7tfIyTnVU05JQl65PDqw=; b=EC1Rkfx5ITUqaDLSJUVHKWZ9r+yakksM35yZr7I3B0MtEPcVOck7ri7/Yl3QuFohM4 XmkSTixFxpcMZCspTL/JJsaUND/Vnd5nssJfgKrm/UmWatSjfk3MsFFPBz9A/i23bmXC YvsWfdVh/YxeTpGV8Ed0SI/O1yIH7BBJYPC2EcOXT8bY7lXW3ScRadgi4yjTVSiOVyT2 EIkOz0FpUmkD6KaODkHNSSfgOSU8oa6UsQ7gNq4w+cF9ZHMYUGd/7zSvcwvCqN+PG9+h gM9Em2O7ZqiIj+iwkubq/H8kscoZbkzqCnodsSdYi13LBqxFvPBf4fSDvz55+xC/BlZt mAVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:subject:to:references:from:message-id :date:user-agent:mime-version:in-reply-to:content-language; bh=ha6fg7takm4NmyQtNO+CBol7tfIyTnVU05JQl65PDqw=; b=rX8gHyjl2Xny1Hc+bgjY3jGM9lvv1p1oF3LXeWgwLoK8ASdr/FS7b/BS+G0gStUZci wzCfQVP2x7J/l4QC8ZwG3A2ZLCsJCcn0COc5ja9g26y/ugmtA7J7RVJBqqHngMRzAXlz QOFmEJlgL9KPTODLmt70fc3deB1QF8Fg/itfGp0fnumOdbMxUKvZ84r593Z+tnbJSvpq zV7R5SJQN9cqRqTcnP9mxZ1YvdLhJykubBLu15ZgiSIZozhDpjHEUgjyEl7XY4PTWbLV wkUkggFMW9LZxrHFT50v2QMu32iOzjoG+qcSr/xmo1iQFIR7j1LwF8xladCI2TlTS3gu 5EAw==
X-Gm-Message-State: APjAAAVPXCx9bhSLebCBeRVjcXLATXUIdjFpReqjt14adWHIjQon/WVF Ke/YIpqI9QmCwhW9k9r4uf86dfJRfQo=
X-Google-Smtp-Source: APXvYqwVVbChAc0cS16SY2gWPEYYblFH7D5s6EiRLgmdpG+H9q+VQdcrezs0b+I8aMo6lnoJvhXiGg==
X-Received: by 2002:a17:90a:266c:: with SMTP id l99mr30034536pje.93.1570401960924; Sun, 06 Oct 2019 15:46:00 -0700 (PDT)
Received: from Michaels-MacBook.local ([66.178.168.68]) by smtp.gmail.com with ESMTPSA id cx22sm10521692pjb.19.2019.10.06.15.45.59 for <homenet@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 06 Oct 2019 15:45:59 -0700 (PDT)
Sender: Michael Thomas <mike@fresheez.com>
To: homenet@ietf.org
References: <56255ECF-9002-4440-BA0D-665EFC4BA9C6@fugue.com> <F638F635-9A1C-409E-BDB8-C00DF00A64C8@employees.org> <alpine.DEB.2.20.1910040752050.968@uplift.swm.pp.se> <A52F076F-817D-4807-8CD6-280C2040AEBF@employees.org> <5F0D2E3D-BE20-4421-8A37-E81E6B93B3A5@fugue.com> <E50D25C7-8EF1-4685-9442-021F019F7F62@employees.org> <60B2C15B-E126-4F86-AA9A-9EB9A6C0EB2D@fugue.com> <FBCD2C32-9CBE-4499-A3E9-0FF4991E34DF@employees.org> <A5D12082-3D6A-4540-9AFB-2530D4FA6A32@fugue.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <79ca7111-8701-bb3e-58db-0688da8311b9@mtcc.com>
Date: Sun, 6 Oct 2019 15:45:57 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <A5D12082-3D6A-4540-9AFB-2530D4FA6A32@fugue.com>
Content-Type: multipart/alternative; boundary="------------1A22231E0DC8861195366ECD"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/NV92Uu1efkcmQrUFOvnVj_bISrM>
Subject: Re: [homenet] Support for RFC 7084 on shipping devices...
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Oct 2019 22:46:04 -0000

On 10/6/19 2:41 PM, Ted Lemon wrote:
> On Oct 6, 2019, at 10:58 AM, Ole Troan <otroan@employees.org 
> <mailto:otroan@employees.org>> wrote:
>> Are you saying there might be gaps in HNCP? Or things we could do to 
>> make it more deployable?
>> If it's just a matter of running code missing, I'm not sure defining 
>> anything else new in the IETF would help that problem.
>
> There are definitely missing features from the protocol that I’d like 
> to add.   But I think the fact that the protocol isn’t deployed on a 
> _single_ commercially available router, and is not really usable on 
> OpenWRT by a non-expert, is an indication that there is substantial 
> remaining work to do.   Operations work is not out of scope for IETF; 
> maybe I should have asked this on v6ops.   We have historically said 
> “not our problem,” but I don’t agree that that’s the right answer.   
> If HNCP had really convincingly solved the problem, we would not be 
> seeing what we are seeing.

If the protocol is not truly plug and play in reality... wasn't that the 
entire premise? That doesn't sound like an ops problem. I understand 
that openwrt is a wonk box, but still if there isn't default 
configuration that would make it truly plug and play for most 
situations, that sounds really problematic.

Can you confirm or not that openwrt could be set up by default in a way 
that met the charter's requirements for operations (ie, like what you 
might expect in a commercial home router)?

Mike


>
>> I know why I haven't implemented HNCP on software I work on... and I 
>> also know that there aren't any very realistic alternatives either.
>
> Can you say why that is?
>
>> RA guard isn't applicable in a RFC7084 context. RFC7078 talks about 
>> routing and routers. I.e. what happens at the network layer.
>
> You mean at the “internet layer,” I assume?
>
>> If you are talking about what happens at the often integrated bridge 
>> CE devices have, then sure, they could implement RA Guard.
>> But having your additional router sending RAs across the homenet 
>> might not be a particularly good idea anyway.
>
> Why not?   What would be a better idea?   I don’t mean to say that 
> using RAs in this way is ideal, but what’s the alternative that 
> doesn’t involve the vast complexity of per-host routing?
>
>> Sounds like you need to set it up as a NAT.
>
> I really hope you are just making a funny joke here.   But it’s not 
> very funny.   What I want is something that’s operationally simple, 
> not something with lots of moving parts that have to be kept track of. 
>   NATs in particular suck for any UDP-based protocol.
>
>> I wasn't thinking of doing it exactly like the 6lowpan does it.
>> Regardless I don't see why scaling should be problematic, are you 
>> planning to have millions of rapidly moving hosts on your shared /64 
>> network?
>
> If you have N devices on a single link on the other side of the 
> router, then when using either RA or a routing protocol, the amount of 
> information you need to propagate to get things working is very small: 
> just a prefix and a router.   If you can’t do that, then the amount of 
> information you need to propagate is at a minimum N units, and 
> possibly K*N, for some not insignificant factor K.
>
> To be clear, the reason I’m concerned about this is that I’ve looked 
> at implementing it on OpenWRT, and it’s at least roughly doubling the 
> complexity of the work required, even if you can depend on using IPv6. 
>   If you have to use IPv4 on one side, then it’s even more complexity. 
>   And it’s utterly stupid complexity—it adds no value over subnetting. 
>   Why add that to the network?
>
> This is why I’m asking people if they have knowledge of what is 
> actually deployed.   I think this is the right place to ask, but if 
> you disagree, I’m open to suggestions.
>
>
>
> _______________________________________________
> homenet mailing list
> homenet@ietf.org
> https://www.ietf.org/mailman/listinfo/homenet