IETF Logo Mail Archive

Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-update-00.txt

Brian E Carpenter <brian.e.carpenter@gmail.com> Mon, 23 October 2023 20:26 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D768AC151995 for <ipv6@ietfa.amsl.com>; Mon, 23 Oct 2023 13:26:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.199
X-Spam-Level:
X-Spam-Status: No, score=-2.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.091, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1ykvtTzzFK3c for <ipv6@ietfa.amsl.com>; Mon, 23 Oct 2023 13:26:13 -0700 (PDT)
Received: from mail-pj1-x102e.google.com (mail-pj1-x102e.google.com [IPv6:2607:f8b0:4864:20::102e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43F4CC151540 for <ipv6@ietf.org>; Mon, 23 Oct 2023 13:26:13 -0700 (PDT)
Received: by mail-pj1-x102e.google.com with SMTP id 98e67ed59e1d1-27d329a704bso2361111a91.0 for <ipv6@ietf.org>; Mon, 23 Oct 2023 13:26:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1698092773; x=1698697573; darn=ietf.org; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=a8/7Cl7DnZAOw0Z+RT2alnQ1Of+RJrrn74xHYi9B80o=; b=Ba8v6bpAVCV5oIFhyjJZyVWKgIEP+KsKFioL9MBa9leI1PexY7O4qqxuBiL7rny0n/ hn8rAB5ie8zVh82xokWuZs8ouOlT82PLsxu4qWGGuYKhlxStGT/fzMBwnkVWBuQnIw78 jEF5Q6KUqaxqAOvhtN+qAoNRoUTSkBIYmLTupXJ5F+M6nejHZ3vqKlUrCHAhnAbtM3qE iMhDWIEsFxBvOh7Gb/yWvIeDAgEXooKECXVNDEs+U+VJ7ctXNaDWHPVKNVM55Dw+mAgI /XAa5Me/dcvbSlsi/mXk+PUxqfbQ9YOxSt1rXHPqQU5UUOMwjVEyhICyWsjibPvkhmmI avsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698092773; x=1698697573; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=a8/7Cl7DnZAOw0Z+RT2alnQ1Of+RJrrn74xHYi9B80o=; b=jtx8Y7sUJYeN88TW6mxf+mcqJ9CPjvhlEFXQyWGIsnfQq4msBOtVu7UIX+r6FIIlEK 2npzJrYKWf78RzjNFzq/p3lJvDCR4+QE6cVpfM05E9vy5cuSr37eHIXHgR89wRxAnkZf IykuHC4uT11cOLZradyXFdcrPw16DiEVm+LRcEf9bTpGz05A+uiSn06brIj29S0SYz+h EshnKcd9izhXUYdfTQHoy4BSk7aYB/Agkig5Umto8raQQssSqol3UEl8kDMDxZZozv2Z eJtqbLq8JjSpQz+AsDOuyE/11YSFKdpVrflnojVwc/dFbhsNwjN3pEYLCCfHO6HuNFqt k+qA==
X-Gm-Message-State: AOJu0YwM2TJbFnmxl9U49mhErQd629bnv5h7w9m/b1EsoPcdgbv+eHLD qpZAQ7XqDBYnFgp0jB8tFmI3wcIIbwpVFw==
X-Google-Smtp-Source: AGHT+IHtPX/cQiAsIOC1lKDOjL29j1lb2T1dvTrBOG8ACR6Vj7eE3DNXB1C4WTDhmOaGF5QrS4mNpw==
X-Received: by 2002:a17:90a:8b07:b0:27d:5584:4cce with SMTP id y7-20020a17090a8b0700b0027d55844ccemr7330100pjn.12.1698092772625; Mon, 23 Oct 2023 13:26:12 -0700 (PDT)
Received: from ?IPV6:2406:e003:110d:5301:8cb6:a2c:7461:4047? ([2406:e003:110d:5301:8cb6:a2c:7461:4047]) by smtp.gmail.com with ESMTPSA id gj6-20020a17090b108600b0027ce34334f5sm5917294pjb.37.2023.10.23.13.26.11 for <ipv6@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 23 Oct 2023 13:26:12 -0700 (PDT)
Message-ID: <6e07f52c-fd21-c4a0-b1d3-381522bc05a6@gmail.com>
Date: Tue, 24 Oct 2023 09:26:08 +1300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
Content-Language: en-US
To: ipv6@ietf.org
References: <e1c50f43dac34ee296be60ef97acf06f@huawei.com> <1A5F2950-22F6-4F48-B528-00368B6898EF@employees.org> <CAJU8_nXsZfTQx8JFobt=p14O78RqrcOicB5V4Z1N3pHojOkzEw@mail.gmail.com> <CA+9kkMAx67VcPy6q5s0naREQ5YASq1AG2W93fF2JffsYnTX4nQ@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
In-Reply-To: <CA+9kkMAx67VcPy6q5s0naREQ5YASq1AG2W93fF2JffsYnTX4nQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/7BC2DYHEh0TNHfmcPPetD_rPSSY>
Subject: Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-update-00.txt
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Oct 2023 20:26:13 -0000

On 24-Oct-23 05:23, Ted Hardie wrote:
> Hi Kyle,
> 
> On Mon, Oct 23, 2023 at 4:33 PM Kyle Rose <krose@krose.org <mailto:krose@krose.org>> wrote:
> 
>     On Mon, Oct 23, 2023 at 9:26 AM Ole Trøan <otroan=40employees.org@dmarc.ietf.org <mailto:40employees.org@dmarc.ietf.org>> wrote:
> 
>         I don’t see your point.
>         Please give an example where signaling solves something…
> 
> 
>     I'm not 100% what Vasilenko means, but to me the impasse can be described by two scenarios:
> 
>     1. ULA is able to reach the public internet via NAT/NPT. No GUA is available (for whatever reason). Either IPv4 or IPv6 can be used to reach the public internet.
>     2. ULA is not able to reach the public internet, and will be filtered or rejected at the border. No GUA is available (for whatever reason). IPv4 is required to reach the public internet.
> 
>     Dealing with these two situations in the absence of an explicit signal about ULA->public internet reachability requires mutually exclusive configurations. There is no default policy configuration, much less a default policy table in the 3484 sense, that will accommodate both.
> 
>     This forces us to make a choice about which of the two behaviors will be made the default. I of course have my preference (as stated elsewhere) but regardless, if we want to make progress we all need to accept that this choice is unavoidable within the existing source address selection framework in the absence of further signaling from the network.
> 
> Thanks for this precis of the situation.  I will point out that ULAs, on their creation as a replacement for site-local, were described to the rest of the IETF as following 2 (at the time without any possibility of 1, see RFC 4193 section 4.1 and 5).
> 
> There are, as a result, many existing contexts in which the application's presumption is for 2.  Using an explicit signal to indicate a change in the protocol's characteristics permits at least some hope that the application will have access to that signal and can adjust its behavior accordingly (as others have pointed out, this is non-trivial to arrange, but within the realm of possibility).  Without an explicit signal a new default has significant failure modes for the applications that there is no real way for us to address.
> 
> I would personal prefer to move to a state where both behaviors are explicitly signaled and the absence of a signal indicates that the upgraded mechanism is not in use.  This is similar to, but distinct from, retaining the original default (in that it lets you identify when a network's choice of signal is deliberate).
> 
> Just my personal opinion,

Not really, because I fully agree, as a direct result of writing the code at https://github.com/becarpenter/getapr/ . Nothing made any sense until I defined a Boolean NPTv6 which defaults to False, and only flips to True when the code successfully connects from a ULA source to a GUA destination. After that, everythinng became straightforward.

   Brian

v2.23.0 | Report a Bug | By Email