Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05

[Brian E Carpenter <brian.e.carpenter@gmail.com>]

On 03-May-19 10:29, Gyan Mishra wrote:
> I read through the draft as it has had 5 revisions and improvements I understand the rationale behind wanting this flag.
> 
> I would say my biggest concern with this flag at least introducing it now as we are not even anywhere close to a 50/50 tipping point that folks that end users would stop using IPv4.

End users will automatically stop using IPv4 when ISPs and service/content providers start supporting IPv6. https://www.google.com/intl/en/ipv6/statistics.html shows you how that's going.
 
> The major downside is security vulnerabilities that can impact the mainstream of traffic flow which is IPV4.

Really? Can you explain what is missing in the Security Considerations?
   
> I could see introducing this flag let’s say we were past the tipping point and the proliferation and penetration of IPV6 was so tremendous that we were well beyond 50% and more like 70% plus and only few remaining stragglers on IPv4.

That's a judgment that each operator would have to make for its own situation. But they can't make that judgment if the flag isn't defined, and implemented in deployed equipment. So if the IETF is to define it, this will definitely happen years in advance of IPv6-only being widespread in the market.
 
> I would say for that to happen it would be beyond all of our lifetimes that the internet local intranet and extranet are even close to a tipping point

I think the Google data suggest that we are much closer than that.
 
> That being said the gains of negligible control plane dhcp traffic reduction is minuscule as compare to impact if their is an IPv4 outage from now newly introduced attack vector.

It isn't DHCP traffic that we're aiming at. It's any kind of IPv4 traffic.

   Brian

> 
> That being said I do not support this draf.> 
> I would say maybe give it 50 to 100 years and I might change my mind given IPv6 penetration at that point.
> 
> Gyan
> 
> Sent from my iPhone
> 
>> On Apr 30, 2019, at 5:55 PM, Nick Hilliard <nick@foobar.org> wrote:
>>
>> Brian E Carpenter wrote on 30/04/2019 21:48:
>>> So I'd rather understand *why* the costs outweigh the benefits. One more thing for an operator to configure and check in each first-hop router, vs reduction of pointless traffic on updated hosts. I'm not sure how to make that an objective rather than a subjective trade-off.
>> Hi Brian,
>>
>> Email is being a serious barrier to communication in this discussion :-(
>>
>> The problem statement just isn't there:
>>
>> https://mailarchive.ietf.org/arch/msg/ipv6/GCGYTXhg0V9mQBrcO7zhC5wtnp0
>>
>> The contents of this email largely still apply to the current text in -05.
>>
>> The cost is too high:
>>
>> https://mailarchive.ietf.org/arch/msg/ipv6/NIJ194PI8CLkuZT8U_jKEOY01QI
>>
>> You've shown no analysis of realistic use cases.
>>
>> For something standards track, and this far down the protocol stack and with such a large security considerations section, the proposal ought to be thoroughly compelling for a wide variety of deployment scenarios, but it isn't.  There are better ways of skinning this cat.
>>
>> Nick
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
> .
>