IETF Logo Mail Archive

Re: Running code (Was: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt)

Simon Hobson <linux@thehobsons.co.uk> Fri, 26 October 2018 09:07 UTC

Return-Path: <linux@thehobsons.co.uk>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34A511293FB for <ipv6@ietfa.amsl.com>; Fri, 26 Oct 2018 02:07:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pof40CB1QIQ1 for <ipv6@ietfa.amsl.com>; Fri, 26 Oct 2018 02:07:09 -0700 (PDT)
Received: from patsy.thehobsons.co.uk (patsy.thehobsons.co.uk [80.229.10.150]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D5B50128CF2 for <ipv6@ietf.org>; Fri, 26 Oct 2018 02:07:08 -0700 (PDT)
X-Quarantine-ID: <8bayxsWkWMj3>
X-Virus-Scanned: Debian amavisd-new at patsy.thehobsons.co.uk
X-Amavis-Alert: BAD HEADER SECTION, Header line longer than 998 characters: References: <CA[...]
Received: from simons-macbookpro.thehobsons.co.uk (Simons-MacBookPro.thehobsons.co.uk [192.168.137.111]) by patsy.thehobsons.co.uk (Postfix) with ESMTPSA id 568FB1BC37 for <ipv6@ietf.org>; Fri, 26 Oct 2018 09:07:04 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
Subject: Re: Running code (Was: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt)
From: Simon Hobson <linux@thehobsons.co.uk>
In-Reply-To: <e0fa8fad1b4249c9af79788323b0a922@boeing.com>
Date: Fri, 26 Oct 2018 10:07:03 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <3A03A073-72E2-43A8-90A4-5C29DF445361@thehobsons.co.uk>
References: <CAFU7BASO_ByzbanhLKnWV280O_fASd-8W+ujpj3sN6d2-whw2w@mail.gmail.com> <CACWOCC-u7aAPwAOcixYvt2On=-o_8X25GhqdXTfA+tWRC1o2XA@mail.gmail.com> <3beca72e-19c5-10af-02e5-c21a90d77100@gmail.com> <20181019.223739.271916573.sthaug@nethelp.no> <4f58643c-272e-507e-3282-c87befd42395@gmail.com> <0927741c-4e8e-fcf7-ddd6-3ba500ba4c3d@si6networks.com> <7B48A11D-31DE-443C-B73A-14642EA0A397@jisc.ac.uk> <7526af75-4359-6fc6-e39b-eb94024a04de@si6networks.com> <E1BB1232-C1A2-496A-8157-0682D91EED42@steffann.nl> <5E75F3CA-F1D2-4F4F-9CF7-EEEE59634C1E@gmail.com> <C46C990E-0A4F-4731-8CB1-FD204858935E@consulintel.es> <9B53019C-3506-4C9E-AFCF-D6125FA1A65B@gmail.com> <1157b739-3a66-8d45-e3e1-e5f904dfb9bc@asgard.org> <a00607f9-7ced-f889-b5cb-c2fe16367d73@si6networks.com> <66759b73-0a22-e1a9-49db-21154e8e1267@gmail.com> <37ba23b3-df19-9c2a-bdbe-ba7a99d72d05@si6networks.com> <0d6008a4-337b-2ccb-2d9f-837f786eca65@gmail.com> <bfa4397a-aa7a-1184-4147-4cbfbfd13603@si6networks.com> <8C587906-F0EE-4A61-9046-2BF AC52588C0@isc.org> <E8DE18B5-94FC-411C-A310-E49A382E0079@thehobsons.co.uk> <e0fa8fad1b4249c9af79788323b0a922@boeing.com>
To: 6man WG <ipv6@ietf.org>
X-Mailer: Apple Mail (2.2104)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/DDsuxqRB7TvLS6qwfqebw126NOc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Oct 2018 09:07:11 -0000

Manfredi (US), Albert E <albert.e.manfredi@boeing.com> wrote:

>> No DHCPv4 service on the network.
> 
> That's one possible hint. Another, perhaps better one, would for the host to see if it has any IPv4 default router available at all.

A default (or any) router is not needed for IPv4 to be running and needed - so not really a good hint.

> Are any ARP requests ever received from the network?

Like, from all the other nodes trying to see if IPv4 should be used ? As I said, if some nodes are trying to figure it out, then they'll all see "IPv4 traffic" and assume it needs to be used - so it'll never be shut off.

>> As to whether anyone got anything wrong, well, the flag can also have been wrong. Was there a flag set on all routers, or was the IPv4 router only temporarily unavailable. We can play this game all day long.

Yes, we can compare apples and oranges all day. If the flag is set incorrectly then that's a positive action the administrator has taken - and if "stuff breaks" then the administrator can undo that action. In the same manner, perhaps we shouldn't allow administrators to manually set DNS servers in DHCPv4 - after all, if they set it wrong it will break the network !
If (or rather, when) the heuristics fail, you get random network failures which will be a right PITA to diagnose and even harder to fix. In practice I expect it would be a case of visiting each host and manually over-riding the heuristics.

> I realize that many like to shut off ICMP, but ICMP would provide any number of hints too, when available, such as, ping the default router.

The problem you have is that you are only considering the sort of network you seem to be familiar with. There are lots and lots of network topologies - some of which are isolated networks with no routers.
As I said earlier, one of the most "irritating" problems to deal with are those caused by vendors making assumptions about the network their equipment will be connected to. Such as having a UI that won't allow ".0" or ".255" as an address (assumes all networks are /24), UI that won't allow 192.168.x.x addresses to have larger than a /24 network (assumes 192.168 addresses are class C and won't allow supernetting, assume that the router will be doing DNS and don't allow other addresses to be used (the user won't want to use other servers), don't allow DHCP to be turned off (this must the the only router on the network), don't allow the default router address to be set in DHCP (again assumes this is the only router), etc, etc.
And you propose that the vendors come up with much more complicated, obscure, and harder to deal with assumptions about the networks the equipment be connected to.


> I just don’t think it's very difficult for a clever host to probe the network for IPv4 service, which would serve the same purpose as the flag. And I don’t see a very convincing argument that a small number of such tests would be more prone to failure than a flag?

OK, write down the rules to be used. No hand waving about "if <this> then that's a hint" - solid unambiguous rules, "if <this> then <that>".

Some hints to guide you :
There may (actually, almost certainly will) be devices on the network that won't be trying to turn off IPv4. They may be IPv4 only devices that the network admin doesn't care about breaking. So bear in mind that you can expect to see some IPv4 traffic on an "IPv6 only" network.
You may be on a network without a default router and/or without DHCP. Neither can be taken to signal lack of IPv4 service.
Some networks (part of the reason for support for this flag) don't have facilities to filter at L2, so on these networks you'll see all broadcast traffic.

So over to you, if it's not very difficult then you'll have no trouble will you ;-)


> So, put the onus on the equipment vendors, in case the netadmin wants to shut off IPv4, to determine how to proceed.

That's the surest way to guarantee failure. Without a standard to work to, you will get zero or more different ways - and if more than zero, then guaranteed interoperability issues. Most likely the vendors will turn round and say "so how do you want it doing ?" and we'd be back to discussing a network wide flag of some sort.

v2.23.0 | Report a Bug | By Email