IETF Logo Mail Archive

Re: [IPv6] RFC 6724 shouldn't prefer partial reachability over reachability

David Farmer <farmer@umn.edu> Mon, 13 November 2023 16:33 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23D98C15C29D for <ipv6@ietfa.amsl.com>; Mon, 13 Nov 2023 08:33:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lRQ6TICyw8PG for <ipv6@ietfa.amsl.com>; Mon, 13 Nov 2023 08:33:14 -0800 (PST)
Received: from mta-p7.oit.umn.edu (mta-p7.oit.umn.edu [134.84.196.207]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4A9CC1522C6 for <ipv6@ietf.org>; Mon, 13 Nov 2023 08:33:13 -0800 (PST)
Received: from localhost (unknown [127.0.0.1]) by mta-p7.oit.umn.edu (Postfix) with ESMTP id 4STZjh5bXqz9wfjV for <ipv6@ietf.org>; Mon, 13 Nov 2023 16:33:12 +0000 (UTC)
X-Virus-Scanned: amavisd-new at umn.edu
Received: from mta-p7.oit.umn.edu ([127.0.0.1]) by localhost (mta-p7.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oyRD6rBQxxrt for <ipv6@ietf.org>; Mon, 13 Nov 2023 10:33:12 -0600 (CST)
Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p7.oit.umn.edu (Postfix) with ESMTPS id 4STZjh1FNwz9wfj8 for <ipv6@ietf.org>; Mon, 13 Nov 2023 10:33:12 -0600 (CST)
DMARC-Filter: OpenDMARC Filter v1.3.2 mta-p7.oit.umn.edu 4STZjh1FNwz9wfj8
DKIM-Filter: OpenDKIM Filter v2.11.0 mta-p7.oit.umn.edu 4STZjh1FNwz9wfj8
Received: by mail-ed1-f71.google.com with SMTP id 4fb4d7f45d1cf-54061ad6600so3072705a12.3 for <ipv6@ietf.org>; Mon, 13 Nov 2023 08:33:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; t=1699893189; x=1700497989; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=eEeqhxJICMvcyZgd+tbvy35uBaBzttecG4c4ZrSY7Ws=; b=DLB2HWVlIbBZGRKiitNrvVzlQIimrVLy7rXMwvxC0Dih+5QByZyhlzp3KmYAzEmSve pVtOz7TVyqp533PIazTaAn3Js+JLTvTxWeranDDiT6g8r2QM3oN+s+amiNdD0GIjv/qZ C/Xp1oMkFMwOkypQKo+QB6pRD9goGHuQF1/CNkPUsO9M93rCbSUqpttY0hhorM/jdo8x IHCQ2IerqzmmnzF5kog2WaGWU1tH9LlmDt/urDV5TLwXZmWFoSQ8avpHFNPBqZmaa3Au kC6T0jcPfXOtpjB1HX8HebNan5nBR1dsFYmf+46Jd9CTc3/iYNrxuWueEDGH4rWAaAm1 TuEw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699893189; x=1700497989; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=eEeqhxJICMvcyZgd+tbvy35uBaBzttecG4c4ZrSY7Ws=; b=AwXmhFWa5LiCWSjaqu6WvnSxq5fqQduQw7WmgpG7UqnDyA6HnBQkFNpymEaSixhCVz p8C2i9uda8TE9MJ2fgncLoc1mv2fO5nAdv8jjnPB5rDLWeBF5n1o6J4UKyVIewGPDJHb J46+uhwNUsa/8QGzMVcz+JjZeOwjBJoZinOsQdicYjt7iwT6DI4hIs0Uwp8gny/l0LT9 1frjuXbxDfg04Wp3WpYwGkNQTACj3ybuNLLgtuoz4TTkZefbTy3a6Useytqa1TXdvs+R 63okqZ4W/Vxu2jMbkyDypN5zu9mQTQH7s9TBzawcTUZaq/eUX9UmHBW0kf75Q6veb9GR TQCg==
X-Gm-Message-State: AOJu0Yx8WKlB9m5fU3UelUsUU9yHQsa0T7+2mcTUIyeO8CoD7WVpkkwq s0FO72rP6Ca000DqSKuBT5zC06oqRLj6FyWaYTIixY0eIIuJ2lkHN9L/MOJw3aYu/QBBl/tUoIo yO50ePrkYIAm//fKp8nYVB3YD
X-Received: by 2002:aa7:d847:0:b0:543:5281:2ad8 with SMTP id f7-20020aa7d847000000b0054352812ad8mr5037561eds.18.1699893189658; Mon, 13 Nov 2023 08:33:09 -0800 (PST)
X-Google-Smtp-Source: AGHT+IFH/K2j8V/7e+z+i4CKkcR93yceIgZ3x02F/KsLjuNC9cGRpekBRebEPtrRttVg9jgV7JtNzMugIhlf8GxXL+Y=
X-Received: by 2002:aa7:d847:0:b0:543:5281:2ad8 with SMTP id f7-20020aa7d847000000b0054352812ad8mr5037544eds.18.1699893189224; Mon, 13 Nov 2023 08:33:09 -0800 (PST)
MIME-Version: 1.0
References: <CAKD1Yr2uD+XE+HA6vs3BfEchpWr5H2NEeoXLrXm7-U9_ckw1sA@mail.gmail.com> <CAN-Dau2Nw21wUm-mjxq3bnYczPJbApVhcZZ6oie+HiB4yvr_PQ@mail.gmail.com> <CAKD1Yr1z2x8iKXYQtPVifj-XkP7MeRq=NWe0gdWBGC1aS_j0Mg@mail.gmail.com> <CACMsEX8f_qmpZ898vKLy_56Jy1WKEju94fYEz5fuV4Pc3iJ=tw@mail.gmail.com> <CAKD1Yr1tZa0W=617hQrgYYqmUbfgFp7EhmvgqKzaBvF=r=5FuA@mail.gmail.com> <CAJU8_nUOjrO5FPPXTCNeA-9YuSPT7SmGkiM82DGiMacyfntV6w@mail.gmail.com> <CAN-Dau0FP31h3s+Fzbam7GJg-rNGsX3m8Hx3k=+895NT0a4iqw@mail.gmail.com> <CACMsEX8J8nGJKX9nUvev_H_zsEmznwKUU-xZyJzubybbCeK-_Q@mail.gmail.com> <CAN-Dau2eeEd_jX6hmyUyG3Q23jrpmUboB_j-hKN20Qwe2nyNwg@mail.gmail.com>
In-Reply-To: <CAN-Dau2eeEd_jX6hmyUyG3Q23jrpmUboB_j-hKN20Qwe2nyNwg@mail.gmail.com>
From: David Farmer <farmer@umn.edu>
Date: Mon, 13 Nov 2023 10:32:52 -0600
Message-ID: <CAN-Dau1fuwNWLU3ZQiZRE7aJec7azF12fJF86vwM0s_ZWg7x0Q@mail.gmail.com>
To: Nick Buraglio <buraglio@forwardingplane.net>
Cc: Kyle Rose <krose@krose.org>, IETF IPv6 Mailing List <ipv6@ietf.org>, Lorenzo Colitti <lorenzo@google.com>
Content-Type: multipart/alternative; boundary="000000000000b33e72060a0b395a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/2TIpKktJsl4VIpBJPFlqRFGZiEE>
Subject: Re: [IPv6] RFC 6724 shouldn't prefer partial reachability over reachability
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Nov 2023 16:33:19 -0000

One more thought.

On Mon, Nov 13, 2023 at 10:28 AM David Farmer <farmer@umn.edu> wrote:

> How about something like the following;
>
> Since ULAs are defined to have a /48 site prefix, an implementation SHOULD
> automatically add rows for all covering ULA site prefixes received in
> Router Advertisements (RAs) [RFC4861] within Prefix Information Options
> (PIOs) or Route Information Options (RIOs) [RFC4191]. These known-local ULA
> /48s SHOULD have a precedence of 45
>
>
These known-local ULA /48s SHOULD have a precedence of 45 and a common
label identifier.


> All Nodes SHOULD provide a mechanism to configure the policy table. Any
> Node that does not provide a mechanism for policy table configuration MUST
> implement the automated increased precedence for known-local /48s of ULA.
>
> Nodes implementing the automated increased precedence for known-local /48s
> of ULA MAY set the default precedence for the ULA label (fc00::/7) to 10.
> Otherwise, the default precedence for the ULA label (fc00::/7) MUST be 30.
>
> All Nodes SHOULD implement HEv2 [RFC8305].
>
>
> More comments below;
>
> On Mon, Nov 13, 2023 at 9:10 AM Nick Buraglio <
> buraglio@forwardingplane.net> wrote:
>
>> On Mon, Nov 13, 2023 at 8:56 AM David Farmer <farmer=
>> 40umn.edu@dmarc.ietf.org> wrote:
>>
>>> So if it is ok to mitigate DNS misconfigurations with border ACLs and
>>> Routing information in the routers delivering ICMP Destination Unreachable
>>> messages to hosts, using Happy Eyeballs racing different options, and
>>> advising people not to put ULAs in the public DNS, then why is it NOT OK to
>>> use some of that same information to make a first cut at which ULA /48s are
>>> local or not on the host?
>>>
>>> To be honest, this is a big enough problem that we should be using all
>>> the tools in the toolbox to solve it.
>>>
>>> Preferring known local /48s in the host's policy table doesn't eliminate
>>> the need for other mitigations, but as Lorenzo points out, those other
>>> mitigations have a cost, too. Why incur those costs %99.9999 of the time
>>> when there is no hope for reachability in the first place? And, Mark, I
>>> hear you. ULAs must be preferred above GUAs, but why prefer the %99.99999
>>> of ULAs that will never work anyway?
>>>
>>> We need;
>>>
>>> I agree with all of these.
>>
>>
>>> 1. ICMP Destination Unreachable messages from ACLs and routes in the
>>> routers, RFC 4193 Sections 4.1 and 4.3
>>>
>>> 2. Happy Eyeballs, RFC 8305, and maybe it needs some tweaks
>>>
>>
>> This could be an opportunity for HE3 draft that is now in v6ops,
>> perhaps?
>>
>
> Yes, probably.
>
> 3. Advice to not put ULAs in Public DNS, RFC 4193 Section 4.4 But we need
>>> to include options to instantiate local DNS properly. Just saying "DON'T DO
>>> THAT" isn't good enough.
>>>
>> We could add some verbiage into this update to say the same, but updating
>> 4193 is  another task altogether.
>>
>
> This doesn't belong in RFC 4193 or even the 6man of v6ops working groups,
> in probably needs to be a DNSOps working item.
>
>
>> 4. Prefer only known local ULA /48s in host policy tables, beefing up
>>> Section 10.6 of RFC6724.
>>>
>> We could add some more text to reflect that, too.
>>
>
> How about something like the above?
>
>
>> I think it’s not one or the other; we need to do all four of these.
>>>
>>
>> Right, and we have to take a first step to start that trip, which is what
>> this draft is proposing. We also can't expect to address every possible
>> corner case, that is a sure-fire recipe for decision paralysis.
>> A great deal of what we've been discussing is fairly edge case and/or
>> subjective (e.g. dns implementation specifics). We very much should not
>> make the perfect the enemy of the good, especially when we have a fairly
>> large task.
>>
>> Most of what I am reading both literally and between the lines is that
>> this is a recognized impediment to moving to a more v6-first world, and
>> that's good because that's what we're proposing and I think that's the goal
>> of this group. We will see if we can get some test results out this
>> week, hopefully that will alleviate some concerns.
>>
>>>
>>> Thanks
>>>
>>>
>>> On Mon, Nov 13, 2023 at 05:13 Kyle Rose <krose@krose.org> wrote:
>>>
>>>> On Sun, Nov 12, 2023 at 8:02 PM Lorenzo Colitti <lorenzo=
>>>> 40google.com@dmarc.ietf.org> wrote:
>>>>
>>>>> If we don't do this, RFC 6724 will make the wrong decision most of the
>>>>> time in the IPv4+ULA case. IPv4 addresses have global reachability and
>>>>> hosts can safely assume that they will work. ULA does not have global
>>>>> reachability, but this proposed change sort of assumes it does. "Don't put
>>>>> non-local ULAs in DNS" isn't a great answer, because DNS is not the only
>>>>> way that hosts get addresses.
>>>>>
>>>>
>>>> Maybe not, but it's overwhelmingly the most common mechanism for
>>>> service discovery between hosts with no pre-existing relationship, and
>>>> putting ULA into a DNS horizon (public or otherwise) from which the
>>>> addresses are unreachable is a misconfiguration. (Notably, getaddrinfo is
>>>> also the most common place the address selection algorithms described in
>>>> 6724 and predecessors are implemented, and getaddrinfo is tightly coupled
>>>> with DNS, so it makes sense that we're mostly focused on DNS in this
>>>> discussion.)
>>>>
>>>> But also: does the mechanism of leakage matter? I frankly don't
>>>> understand why any exposure of unreachable ULA to a host should be
>>>> considered anything other than a misconfiguration. Even time-bounded
>>>> inconsistency like a local caching resolver handing out now-unreachable ULA
>>>> after a device moves networks seems like a bug: the OS should flush the
>>>> resolver cache, or at least those entries learned from the changed
>>>> interface, when this happens.
>>>>
>>>> I would like some examples of ULA leakage that you don't consider to be
>>>> misconfigurations. Until then, my conclusions remain as before:
>>>>
>>>>  - You should have a route to any ULA you are attempting to use, and if
>>>> you don't, that's a misconfiguration.
>>>>  - Attempting to mitigate every such misconfiguration via mere passive
>>>> address selection is futile.
>>>>
>>>> I'll note that mitigations are the whole purpose of Happy Eyeballs.
>>>>
>>>> "Rely on happy eyeballs" isn't a good answer either - HE always has a
>>>>> latency cost, and also, many applications and OSes don't implement it
>>>>> (example: java applications; most Android apps).
>>>>>
>>>>
>>>> Seems like something the OS or protocol stack could provide as a
>>>> service in most cases, rather than relying on applications to implement it.
>>>> Regardless, IMO it's perfectly reasonable for applications to misbehave
>>>> when the network is misconfigured: operators should fix their networks.
>>>>
>>>> Also: *this failure mode doesn't exist in RFC 6724 today*. Generally,
>>>>> if you follow the rules in RFC 6724 you'll get something that works
>>>>>
>>>>
>>>> 6724 and the proposed changes work or not under the same
>>>> circumstances: whether the selected destination address is routable or not.
>>>> You could just as easily leak an unroutable 1918 address as you could leak
>>>> an unroutable ULA. Both are misconfigurations.
>>>>
>>>> Kyle
>>>>
>>>> --------------------------------------------------------------------
>>>> IETF IPv6 working group mailing list
>>>> ipv6@ietf.org
>>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>>> --------------------------------------------------------------------
>>>>
>>> --------------------------------------------------------------------
>>> IETF IPv6 working group mailing list
>>> ipv6@ietf.org
>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>> --------------------------------------------------------------------
>>>
>>
>
> --
> ===============================================
> David Farmer               Email:farmer@umn.edu
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE        Phone: 612-626-0815
> Minneapolis, MN 55414-3029   Cell: 612-812-9952
> ===============================================
>


-- 
===============================================
David Farmer               Email:farmer@umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================

v2.23.0 | Report a Bug | By Email