IETF Logo Mail Archive

Re: A common problem with SLAAC in "renumbering" scenarios

Lorenzo Colitti <lorenzo@google.com> Wed, 20 February 2019 07:49 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DED8C130DC8 for <ipv6@ietfa.amsl.com>; Tue, 19 Feb 2019 23:49:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.501
X-Spam-Level:
X-Spam-Status: No, score=-17.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WPUlfwzs173q for <ipv6@ietfa.amsl.com>; Tue, 19 Feb 2019 23:49:54 -0800 (PST)
Received: from mail-it1-x12c.google.com (mail-it1-x12c.google.com [IPv6:2607:f8b0:4864:20::12c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57C7C130DC2 for <ipv6@ietf.org>; Tue, 19 Feb 2019 23:49:54 -0800 (PST)
Received: by mail-it1-x12c.google.com with SMTP id l15so13339984iti.4 for <ipv6@ietf.org>; Tue, 19 Feb 2019 23:49:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Q0VwKWrKCN9qPwc8PbZMzqGB0OIh/MYEM89nGoCpE2E=; b=AjJL4hEW92F9D+zkpeZJMSJnt8VD6n4jXvnkBgr3Xt60y9FtnKCzmiCEpKErKOhhsY fZw6jsZcDLqksVCENlzNbrLCltZ3BZyp5DUIkILlkaPabnujPNANY2EvjnCGeZ0ODXph lrZ85m/NlKY6WvXLaB1IVPUKYjP9Ha1csO6b9mWYGsBudbSN0DqDulUypJc410gg4wXd fyYbuY9Uu0zU88gc3nn1ETZ9GOFnUWuh40HvvXxmQmURSAVVX7krhEE83daUM2WaHsot 4cvOuaT2rlZEHcHj0gjjtBk6e8U4YbVwrc59Q0O21b3dYDYyvzubc0XnPMvmxGe1QLhw S/9A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Q0VwKWrKCN9qPwc8PbZMzqGB0OIh/MYEM89nGoCpE2E=; b=LGbDIawLmBkio1/rtN7lYRaKJ1IsrNEppH702d+ur7f7wDSa5REU4YIIj/C4PCPtLT iuHz3CPlPM2nG0SMvoOTBBj2ylM1kbkUMBk9im8Fcas8EOTng9XMsbaz4sBw5B59h20F +Ncjzncc71eUZ8rrHrjdsLegGK7Us0lkiOu12NOEZW3YpYBEPpjwFQ2WgTUnY2Vc0Uft uXlNR12pwuyIZ75pq1KExhAfAEVzNp2Soq1PiTLJe9qerCQacrGBhWshdFfx13jXYkjI +NxZApUaX37WflDH4WgrL9xTHX8z6BFXOXlofCOu+DnGcyy6G5xA4bPDaE20A46DQeic lISg==
X-Gm-Message-State: AHQUAuaiyWiB5/yXT5gQFnQdQMgGzgXCbYXP5zaCZ9dgDGNKuFjESE7D YJJ9pVEooyQ2+X/9oir2Q/JYeG7HGRDQandhc1nwLQ==
X-Google-Smtp-Source: AHgI3IaKcz6JWt3UiWBZ1ZCakARw+p8TxXkRLoV903B40zU1v1znfXiTlyFw4R85I8jAH7A/YiLNF7kjYkzdspRWqZQ=
X-Received: by 2002:a02:4f1c:: with SMTP id c28mr17576917jab.112.1550648993155; Tue, 19 Feb 2019 23:49:53 -0800 (PST)
MIME-Version: 1.0
References: <60fabe4b-fd76-4b35-08d3-09adce43dd71@si6networks.com> <65DB4854-97D2-4C31-A691-2CD93812EF93@consulintel.es> <CAHL_VyCMpCcGkEQu+RV1GRf2QLB-HD0+AOOBV0YhfQ5sbydVzQ@mail.gmail.com> <8CE7A0CD-97D9-46A0-814D-CAF8788F9964@consulintel.es> <e3e0bf2273e04f15b792665d0f66dfe5@boeing.com> <4c5fab33-2bff-e5b5-fc1d-8f60a01a146d@go6.si> <b4525832-9151-20bf-7136-31d87ba6c88d@huitema.net> <463f15cf-2754-e2e8-609d-dc0f33448c6c@go6.si> <ff649810-7242-7bc2-d36f-3f998f7bdd71@asgard.org> <9CDF41CA-83B4-4FC4-B995-EF79727C5458@steffann.nl> <CAO42Z2wA+vLmU7+sU6xLK7TO6pWfNQA5shs9zp=PqANCihLmBQ@mail.gmail.com> <BAB3061A-1808-4C0E-AA1B-2D7DD5BA63FC@employees.org> <bbd8b761-403a-5b3f-3f04-dc3bfdea116e@foobar.org> <6F3036C6-50A1-43C6-B554-31293B69E59D@employees.org> <433607c1-dbc6-a42e-cb17-dc209e33bdaa@si6networks.com> <12EA4FAE-BE3D-4CFE-9837-DF052F79A998@employees.org> <F48A816A-983E-4375-834C-75F103DCEA6A@employees.org> <8c8a79cf-0a87-15bc-bd91-bd2da82fdfa1@si6networks.com> <9BE77D1D-C247-4B8E-B9AF-22BE1DC9F79D@employees.org>
In-Reply-To: <9BE77D1D-C247-4B8E-B9AF-22BE1DC9F79D@employees.org>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Wed, 20 Feb 2019 16:49:40 +0900
Message-ID: <CAKD1Yr1fv3pUevB_zeZpQ-UQcNUo2zHUH4xj9NXYohyMbUSgRQ@mail.gmail.com>
Subject: Re: A common problem with SLAAC in "renumbering" scenarios
To: Ole Troan <otroan@employees.org>
Cc: Fernando Gont <fgont@si6networks.com>, 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000069056c05824e9a6b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/4gepR3ghy-d4EF3AvkCT2Ns1cLc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2019 07:49:57 -0000

FWIW, I think the reason that the only way to renumber IPv6 networks is
(mostly) there is no way to explicitly communicate the user prefixes from
the CPE to the network. I think most deployments inject routes based on
DHCPv6 PD snooping, and the implementations of that generally only support
one injected route per DHCPv6 client.

On Wed, Feb 20, 2019 at 4:46 PM Ole Troan <otroan@employees.org> wrote:

> Top posting. Two points here.
>
> 1) Flash renumbering breaks stuff. Especially for people running servers.
> Allowing people to host and own their own content in their own networks
> would do a lot more to protect people’s privacy rather than changing
> addresses. So let’s agree that the problem you want to solve is a
> misconfiguration/error case, not recommended operational practice.
>
> 2) We should always strive to make mechanisms more robust. Your suggested
> point solution already have alternative broader solutions. E.g. MPMH host
> or added rules in SAS. It might be worth looking at the more general
> problem.
>
> Ole
>
>
> > On 20 Feb 2019, at 06:34, Fernando Gont <fgont@si6networks.com> wrote:
> >
> >> On 20/2/19 01:54, Ole Troan wrote:
> >>
> >>
> >>>> On 20 Feb 2019, at 04:35, Fernando Gont <fgont@si6networks.com>
> wrote:
> >>>>
> >>>> On 20/2/19 00:11, Ole Troan wrote:
> >>>>
> >>>>
> >>>>>> On 20 Feb 2019, at 03:50, Fernando Gont <fgont@si6networks.com>
> wrote:
> >>>>>>
> >>>>>> On 19/2/19 10:08, Ole Troan wrote:
> >>>>>> Nick,
> >>>>>>
> >>>>>>> On 19 Feb 2019, at 13:57, Nick Hilliard <nick@foobar.org> wrote:
> >>>>>>>
> >>>>>>> Ole Troan wrote on 19/02/2019 12:22:
> >>>>>>>> Indeed. Wonder how these pesky mobile phone operators manage to
> >>>>>>>> deliver the same telephone number to a user, for years. Across
> >>>>>>>> different providers and contracts.
> >>>>>>>> I can’t think this argument is anything but a strawman.
> >>>>>>>
> >>>>>>> Ole,
> >>>>>>>
> >>>>>>> if recommending static IP addressing is an idea that 6man wants to
> push, you'll need to reach out to the security and ops areas to get their
> input on this.  I'm not sure this is an issue that 6man can resolve fully.
> >>>>>>
> >>>>>> It’s been the IPv6 addressing model for at least 20 years, so I
> think the other areas have had ample time to provide their input.
> >>>>>
> >>>>> For the reasons stated in draft-gont-6man-slaac-renum, I don't think
> >>>>> this affects the discussion we are having. But, out of curiousity,
> >>>>> where's the "addressing model" you are referring to documented?
> >>>>
> >>>> I can’t see slaac-renum tackling these issues.Which reasons are you
> referring to?
> >>>
> >>> A significant percentage of IPv6 deployments don't employ static
> >>> prefixes but dynamic prefixes. That's a deployment reality.
> >>
> >> There’s a defined way to do IPv6 renumbering, which involves
> overlapping new and old prefixes.
> >
> > There's a defined way to do *planned renumbering*, you might argue.
> > That's not what we are trying to address here -- even when the
> > improvements we propose end up helping in that area, anyway.
> >
> >
> >
> >> There seems to be some people arguing that renumbering without an
> overlap is a supported case in IPv6. It is not.
> >>
> >> That is although related, not the problem you are looking at.
> >
> > There's a variety of reasons for which a prefix may become stale without
> > explicit signaling. Jen has provided a more thorough list here:
> >
> https://tools.ietf.org/html/draft-linkova-6man-default-addr-selection-update-00
> > .
> >
> > What triggered our I-D is one of the cases in Jen's list, where a CPE
> > crashes and reboots. Version -01 of our I-D elaborates on many things
> > that contribute to the problem.
> >
> > What we have right now is a system that is not robust. We want to
> > improve robustness. The outcome of burying our heads into sand will most
> > likely be people complaining about IPv6, and IPv6 connectivity failing
> > and hosts falling back back to IPv4 (thanks to HE).
> >
> > Modulo folks that seem to be in favor of improving things, so far I seem
> > to have read:
> >
> > * CPE vendors are shipping crap
> > * ISPs are clueless in what they build
> > * Some of us miss some clues about IPv6
> > * The 37% of network suffering from these issues are just marginal.
> >
> > I don't think the above is doing us any favours. Actually, it seems a
> > lot like "problem solving" in
> > https://images-na.ssl-images-amazon.com/images/I/416cjJcmM-L.jpg . I'd
> > rather honor the "E" in IETF.
> >
> > Thanks,
> > --
> > Fernando Gont
> > SI6 Networks
> > e-mail: fgont@si6networks.com
> > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
> >
> >
> >
> >
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email