IETF Logo Mail Archive

Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05

"Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Fri, 10 May 2019 17:31 UTC

Return-Path: <bzeeb-lists@lists.zabbadoz.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5B8D120074 for <ipv6@ietfa.amsl.com>; Fri, 10 May 2019 10:31:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aS_FghRonZLW for <ipv6@ietfa.amsl.com>; Fri, 10 May 2019 10:31:49 -0700 (PDT)
Received: from mx1.sbone.de (cross.sbone.de [195.201.62.131]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C37C5120094 for <ipv6@ietf.org>; Fri, 10 May 2019 10:31:48 -0700 (PDT)
Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id 9072F8D4A179; Fri, 10 May 2019 17:31:46 +0000 (UTC)
Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id 34AE5E7085E; Fri, 10 May 2019 17:31:45 +0000 (UTC)
X-Virus-Scanned: amavisd-new at sbone.de
Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id pgUOLwGoFK4D; Fri, 10 May 2019 17:31:43 +0000 (UTC)
Received: from [192.168.2.110] (unknown [IPv6:fde9:577b:c1a9:31:2ef0:eeff:fe03:ee34]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id 11EC8E7085D; Fri, 10 May 2019 17:31:42 +0000 (UTC)
From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
To: Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com>
Cc: ipv6@ietf.org
Subject: Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05
Date: Fri, 10 May 2019 17:31:42 +0000
X-Mailer: MailMate (2.0BETAr6137)
Message-ID: <0C26A308-E3B1-4C7B-B786-AAB79878B722@lists.zabbadoz.net>
In-Reply-To: <m1hP6gP-0000E7C@stereo.hq.phicoh.net>
References: <F8BFFCAD-E58E-4736-8A1C-56579B6F6032@employees.org> <alpine.DEB.2.20.1905091054560.1824@uplift.swm.pp.se> <m1hOfjp-0000IdC@stereo.hq.phicoh.net> <924a4e34-e5f9-9872-bd4a-c0f68fd5387f@gmail.com> <m1hP1uA-0000EhC@stereo.hq.phicoh.net> <12F17008-16C5-4E58-89DB-BC7D01341CD7@lists.zabbadoz.net> <m1hP6gP-0000E7C@stereo.hq.phicoh.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/BBS3UgXUV7JJ75jteOD2xgxRgb4>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 May 2019 17:31:53 -0000

On 10 May 2019, at 14:39, Philip Homburg wrote:

>> stated that:
>> A.1.  FreeBSD Implementation  . . . . . . . . . . . . . . . . .  13
>
> It seems that I missed that.

That’s ok.


> It is good that there is at least some implementation experience. That
> does raise the question why the security section is so incomplete.

You did see the -05 addition in reply to all the “security concerns” 
saying …?

7.  Host Behavior Considerations

    Hosts that support the IPv6-Only RA flag MUST have a configuration
    option to ignore or process the flag.  The motivation for this
    configuration option is for hosts that are capable of processing the
    IPv6-Only flag to only act on the flag if they are configured to do
    so.

So you don’t like the IPv6-only bit, you turn its processing off even 
if it’s implemented.  Maybe it’s even off by default (for the next 
year until your OS vendor thinks the times have changed).  Either way, 
you have full control.  What more can you ask for than a total off 
switch?  Save 40 lines of code?


> I
> guess the freebsd project doesn't care as the code is marked 
> experimental
> and is disabled by default.

Well, it’s not so much the project as to that I personally did the 
code and committed it.

Given it’s work in progress, uses IANA unassigned bits, and was 
unclear where it’ll go, I didn’t want to imply any support 
guarantees.
Yet it’s there for people to test, to see how many lines changes an 
implementation needs (“the cost of implementing this”), ..
People here asked for an implementation, they got one, so they could 
see.  Can’t say many seem to have done that, so makes me wonder why 
they asked for one.  And they seem to have gotten another one after 
that, so more than just me thought it’s worth giving it a try.

It was kind-of funny that even the ARP implementing got improved 
alongside implementing this, so this legacy stuff I don’t care about 
gives better feedback after 25 years in a few situations :)


> Am I correct to assume that starting rtsol before dhclient will causes 
> a
> 3 second delay on IPv4-only networks?

Ever wondered how much delay you have with dhclient running on an 
IPv6-only network (without this flag)?  But that’s a matter of the 
startup framework and software used in this particular case and not 
necessarily generally applicable.  Anyway, you still have to say you 
want IPv6 for it to run in first place.


/bz

v2.23.0 | Report a Bug | By Email