Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-update-07.txt
Ted Lemon <mellon@fugue.com> Fri, 05 April 2024 18:25 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FFA2C16A126 for <ipv6@ietfa.amsl.com>; Fri, 5 Apr 2024 11:25:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZsgMm5iPqpU8 for <ipv6@ietfa.amsl.com>; Fri, 5 Apr 2024 11:25:23 -0700 (PDT)
Received: from mail-qv1-xf29.google.com (mail-qv1-xf29.google.com [IPv6:2607:f8b0:4864:20::f29]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA694C151545 for <ipv6@ietf.org>; Fri, 5 Apr 2024 11:25:23 -0700 (PDT)
Received: by mail-qv1-xf29.google.com with SMTP id 6a1803df08f44-699437a65bdso5604116d6.0 for <ipv6@ietf.org>; Fri, 05 Apr 2024 11:25:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20230601.gappssmtp.com; s=20230601; t=1712341522; x=1712946322; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=WOjvVQ9Wy7GHEKqXFq5FcLWc1GFPK80QS5CjGS42vI0=; b=1/w3QoaQerTNSbghOAgrFvcYHgJhf2le2q8h3fvR3c3mtM5aK8kWQdRCGpA6yBddds ccKW0RPj1BZbptf/Nx+xzmtAI5uH2ODIvCcFXkATaIEAS/+ZLvBhpeK0gM9dQ1pIVNaE HOIkJ/RIy6sqwjAccurnRCWkZkJKHrKwQWh3fHDZBSgJuIMpr2aFi3914ySE+hpLbx10 h1GKzaRjZpoY3GI0EJ6Pj7ydWXmCZq7FuxjFwNGSeyl1VAXRz2nHacPcdpv/jQiIDs9f ziFV3v/+Wb8qTdY4fGz2G6eOBDINceJxUAu2VGVhMSxcYqdESTM1ZgmTsLU4Txc80ypC rqtw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712341522; x=1712946322; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=WOjvVQ9Wy7GHEKqXFq5FcLWc1GFPK80QS5CjGS42vI0=; b=sR95zc+sx91Lu18iIMssMlxBfWxRz6U2mRGd5OOn01ypK4dx4sv2+TnJq8sREydWAD u3ku5D+Gcr2hx9sN+IGCQJgF8cnqRmOvOROyvsGWowCYA2A+52zI7sYLJDgUIJWRa2tB yVgvtGZjJ4je8R3s0V63Hr/Wl4kA8f3WkeCMwqg+LusM/mtJF6BMglbHQLQgcN9A3xGe BZ3y23K5dh4pwlN80YfZHHIRD09jRkNN0eKfxto/E3iV7N9FWKaS09AapcPb1HWR937Z r61nsMoIAuk5TFONIOYd0kE6666x3kK5dGCcntyciyJ2As3CgUIjXy3jehvTUsCtn519 gn2w==
X-Forwarded-Encrypted: i=1; AJvYcCVICtdnmrYdt9b9I0Nk40GQtUtllOM3yJz4eDs7M/bXAcvwYSKCkaxmmG7jp+bRxlZlUaJ79p/MkvVBczFZ
X-Gm-Message-State: AOJu0Ywb5O37vAI+fVQfDgL/oDa+4pZuNGHtijH6N1GMsFGQWBy6TUUn 4DdaDRo4wR5Y12Vgksi2HEPJ+48lnaVZP4ANQKyb+JehN3/ca8gexljGY6BuhzNPaGvys8F8qIv /gB4zShhF81hE7B+yWVYr5d4SQwk284iRt1DYJQ==
X-Google-Smtp-Source: AGHT+IEWXQkRJ8VZDZDAIiup7VL873Oaws0CuXidUW8g1uFc24b8U2rwfRl8IX1S/E3KuqibYM1s6r2hcfFZy30h0ck=
X-Received: by 2002:ad4:5f4d:0:b0:699:2882:9f9d with SMTP id p13-20020ad45f4d000000b0069928829f9dmr4057284qvg.3.1712341522335; Fri, 05 Apr 2024 11:25:22 -0700 (PDT)
MIME-Version: 1.0
References: <171225751716.18509.12521562864612372012@ietfa.amsl.com> <a4063219-1cd5-4e06-bf42-b0ffebd2b419@gmail.com> <CAN-Dau3VrqfRR+4Eee7TOS1L2RAWbfWv87_QJH_u5gzVU1Av7g@mail.gmail.com> <CAPt1N1nq9V4H9kq+hf4YO-T6OUdYMv8Vmsd3Vpqf264Jm7mrKg@mail.gmail.com> <CAN-Dau3nh50j6qB2WryL1tM2ktwSntDKX72v8O-_fzNRnu_C4Q@mail.gmail.com>
In-Reply-To: <CAN-Dau3nh50j6qB2WryL1tM2ktwSntDKX72v8O-_fzNRnu_C4Q@mail.gmail.com>
From: Ted Lemon <mellon@fugue.com>
Date: Fri, 05 Apr 2024 14:24:46 -0400
Message-ID: <CAPt1N1=iJFkA=kUs6=hUizuTG5wADTo6gNXc+jsq0SHAZ3_rzQ@mail.gmail.com>
To: David Farmer <farmer@umn.edu>
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, ipv6@ietf.org
Content-Type: multipart/alternative; boundary="0000000000002c699806155d948d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Aa19P25nuTz-pXuvOxvRccafjgg>
Subject: Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-update-07.txt
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Apr 2024 18:25:25 -0000
I think the behavior would be correct in this case: if the device doesn't support RIO, then it probably shouldn't treat ULAs that appear in RIOs as known-local. On Fri, Apr 5, 2024 at 2:16 PM David Farmer <farmer@umn.edu> wrote: > > > On Fri, Apr 5, 2024 at 9:30 AM Ted Lemon <mellon@fugue.com> wrote: > >> It's not at all clear to me that the burden of implementation here is >> sufficient to justify constrained devices not implementing the policy table >> update. If we want to do that, I think we need to explain exactly what sort >> of device we are talking about. Does the device not listen to RAs? Does it >> always send packets to the default router? If not, it's probably already >> doing things equivalently hard to maintaining a policy table. >> > > I think we are good as long as the constrained device meets the host type > C specification in RFC4191. > > Furthermore, what I originally proposed to address this was to simply >> change the policy table without requiring it to be dynamically updated: >> rather than having one type of ULA, have two: known and unknown ULAs. Known >> ULAs have a higher priority than IPv6 GUAs and IPv4 addresses. Unknown ULAs >> continue to be treated as before. >> >> What then needs to be maintained is a list of known ULAs. I realize that >> this isn't /that/ different from updating the policy table, but it is a bit >> simpler in the sense that there's no complexity to it—you're just keeping >> track of a list of ULAs, and when you do source/dest address selection each >> ULA is checked against that table before checking against the policy table. >> >> If constrained devices already support the policy table, I do not think >> this additional work is onerous. >> > > How would the "known-local" ULA prefixes be populated if not dynamically > updated from PIOs and RIOs? > > My worry wasn't about constrained devices not supporting the policy table; > my worry is whether there are any constrained devices of Type A or B from > RFC4191 that don't support RIOs. > > > >> On Fri, Apr 5, 2024 at 2:45 AM David Farmer <farmer= >> 40umn.edu@dmarc.ietf.org> wrote: >> >>> >>> On Thu, Apr 4, 2024 at 2:52 PM Brian E Carpenter < >>> brian.e.carpenter@gmail.com> wrote: >>> >>>> All good changes, thanks. >>>> >>> >>> +1 >>> >>> >>>> About this in section 3: >>>> >>>> "AUTHORS' NOTE: The authors have had feedback suggesting this >>>> requirement should be a MUST, which would mean that "known-local" ULAs >>>> would take precedence on compliant implementations over all IPv6 GUAs and >>>> all IPv4 addresses, but other general ULAs would not." >>>> >>>> I think the answer is clear, in section 8: >>>> >>>> "Receiving a DNS response for a ULA destination that is not attached to >>>> the local network... will typically fail..." >>>> >>>> That justifies the MUST in my opinion. But I agree we need to hear from >>>> kernel implementers. >>>> >>> >>> Ideally, I'd like to see all IPv6 implementations automatically insert >>> "known-local" ULAs into their policy table. From that point of view, I >>> support MUST. >>> >>> However, should constrained devices be an exception? If so, are there >>> any other exceptions? If there are exceptions, SHOULD might make more sense >>> than MUST. >>> >>> Also, SHOULD allows for a two-phase implementation approach. Phase one >>> is a mostly trivial change to the default policy table that can be >>> implemented quickly and easily. Phase two is a fairly complicated addition >>> of a new feature for inserting "known-local" ULAs into the policy table >>> that probably needs quite a bit of testing before going into production. >>> >>> In the long run, MUST is the right answer. However, SHOULD could have >>> some short-term advantages. >>> >>> In either case, since I'm not aware of any implementations of the >>> current MAY, I'd like to see some proof-of-concept running code to make >>> sure what we think we are saying is actually doable. >>> >>> Thanks. >>> >>> Nit: in the .txt version, there is a glitch in the rendering of Rule 5 >>>> at the beginning of section 8.1 - the newlines have been lost. >>>> >>> >>> There are a number of rendering glitches that I mentioned previously. >>> >>> >>>> Regards >>>> Brian Carpenter >>>> >>>> On 05-Apr-24 08:05, internet-drafts@ietf.org wrote: >>>> > Internet-Draft draft-ietf-6man-rfc6724-update-07.txt is now >>>> available. It is a >>>> > work item of the IPv6 Maintenance (6MAN) WG of the IETF. >>>> > >>>> > Title: Preference for IPv6 ULAs over IPv4 addresses in RFC6724 >>>> > Authors: Nick Buraglio >>>> > Tim Chown >>>> > Jeremy Duncan >>>> > Name: draft-ietf-6man-rfc6724-update-07.txt >>>> > Pages: 15 >>>> > Dates: 2024-04-04 >>>> > >>>> > Abstract: >>>> > >>>> > When RFC 6724 was published it defined an address selection >>>> algorithm >>>> > along with a default policy table, and noted a number of examples >>>> > where that policy table might benefit from adjustment for specific >>>> > scenarios. It also noted that it is important for >>>> implementations to >>>> > provide a way to change the default policies as more experience is >>>> > gained. This update draws on several years of operational >>>> experience >>>> > to refine RFC 6724 further, with particular emphasis on preference >>>> > for the use of ULA addresses over IPv4 addresses and the addition >>>> of >>>> > mandatory support for Rule 5.5. The update also demotes the >>>> > preference for 6to4 addresses. The changes to default behavior >>>> > improve supportability of common use cases, including automatic / >>>> > unmanaged scenarios. It is recognized that some less common >>>> > deployment scenarios may require explicit configuration or custom >>>> > changes to achieve desired operational parameters. >>>> > >>>> > The IETF datatracker status page for this Internet-Draft is: >>>> > https://datatracker.ietf.org/doc/draft-ietf-6man-rfc6724-update/ >>>> > >>>> > There is also an HTMLized version available at: >>>> > >>>> https://datatracker.ietf.org/doc/html/draft-ietf-6man-rfc6724-update-07 >>>> > >>>> > A diff from the previous version is available at: >>>> > >>>> https://author-tools.ietf.org/iddiff?url2=draft-ietf-6man-rfc6724-update-07 >>>> > >>>> > Internet-Drafts are also available by rsync at: >>>> > rsync.ietf.org::internet-drafts >>>> > >>>> > >>>> > _______________________________________________ >>>> > I-D-Announce mailing list >>>> > I-D-Announce@ietf.org >>>> > https://www.ietf.org/mailman/listinfo/i-d-announce >>>> > >>>> >>>> -------------------------------------------------------------------- >>>> IETF IPv6 working group mailing list >>>> ipv6@ietf.org >>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >>>> -------------------------------------------------------------------- >>>> >>> >>> >>> -- >>> =============================================== >>> David Farmer Email:farmer@umn.edu >>> Networking & Telecommunication Services >>> Office of Information Technology >>> University of Minnesota >>> 2218 University Ave SE Phone: 612-626-0815 >>> Minneapolis, MN 55414-3029 Cell: 612-812-9952 >>> =============================================== >>> -------------------------------------------------------------------- >>> IETF IPv6 working group mailing list >>> ipv6@ietf.org >>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >>> -------------------------------------------------------------------- >>> >> > > -- > =============================================== > David Farmer Email:farmer@umn.edu > Networking & Telecommunication Services > Office of Information Technology > University of Minnesota > 2218 University Ave SE Phone: 612-626-0815 > Minneapolis, MN 55414-3029 Cell: 612-812-9952 > =============================================== >
- [IPv6] I-D Action: draft-ietf-6man-rfc6724-update… internet-drafts
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… Brian E Carpenter
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… Tim Chown
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… David Farmer
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… Ted Lemon
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… Michael Richardson
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… David Farmer
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… Ted Lemon
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… Brian E Carpenter
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… David Farmer
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… Ted Lemon
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… David Farmer
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… Ted Lemon
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… Brian E Carpenter
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… Tim Chown
- Re: [IPv6] I-D Action: draft-ietf-6man-rfc6724-up… David Farmer