IETF Logo Mail Archive

Re: A common problem with SLAAC in "renumbering" scenarios

Mark Smith <markzzzsmith@gmail.com> Wed, 13 February 2019 00:43 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79AF8130E70 for <ipv6@ietfa.amsl.com>; Tue, 12 Feb 2019 16:43:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.498
X-Spam-Level:
X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uhpwcqp3D-6h for <ipv6@ietfa.amsl.com>; Tue, 12 Feb 2019 16:43:53 -0800 (PST)
Received: from mail-ot1-x334.google.com (mail-ot1-x334.google.com [IPv6:2607:f8b0:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88C79129508 for <ipv6@ietf.org>; Tue, 12 Feb 2019 16:43:53 -0800 (PST)
Received: by mail-ot1-x334.google.com with SMTP id u16so1078296otk.8 for <ipv6@ietf.org>; Tue, 12 Feb 2019 16:43:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=K07PZfe0tvrsJGietrvg22B6zk4e4rnyMMu3rq7eb5c=; b=T9stZXSW8W39kuXK9PbGcb6ulERCKPpXLlpyVjh4rijr7aVrpqMcdknhwnSxWoJekR k3MlroivY9pBLHMGq+kzb1EXZCjVCGnGlZbZaxoHcB5beh0W+s6GwRQpwUrFbrsScToe u3OCcYL82+e0ZcUMUYUp2QBZL2E3EOumXoIeuGVB4QtyYfP8CV+D4y8d/P5YFiCGtInb MFtyFOemeCjsZ7PwR50OwLYTRDffd5K+PlruFEwRIfZMZDD2Fs97322k0BX05cwN4cFQ j9qJ6SDdf4LJlZKcrQw7CiiQJniHYa/JMkVypnEwYYGeXpdBHrSSy2mdtyeOUXaNxiVn +ouQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=K07PZfe0tvrsJGietrvg22B6zk4e4rnyMMu3rq7eb5c=; b=iw3bSo9bwlc9p+DK/GWKufaKRESvbHmF9+IoGjRabHFmnOzhjF595aw5hr7R2hKpTg eiTnb05H3Tez0O2ucwwFGXbMjXo1EeCpVAB9TrvlGIqN+1ouw3WFfUgznCtdbL/EKcoL syeFh1XHbVrrS5i+YVLnrg7eJjopzP65UD8zRFgWlI2wBWOyoT7mkGelJIde0sBdmM44 o5IL1Z5AdYjpeTjFzENDfrXrgVauJ0/YbewKJ+k29t0e14G55vUuyLxmYCd/TJ5XMqfr KKqG/QkDzJDe9r8tWW7csYG8ej4hRDLZ5E24box5jbGz1WNM1pGddBe5gVL73biKXnLJ +2Og==
X-Gm-Message-State: AHQUAuZaNmfb5bM5outLR31b40ppiaJVFPTTUuqJw+msIdPATtBJ/zyo 8HcSZpvccqV/vmzLb/vnBbdRu1Se4V8or6ULGw3iMQ==
X-Google-Smtp-Source: AHgI3Ib+LwG4TNfXl3SSMXFpwCQTgIDyJG1hNgbUIEEkk/HmkRbYZ/Q6ccxVpuJjGPV6EYthS1IJM5WOxV7/Y2pW9ck=
X-Received: by 2002:a9d:27e3:: with SMTP id c90mr6276235otb.21.1550018632603; Tue, 12 Feb 2019 16:43:52 -0800 (PST)
MIME-Version: 1.0
References: <60fabe4b-fd76-4b35-08d3-09adce43dd71@si6networks.com> <alpine.DEB.2.20.1901311236320.5601@uplift.swm.pp.se> <m1gpCcz-0000FlC@stereo.hq.phicoh.net> <ddd28787-8905-bafd-3546-2ceef436c8b0@si6networks.com> <m1gptWx-0000G3C@stereo.hq.phicoh.net> <69609C58-7205-4519-B17A-4FBC8AE2EA16@employees.org> <d40b41c3-ff1b-cab4-a8de-16692a78e8fd@go6.si> <D1E45CAD-08D0-43D4-90F7-C4DD44CB32C0@employees.org> <alpine.DEB.2.20.1902041330531.23912@uplift.swm.pp.se> <46B8DB92-DC81-4242-9780-0D00FB6BDB7A@employees.org> <1c7ebabb-d6f6-d877-d4aa-d6c0fc7d5c60@go6.si> <6278.1549471453@dooku.sandelman.ca> <CAO42Z2xdKtLJV11KXELBKca6CWn=B6Avz6bO_94kFFXaKiZ-pQ@mail.gmail.com> <4602.1549908472@localhost> <CAO42Z2w1swQNuwnrOyTCEMXt0NSyrBx7Ww3kUN-7dfEV=fvk3A@mail.gmail.com> <c16e0e1f-1ed2-ad88-80f1-070bdd8bccca@go6.si> <1F2C2AEE-1C7D-481C-BBA7-7E507312C53A@employees.org> <e56a6e5b-648d-200e-c35d-97f15a31fb2a@asgard.org>
In-Reply-To: <e56a6e5b-648d-200e-c35d-97f15a31fb2a@asgard.org>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Wed, 13 Feb 2019 11:43:25 +1100
Message-ID: <CAO42Z2zh7fKAgQJq9aLCTiFoSSsTeGM=pK3gXitg+gcxH=9fhQ@mail.gmail.com>
Subject: Re: A common problem with SLAAC in "renumbering" scenarios
To: Lee Howard <lee@asgard.org>
Cc: 6man WG <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/AMC6MSSUO3cz1BQBDnQ7REeSWQw>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Feb 2019 00:43:55 -0000

On Wed, 13 Feb 2019 at 08:55, Lee Howard <lee@asgard.org> wrote:
>
> Seems like I may still disagree about the architecture of the Internet. . .
>
> On 2/12/19 9:53 AM, Ole Troan wrote:
> > Jan,
> >
> >> On 12 Feb 2019, at 04:36, Jan Zorz - Go6 <jan@go6.si> wrote:
> >>
> >> Surprisingly, this is not causing major problems. Similar to IPv4, where changing the public IPv4 address on the CPE that is doing NAT to the internal LAN doesn't have considerable effect on the hosts inside (well, some sessions could drop on change, but that's the price you pay with NAT). In IPv6, if source and destination address is the same - if network in between changes and re-establishes quick enough - that should work (and it works in deployments out there ;) )
> > “Not considerable effect”?
> > It breaks all existing connections.
>
> This is packet switching, not circuit switching. Be resilient.
>

The questions are where and where best to implement that resilience?

IP layer? Within transport layer protocols? Within the transport
layer/application API? Within each application?












> > It requires updating DNS for services.
> Yes. We have dynamic DNS for that.
> > It might require updating static NAT entries and filtering rules.
>
> Static what entries? ;-)
>
> Filtering rules... you mean firewall rules? Yes, there should be a
> mechanism to update firewall rules when addresses change. PCP can do it.
> Or if we're in a Homenet context, the god box can glean it's PD and make
> that a variable in the firewall, or filter prefix first, and then
> evaluate host rules.
>
> > ...
> >
> > If we accept that IPv6 will work no better than IPv4 behind a NAT. I challenge you to give me one good reason to do IPv6 at all.
>
> IPv4 address prices continue to climb, and entry into the IPv4 Internet
> is cost prohibitive (anti-competitive) in many places. Even if you
> concede the need for translation to the legacy Internet, with IPv6 only
> the legacy fraction of traffic needs translation.
>
> With many layers of NAT4444... the odds of something changing midway in
> the topology climb pretty high, so the problems you cite are worse in
> IPv4 than in IPv6.
>
> Lee
>
>
> >
> > Ole
> > --------------------------------------------------------------------
> > IETF IPv6 working group mailing list
> > ipv6@ietf.org
> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email