IETF Logo Mail Archive

Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-update-07.txt

Ted Lemon <mellon@fugue.com> Fri, 05 April 2024 18:25 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FFA2C16A126 for <ipv6@ietfa.amsl.com>; Fri, 5 Apr 2024 11:25:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZsgMm5iPqpU8 for <ipv6@ietfa.amsl.com>; Fri, 5 Apr 2024 11:25:23 -0700 (PDT)
Received: from mail-qv1-xf29.google.com (mail-qv1-xf29.google.com [IPv6:2607:f8b0:4864:20::f29]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA694C151545 for <ipv6@ietf.org>; Fri, 5 Apr 2024 11:25:23 -0700 (PDT)
Received: by mail-qv1-xf29.google.com with SMTP id 6a1803df08f44-699437a65bdso5604116d6.0 for <ipv6@ietf.org>; Fri, 05 Apr 2024 11:25:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20230601.gappssmtp.com; s=20230601; t=1712341522; x=1712946322; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=WOjvVQ9Wy7GHEKqXFq5FcLWc1GFPK80QS5CjGS42vI0=; b=1/w3QoaQerTNSbghOAgrFvcYHgJhf2le2q8h3fvR3c3mtM5aK8kWQdRCGpA6yBddds ccKW0RPj1BZbptf/Nx+xzmtAI5uH2ODIvCcFXkATaIEAS/+ZLvBhpeK0gM9dQ1pIVNaE HOIkJ/RIy6sqwjAccurnRCWkZkJKHrKwQWh3fHDZBSgJuIMpr2aFi3914ySE+hpLbx10 h1GKzaRjZpoY3GI0EJ6Pj7ydWXmCZq7FuxjFwNGSeyl1VAXRz2nHacPcdpv/jQiIDs9f ziFV3v/+Wb8qTdY4fGz2G6eOBDINceJxUAu2VGVhMSxcYqdESTM1ZgmTsLU4Txc80ypC rqtw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712341522; x=1712946322; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=WOjvVQ9Wy7GHEKqXFq5FcLWc1GFPK80QS5CjGS42vI0=; b=sR95zc+sx91Lu18iIMssMlxBfWxRz6U2mRGd5OOn01ypK4dx4sv2+TnJq8sREydWAD u3ku5D+Gcr2hx9sN+IGCQJgF8cnqRmOvOROyvsGWowCYA2A+52zI7sYLJDgUIJWRa2tB yVgvtGZjJ4je8R3s0V63Hr/Wl4kA8f3WkeCMwqg+LusM/mtJF6BMglbHQLQgcN9A3xGe BZ3y23K5dh4pwlN80YfZHHIRD09jRkNN0eKfxto/E3iV7N9FWKaS09AapcPb1HWR937Z r61nsMoIAuk5TFONIOYd0kE6666x3kK5dGCcntyciyJ2As3CgUIjXy3jehvTUsCtn519 gn2w==
X-Forwarded-Encrypted: i=1; AJvYcCVICtdnmrYdt9b9I0Nk40GQtUtllOM3yJz4eDs7M/bXAcvwYSKCkaxmmG7jp+bRxlZlUaJ79p/MkvVBczFZ
X-Gm-Message-State: AOJu0Ywb5O37vAI+fVQfDgL/oDa+4pZuNGHtijH6N1GMsFGQWBy6TUUn 4DdaDRo4wR5Y12Vgksi2HEPJ+48lnaVZP4ANQKyb+JehN3/ca8gexljGY6BuhzNPaGvys8F8qIv /gB4zShhF81hE7B+yWVYr5d4SQwk284iRt1DYJQ==
X-Google-Smtp-Source: AGHT+IEWXQkRJ8VZDZDAIiup7VL873Oaws0CuXidUW8g1uFc24b8U2rwfRl8IX1S/E3KuqibYM1s6r2hcfFZy30h0ck=
X-Received: by 2002:ad4:5f4d:0:b0:699:2882:9f9d with SMTP id p13-20020ad45f4d000000b0069928829f9dmr4057284qvg.3.1712341522335; Fri, 05 Apr 2024 11:25:22 -0700 (PDT)
MIME-Version: 1.0
References: <171225751716.18509.12521562864612372012@ietfa.amsl.com> <a4063219-1cd5-4e06-bf42-b0ffebd2b419@gmail.com> <CAN-Dau3VrqfRR+4Eee7TOS1L2RAWbfWv87_QJH_u5gzVU1Av7g@mail.gmail.com> <CAPt1N1nq9V4H9kq+hf4YO-T6OUdYMv8Vmsd3Vpqf264Jm7mrKg@mail.gmail.com> <CAN-Dau3nh50j6qB2WryL1tM2ktwSntDKX72v8O-_fzNRnu_C4Q@mail.gmail.com>
In-Reply-To: <CAN-Dau3nh50j6qB2WryL1tM2ktwSntDKX72v8O-_fzNRnu_C4Q@mail.gmail.com>
From: Ted Lemon <mellon@fugue.com>
Date: Fri, 05 Apr 2024 14:24:46 -0400
Message-ID: <CAPt1N1=iJFkA=kUs6=hUizuTG5wADTo6gNXc+jsq0SHAZ3_rzQ@mail.gmail.com>
To: David Farmer <farmer@umn.edu>
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, ipv6@ietf.org
Content-Type: multipart/alternative; boundary="0000000000002c699806155d948d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Aa19P25nuTz-pXuvOxvRccafjgg>
Subject: Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-update-07.txt
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Apr 2024 18:25:25 -0000

I think the behavior would be correct in this case: if the device doesn't
support RIO, then it probably shouldn't treat ULAs that appear in RIOs as
known-local.

On Fri, Apr 5, 2024 at 2:16 PM David Farmer <farmer@umn.edu> wrote:

>
>
> On Fri, Apr 5, 2024 at 9:30 AM Ted Lemon <mellon@fugue.com> wrote:
>
>> It's not at all clear to me that the burden of implementation here is
>> sufficient to justify constrained devices not implementing the policy table
>> update. If we want to do that, I think we need to explain exactly what sort
>> of device we are talking about. Does the device not listen to RAs? Does it
>> always send packets to the default router? If not, it's probably already
>> doing things equivalently hard to maintaining a policy table.
>>
>
> I think we are good as long as the constrained device meets the host type
> C specification in RFC4191.
>
> Furthermore, what I originally proposed to address this was to simply
>> change the policy table without requiring it to be dynamically updated:
>> rather than having one type of ULA, have two: known and unknown ULAs. Known
>> ULAs have a higher priority than IPv6 GUAs and IPv4 addresses. Unknown ULAs
>> continue to be treated as before.
>>
>> What then needs to be maintained is a list of known ULAs. I realize that
>> this isn't /that/ different from updating the policy table, but it is a bit
>> simpler in the sense that there's no complexity to it—you're just keeping
>> track of a list of ULAs, and when you do source/dest address selection each
>> ULA is checked against that table before checking against the policy table.
>>
>> If constrained devices already support the policy table, I do not think
>> this additional work is onerous.
>>
>
> How would the "known-local" ULA prefixes be populated if not dynamically
> updated from PIOs and RIOs?
>
> My worry wasn't about constrained devices not supporting the policy table;
> my worry is whether there are any constrained devices of Type A or B from
> RFC4191 that don't support RIOs.
>
>
>
>> On Fri, Apr 5, 2024 at 2:45 AM David Farmer <farmer=
>> 40umn.edu@dmarc.ietf.org> wrote:
>>
>>>
>>> On Thu, Apr 4, 2024 at 2:52 PM Brian E Carpenter <
>>> brian.e.carpenter@gmail.com> wrote:
>>>
>>>> All good changes, thanks.
>>>>
>>>
>>> +1
>>>
>>>
>>>> About this in section 3:
>>>>
>>>> "AUTHORS' NOTE: The authors have had feedback suggesting this
>>>> requirement should be a MUST, which would mean that "known-local" ULAs
>>>> would take precedence on compliant implementations over all IPv6 GUAs and
>>>> all IPv4 addresses, but other general ULAs would not."
>>>>
>>>> I think the answer is clear, in section 8:
>>>>
>>>> "Receiving a DNS response for a ULA destination that is not attached to
>>>> the local network... will typically fail..."
>>>>
>>>> That justifies the MUST in my opinion. But I agree we need to hear from
>>>> kernel implementers.
>>>>
>>>
>>> Ideally, I'd like to see all IPv6 implementations automatically insert
>>> "known-local" ULAs into their policy table. From that point of view, I
>>> support MUST.
>>>
>>> However, should constrained devices be an exception? If so, are there
>>> any other exceptions? If there are exceptions, SHOULD might make more sense
>>> than MUST.
>>>
>>> Also, SHOULD allows for a two-phase implementation approach. Phase one
>>> is a mostly trivial change to the default policy table that can be
>>> implemented quickly and easily. Phase two is a fairly complicated addition
>>> of a new feature for inserting "known-local" ULAs into the policy table
>>> that probably needs quite a bit of testing before going into production.
>>>
>>> In the long run, MUST is the right answer. However, SHOULD could have
>>> some short-term advantages.
>>>
>>> In either case, since I'm not aware of any implementations of the
>>> current MAY, I'd like to see some proof-of-concept running code to make
>>> sure what we think we are saying is actually doable.
>>>
>>> Thanks.
>>>
>>> Nit: in the .txt version, there is a glitch in the rendering of Rule 5
>>>> at the beginning of section 8.1 - the newlines have been lost.
>>>>
>>>
>>> There are a number of rendering glitches that I mentioned previously.
>>>
>>>
>>>> Regards
>>>>     Brian Carpenter
>>>>
>>>> On 05-Apr-24 08:05, internet-drafts@ietf.org wrote:
>>>> > Internet-Draft draft-ietf-6man-rfc6724-update-07.txt is now
>>>> available. It is a
>>>> > work item of the IPv6 Maintenance (6MAN) WG of the IETF.
>>>> >
>>>> >     Title:   Preference for IPv6 ULAs over IPv4 addresses in RFC6724
>>>> >     Authors: Nick Buraglio
>>>> >              Tim Chown
>>>> >              Jeremy Duncan
>>>> >     Name:    draft-ietf-6man-rfc6724-update-07.txt
>>>> >     Pages:   15
>>>> >     Dates:   2024-04-04
>>>> >
>>>> > Abstract:
>>>> >
>>>> >     When RFC 6724 was published it defined an address selection
>>>> algorithm
>>>> >     along with a default policy table, and noted a number of examples
>>>> >     where that policy table might benefit from adjustment for specific
>>>> >     scenarios.  It also noted that it is important for
>>>> implementations to
>>>> >     provide a way to change the default policies as more experience is
>>>> >     gained.  This update draws on several years of operational
>>>> experience
>>>> >     to refine RFC 6724 further, with particular emphasis on preference
>>>> >     for the use of ULA addresses over IPv4 addresses and the addition
>>>> of
>>>> >     mandatory support for Rule 5.5.  The update also demotes the
>>>> >     preference for 6to4 addresses.  The changes to default behavior
>>>> >     improve supportability of common use cases, including automatic /
>>>> >     unmanaged scenarios.  It is recognized that some less common
>>>> >     deployment scenarios may require explicit configuration or custom
>>>> >     changes to achieve desired operational parameters.
>>>> >
>>>> > The IETF datatracker status page for this Internet-Draft is:
>>>> > https://datatracker.ietf.org/doc/draft-ietf-6man-rfc6724-update/
>>>> >
>>>> > There is also an HTMLized version available at:
>>>> >
>>>> https://datatracker.ietf.org/doc/html/draft-ietf-6man-rfc6724-update-07
>>>> >
>>>> > A diff from the previous version is available at:
>>>> >
>>>> https://author-tools.ietf.org/iddiff?url2=draft-ietf-6man-rfc6724-update-07
>>>> >
>>>> > Internet-Drafts are also available by rsync at:
>>>> > rsync.ietf.org::internet-drafts
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > I-D-Announce mailing list
>>>> > I-D-Announce@ietf.org
>>>> > https://www.ietf.org/mailman/listinfo/i-d-announce
>>>> >
>>>>
>>>> --------------------------------------------------------------------
>>>> IETF IPv6 working group mailing list
>>>> ipv6@ietf.org
>>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>>> --------------------------------------------------------------------
>>>>
>>>
>>>
>>> --
>>> ===============================================
>>> David Farmer               Email:farmer@umn.edu
>>> Networking & Telecommunication Services
>>> Office of Information Technology
>>> University of Minnesota
>>> 2218 University Ave SE        Phone: 612-626-0815
>>> Minneapolis, MN 55414-3029   Cell: 612-812-9952
>>> ===============================================
>>> --------------------------------------------------------------------
>>> IETF IPv6 working group mailing list
>>> ipv6@ietf.org
>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>> --------------------------------------------------------------------
>>>
>>
>
> --
> ===============================================
> David Farmer               Email:farmer@umn.edu
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE        Phone: 612-626-0815
> Minneapolis, MN 55414-3029   Cell: 612-812-9952
> ===============================================
>

v2.23.0 | Report a Bug | By Email