IETF Logo Mail Archive

Re: RFC6724-bis?

Nick Buraglio <buraglio@es.net> Fri, 23 September 2022 17:21 UTC

Return-Path: <buraglio@es.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59377C1522C3 for <ipv6@ietfa.amsl.com>; Fri, 23 Sep 2022 10:21:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=es.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V9Hb-8sQPazw for <ipv6@ietfa.amsl.com>; Fri, 23 Sep 2022 10:21:08 -0700 (PDT)
Received: from mail-ej1-x62c.google.com (mail-ej1-x62c.google.com [IPv6:2a00:1450:4864:20::62c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A697BC1522C4 for <ipv6@ietf.org>; Fri, 23 Sep 2022 10:21:08 -0700 (PDT)
Received: by mail-ej1-x62c.google.com with SMTP id sd10so2133550ejc.2 for <ipv6@ietf.org>; Fri, 23 Sep 2022 10:21:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=es.net; s=esnet-google; h=content-transfer-encoding:cc:to:subject:message-id:date:from :reply-to:in-reply-to:references:mime-version:from:to:cc:subject :date; bh=GJbc2oQ30+MOiLxU0WG7JztzDHB/oHrAnPiKeLcZd8s=; b=M0ksuwnrqf6z+5w7jbIYo0+fB2XY4IwDTL5bVsi/gFi6wwpbQMBIFKzLe2KjRFm8h6 5QsgyT5zK4Sur5tl9SMadNk2pVH7i32TjSdXo7mYVXG8uxDXbJpse17D2zBliEPsJGzq /kGrW3E2iU8Qnp5T11quVXsvIzOnNBDscBhD3pzAvEWTuAK33DmOwMlFoiodSCazj8tl ms7l0tu+AjQmEsNKSoO4IUbniUxWwHfVREtoH72w8rGSHRTTWelH7Z2bL8yJXFA2F9Mu E4hgQwMCmdOJu3vVlBg0KMuum9AEaLYf+MkkNJ3gaBsUKZ0EWMpTI3jA6omHeammL+5L O+eQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :reply-to:in-reply-to:references:mime-version:x-gm-message-state :from:to:cc:subject:date; bh=GJbc2oQ30+MOiLxU0WG7JztzDHB/oHrAnPiKeLcZd8s=; b=725rmLSm34UzubSbgvQ10Y90MQeeu0axyDYz87ooFTYaKlFdeFMl1BXScSJazb0iQL 1v7yQ2mpS+E3XOHC+S9Alw287YA1AHioSQi/OSv9DWkpIpqXk2A3CuVcqMZmqvxW6NuX dloqLV/xkcPJmkNTpMZKuN5J3MFQmjaN3sap2HrIT2n9J8VLHInJaDOM80ukGq4SFnUW pITjLyzEgjTgXQ6U1U4NX48850fXOJolOUKCV7NAMjUJn9uIhGTRVSsdLShmEyFseryZ JlT3Md/wponuemsQdUqKIUIA+AgdV6NlFUsagckJlGi0vhQsgb/OhSyYgDg8mqCuZGEg 31Iw==
X-Gm-Message-State: ACrzQf3FQ3oyWJl1sweSiceFmUX4YhF+3flOm6lxe2pmNabdWrIiBndq Exq6v0Txae23qIZYMcENyswcdcb347GquJeaBYwqFjH9Twcd/3vJddI1AftOimfJzLoj1tTImIB A4Tgo+H3fYycAEOXs2cPOpGiWqjrPsOPNWYWMuP4EnTsX/jI8lOHP8h1o4992qkUo7c4BprXlge oziA==
X-Google-Smtp-Source: AMsMyM7eHmcWYP8fggnIJXZ2PLAlAuM8rLixmDkTrliPWMo/LKLm/OFX7O3NUakPP86iXl123eJW44ZM3A0/6WmWjr0=
X-Received: by 2002:a17:907:d15:b0:781:e347:723 with SMTP id gn21-20020a1709070d1500b00781e3470723mr7778083ejc.723.1663953666460; Fri, 23 Sep 2022 10:21:06 -0700 (PDT)
MIME-Version: 1.0
References: <66892DC8-6DA4-4DC8-85B0-E1E1647CD9F7@gmail.com> <CAM5+tA9kttCKrZaoB7UzNdE6TU1qGNMaxDmWvFtRvpB4A8+WHA@mail.gmail.com> <8FE71499-D155-4853-A964-6617F6EA2069@gmail.com> <CAM5+tA9QuYxVs+NXBD3dAYr_Y=95bWt63WjmEMDOfegL0Z4otA@mail.gmail.com> <CAM5+tA_hg2sXXsYw6Tcx-ytRAMkKQcFw8a3N7SfEXwbuPm0LMw@mail.gmail.com> <00ea3b70-ba8e-b6ef-e1ce-fdd56828f506@gmail.com> <CAPt1N1=_9Rwj-HnUZKWfatARbHWptArmSAV-qdi8MKyoBf9R0A@mail.gmail.com> <CAO42Z2xZ_-mDh66A9DK+3ieEqGMqW0Pt+mZzVOmzz4cDRUTEXA@mail.gmail.com> <CAPt1N1nqwMvVHvEGAx0jxgWhbW9ZUQfAZSDn-qRYQ0CDy-EGKQ@mail.gmail.com> <17a28c173ed640e68b1cbf504bbeae49@huawei.com> <CAPt1N1=xR_2Xw+1KL6vbzZ69N+vonhcTNvO=DBceeApfoS2bMQ@mail.gmail.com> <e76267b6101146cf8a1bd6fa567c6b77@huawei.com> <CAN-Dau2QO5sxevJwUbOj+_wyiCdOjnPEZM14Jhevvkq4YZqU7Q@mail.gmail.com> <bc85e623-ef89-d2e2-4e33-b8ce0a4ec343@gmail.com> <CAN-Dau0Wbki6xwcEdy8ZK-pO9jeT6+8TKZgbmXWUgnkR+dRhBg@mail.gmail.com> <CAPt1N1=OmC+HNVGWbgj9JtGbpcuzKOgjZ1KXJm5mXgpji-G4Mw@mail.gmail.com> <6edcc5d8-edf1-51de-103c-a4ac6060fef6@gmail.com> <29689d645d22409b962f6c361d71e098@huawei.com> <CAN-Dau3rwi4X4NqLbHMmPQQ=i7y23Kz70JK09ggsXSxkJfT5xA@mail.gmail.com>
In-Reply-To: <CAN-Dau3rwi4X4NqLbHMmPQQ=i7y23Kz70JK09ggsXSxkJfT5xA@mail.gmail.com>
Reply-To: buraglio@es.net
From: Nick Buraglio <buraglio@es.net>
Date: Fri, 23 Sep 2022 12:20:55 -0500
Message-ID: <CAM5+tA8XGGWJ4NWOk_j=G7y7c6cDg6z8+LOamTnihfrPJau=Rw@mail.gmail.com>
Subject: Re: RFC6724-bis?
To: David Farmer <farmer=40umn.edu@dmarc.ietf.org>
Cc: Vasilenko Eduard <vasilenko.eduard=40huawei.com@dmarc.ietf.org>, 6man WG <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/BTLCcn-YWkg8-i_FOSsvIwxwN5g>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Sep 2022 17:21:13 -0000

----
nb

On Fri, Sep 23, 2022 at 6:17 AM David Farmer
<farmer=40umn.edu@dmarc.ietf.org> wrote:
>
> Please read the first paragraph of RFC6724 section 10.6 and all it’s references very carefully. In particular, read 2.2.2 of RFC 5220.
>
> Your argument contradicts the conclusions of 2.2.2 of RFC 5220. In short, your argument is only true today while we are using 2000::/3 for GUA. When that eventually changes, and it will some day, we would have to yet again rejigger the table.
>
> RFC 6724 is almost correct, the only thing it got wrong is that the section 10.6 modifications must be mandatory and automatic, and not optional, otherwise ULA is broken and dysfunctional.

This is where my mind was going, "mandatory and automatic" feels
useful, appropriate, and achievable.

>
> Let’s only fix the problem and not make new problems for the next generation of network engineers and operators.

Agreed.

>
> Thanks
>
> On Fri, Sep 23, 2022 at 02:27 Vasilenko Eduard <vasilenko.eduard=40huawei.com@dmarc.ietf.org> wrote:
>>
>> I still do not understand why Ted and David care about "remote ULA".
>> If this ULA has been delivered to the local host by
>> Then it has been done intentionally.
>> Such a type of misconfiguration does not make sense to optimize.
>> Hence, it is possible to operate FC/7 as a whole, no need to split it for /48s.
>>
>> Hence, why not install permanent precedence to FC/7 in gai.conf?
>> It would not play any role on the host till the local router would deliver ULA PIO.
>> And even after this, it would not be used till DNS would show the ULA destination
>> Because rule 5 (matching labels) would make GUA_DA/ULA_SA a low priority, GUA/GUA would be chosen.
>>
>> What is the problem with permanently changed FC/7 precedence even above GUA?
>>
>> Eduard
>> -----Original Message-----
>> From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Brian E Carpenter
>> Sent: Friday, September 23, 2022 4:47 AM
>> To: Ted Lemon <mellon@fugue.com>; David Farmer <farmer=40umn.edu@dmarc.ietf.org>
>> Cc: 6man WG <ipv6@ietf.org>
>> Subject: Re: RFC6724-bis?
>>
>> On 23-Sep-22 12:50, Ted Lemon wrote:
>> > Op do 22 sep. 2022 om 20:40 schreef David Farmer <farmer=40umn.edu@dmarc.ietf.org <mailto:40umn.edu@dmarc.ietf.org>>
>> >
>> >     I think leaving unknown, most likely remote, ULA at a lower priority and adding the /48 or other known local ULA to the table at a higher priority automatically should help mitigate ULA in the public DNS and the possible response of turning off IPv6.
>> >
>> >     In someways those that put ULA in the public DNS get what they deserve, I’m just worried about the remote user’s response to the brokenness, causing even more brokenness.
>> >
>> >
>> > Hm, okay. I think we are all actually in agreement then, since I heard Brian admitting earlier that it might be better to dynamically update the table.
>>
>> Indeed, which was exactly why I wrote gai_wrap.py as a userland proxy for that approach.
>>
>>     Brian
>>
>> > I must have misunderstood what you meant by optimizing for the uncommon case—sorry about that!
>> >
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>
> --
> ===============================================
> David Farmer               Email:farmer@umn.edu
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE        Phone: 612-626-0815
> Minneapolis, MN 55414-3029   Cell: 612-812-9952
> ===============================================
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email