Re: problem statement [was Re: New Version Notification for draft-hinden-ipv4flag-00.txt]

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 21 November 2017 01:42 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3D821242F7 for <ipv6@ietfa.amsl.com>; Mon, 20 Nov 2017 17:42:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SjWOqXSxjfQu for <ipv6@ietfa.amsl.com>; Mon, 20 Nov 2017 17:42:29 -0800 (PST)
Received: from mail-pf0-x234.google.com (mail-pf0-x234.google.com [IPv6:2607:f8b0:400e:c00::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B808124217 for <ipv6@ietf.org>; Mon, 20 Nov 2017 17:42:29 -0800 (PST)
Received: by mail-pf0-x234.google.com with SMTP id 17so8653067pfn.12 for <ipv6@ietf.org>; Mon, 20 Nov 2017 17:42:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:organization:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=BxhFkL4Zgi4evhIWj0matdWiqLQ6GQr1GPrenwoLaAA=; b=UMJMFBc4Y5TVNe+v950XNfev6CaD3j9DmeHt9YoC9YhG2kr+Y+izn9WQVEmO9Hcdsh N3RRkyxMPn8nw/POQ+rJdaTmONsvVhnG5k2JIupjurli4UmO1Vi7CQDwQDC+ubCulmB9 CrZEWPwSFxWMhj/3T+9bjsc54ltQhArwV/hKFq3FeOraTrcWwyc+PoXUk7ozfcuKJAE+ spfZyyJmuFaj1f784FnSx/xaEy6G6/6+D9ngpjk5SPbZ5OhOuYCKfnF0c3YgapwucmMm MqTkEw+C7UUGQmyqlzTZr7ue1A32sKZyOQQKUi5EXDcT8RGir7zxVkycVcohzmeVph2f sjKQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=BxhFkL4Zgi4evhIWj0matdWiqLQ6GQr1GPrenwoLaAA=; b=cLdpJ9qUTHV7yOPfJUc49ff5NsCWbgQOr8LK2tNiryzDGEIZPok69VJeuwngIFA7xI oriYix8I5LcwEBFr7/hS9jGc/4kLesELWPI3yx3Oe2jzTkvpvbYlcnYh7a0PIOeRn6Th JjwwvtisnAv5PiO8DG3+mHDNyrs/MxJDmBkNlXo0/sZ4W8bZeqgvm40wT/f1kVECXBq8 PnEfrfYbpOAXcJy0G/l3Z/Spg93chSEGyCribcWVfMPXTTeLFJY356IAoZLzwN7m0u3W xGq9IIUs5rsyh02GO1c3TQOU50MaLHULqbV9FFFwTXl4U//U9JgRII9RSU6RejyCssff b60g==
X-Gm-Message-State: AJaThX5kWapZeYbLTuXwX8+LIwBfic7ENvCS2yXb9aCfDaKcajx9kpFH BD0Jtwwcn0tIZTcHGyR5jxzT/g==
X-Google-Smtp-Source: AGs4zMb6+sqx4xB3ZKp8irlLgODt6mPquJEhg54FwD10qi54hQLSulImnLTY4W2X7k1zDLERxPHVqw==
X-Received: by 10.84.246.194 with SMTP id j2mr15578424plt.7.1511228548161; Mon, 20 Nov 2017 17:42:28 -0800 (PST)
Received: from [130.216.38.102] (sc-cs-567-laptop.uoa.auckland.ac.nz. [130.216.38.102]) by smtp.gmail.com with ESMTPSA id y20sm20862251pgc.52.2017.11.20.17.42.26 for <ipv6@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 Nov 2017 17:42:27 -0800 (PST)
Subject: Re: problem statement [was Re: New Version Notification for draft-hinden-ipv4flag-00.txt]
To: ipv6@ietf.org
References: <151090059151.22321.3357672601322845792.idtracker@ietfa.amsl.com> <E838C63E-7612-4AA4-9375-854C184D699E@gmail.com> <CAFU7BAQKoWPcEFQZgU3k_d0gUL4en6d2pyNq1V4RMNZ6HrSG8w@mail.gmail.com> <649be36e-5006-7688-448f-bc2794d6a39c@gmail.com> <19B39788-CEC6-478A-A303-7F42904533DF@huitema.net>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <0a8f6120-bb8e-a4ae-d011-01d0a19c341a@gmail.com>
Date: Tue, 21 Nov 2017 14:42:26 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <19B39788-CEC6-478A-A303-7F42904533DF@huitema.net>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/2gSGftm4uuItVAbIDws2-zDq-2w>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Nov 2017 01:42:31 -0000

Another response to multiple points:
 
> If people really care, they should just program the local routers and switches to block the IPv4 related multicast traffic. That will be much more direct than a bit in some RA.

Layer 2 or layer 3 blocking is fine, but it doesn't help
the battery life of the dual stack hosts.

> How about a transition rule for dual stack implementations? If there is IPv6 connectivity, don’t bother trying to establish IPv4? Maybe qualify that rule with availability of a 6to4 prefix?

I really hope you didn't mean "6to4". But that heuristic will only help
if all apps are IPv6-capable, which the IP stack cannot know. (It also
leaves IPv4 literals out in the cold.)

> 1. Security exposure; the inverse of the problems discussed in RFC7123,
> basically malicious or accidental IPv4 service.
> 2. Residual IPv4 traffic, especially broadcast traffic; DHCP solicits,
> IPv4-LL, ARP, service discovery, etc...

The proposal addresses only one thing: attempting to reduce
futile IPv4 traffic. It neither creates nor blocks IPv4 traffic.

> In very high dentistry and therefore
> typically congested WiFi environments...

A new view of dentist's office networking ;-)

> Probably the best that can be done by the client is to be "less aggressive" in trying to configure IPv4 when IPv6 is available and you don't seem to see IPv4 traffic from other nodes.

Indeed, but that's mainly an implementation choice. This proposal offers
a hint to assist that heuristic, if you like.

> Let's not forget about battery life.

Agreed. Every little helps.

> It just seems operationally simpler to create a new option in dhcpv4

I don't see how that works on a network with no DHCPv4 server.

> if IPv4 appears you probably want to start
> using it after a reasonable amount of time.

Indeed. And under the proposal, any RA with flag==0 would be
an instant trigger to wake up the IPv4 stack. (And no, that
isn't a serious DOS risk, since it is no worse than what
we have today.)

   Brian