IETF Logo Mail Archive

Re: Running code (Was: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt)

Brian E Carpenter <brian.e.carpenter@gmail.com> Thu, 25 October 2018 19:53 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDD75130EA3 for <ipv6@ietfa.amsl.com>; Thu, 25 Oct 2018 12:53:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 43tOrZK4dmDO for <ipv6@ietfa.amsl.com>; Thu, 25 Oct 2018 12:53:04 -0700 (PDT)
Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55F69127148 for <ipv6@ietf.org>; Thu, 25 Oct 2018 12:53:04 -0700 (PDT)
Received: by mail-pl1-x634.google.com with SMTP id x6-v6so4368448pln.0 for <ipv6@ietf.org>; Thu, 25 Oct 2018 12:53:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=YGFM1f7+CckOgCiAsiiVqld6Gg3Mg6OxcXh0m4qK5tQ=; b=AU56sKW2+0EO2X43fuU0oC6buaa/MErSKeEVh/3fh0gz40RHPWvHRNwa8rMAeqT0Qf dhaKGbKbljJiYEdHidbQULuaNVixkZuy6Mbw+bgNQ2OdDlGOPEEiFT3f8aSPhuKtuMoO zOfFbNWHXxZg5PriHPWobIO3fdINn1QJrt7MCJ2O4HlLTBWAwCO5FL5WMdH8u/zTFeZJ XLewp98y17Zs+U3O9pLRMzE5KYid8g1sz3n5Ok4IQbQF3DqC4ucxEC7Brt7k2QFve+Le HPaNuIpHmqO+Myelx8S2AvgQwFa67CRvcsV8QViRncMUm3RuSxDawiwzjG5Er4GUChM7 T8vw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=YGFM1f7+CckOgCiAsiiVqld6Gg3Mg6OxcXh0m4qK5tQ=; b=Y08wjvtl9EqKgYzYjpdCAY++n8nDCNerFZ2KoBfiEdlSofCgZvt+UEXSZ3JhxpNlcN iFguzxhGRYkenB4iaCtIvrpzeaVTVdTDAlPJJxsmfzF53shZcLU5oOJyNHF0wbB2ny1e tvOmbKv0qQNZNWD9tcmYbaSaCDwdbVQUyRkF9G5vyZ+ZUtmxX97AfZ5fIbycuHrq2/Af Elq7aMxb2KT5RZuFhLxUV6ITs/F0zhkWy1p6MHBYw3/yUoizRiGC3trKvIrnClMAmsND YcC4as2z5Rp9VKfgy0B/ASbi5MwmoHy9ADJhZI+vz/54hwrsMeZk3IJ3j47pFXyWlJ+9 1lrg==
X-Gm-Message-State: AGRZ1gKUDPZCVrIiIdSr0tbRPvxNOWgO2pSCRk8X1bwsGzBLa1zA9JTT H3Wdj3k7mlCAND9kvTmMKhHUk3Z5
X-Google-Smtp-Source: AJdET5e00Cp+0Btu9TGNmHKwyk/V1TF8dnZGijx+83od1VNgyGjDgg/v88in67bcEBTWADQc1pCIdg==
X-Received: by 2002:a17:902:850b:: with SMTP id bj11-v6mr533569plb.107.1540497183281; Thu, 25 Oct 2018 12:53:03 -0700 (PDT)
Received: from [192.168.178.30] ([118.148.76.40]) by smtp.gmail.com with ESMTPSA id h6-v6sm10603067pfc.6.2018.10.25.12.53.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 25 Oct 2018 12:53:02 -0700 (PDT)
Subject: Re: Running code (Was: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt)
To: Mark Andrews <marka@isc.org>, "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>
Cc: "ipv6@ietf.org" <ipv6@ietf.org>
References: <CAFU7BASO_ByzbanhLKnWV280O_fASd-8W+ujpj3sN6d2-whw2w@mail.gmail.com> <0927741c-4e8e-fcf7-ddd6-3ba500ba4c3d@si6networks.com> <7B48A11D-31DE-443C-B73A-14642EA0A397@jisc.ac.uk> <7526af75-4359-6fc6-e39b-eb94024a04de@si6networks.com> <E1BB1232-C1A2-496A-8157-0682D91EED42@steffann.nl> <5E75F3CA-F1D2-4F4F-9CF7-EEEE59634C1E@gmail.com> <C46C990E-0A4F-4731-8CB1-FD204858935E@consulintel.es> <9B53019C-3506-4C9E-AFCF-D6125FA1A65B@gmail.com> <1157b739-3a66-8d45-e3e1-e5f904dfb9bc@asgard.org> <a00607f9-7ced-f889-b5cb-c2fe16367d73@si6networks.com> <66759b73-0a22-e1a9-49db-21154e8e1267@gmail.com> <37ba23b3-df19-9c2a-bdbe-ba7a99d72d05@si6networks.com> <0d6008a4-337b-2ccb-2d9f-837f786eca65@gmail.com> <bfa4397a-aa7a-1184-4147-4cbfbfd13603@si6networks.com> <8C587906-F0EE-4A61-9046-2BFAC52588C0@isc.org> <328f8654eca44e3fa532bfb61217ab6c@boeing.com> <c4d9202a-7c21-3cfc-609a-be065055c6b2@gmail.com> <5f4790b013634663a16f1c20772c8b3a@boeing.com> <C0786727-F8A6-4890-BC55-B2B649BE9CE5@isc.org>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <635c817a-caf7-0ec1-bf2d-0e8b62edf345@gmail.com>
Date: Fri, 26 Oct 2018 08:52:58 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <C0786727-F8A6-4890-BC55-B2B649BE9CE5@isc.org>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Dnt4I-3jTGhMzX5mo9FELINqU74>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Oct 2018 19:53:07 -0000

On 2018-10-25 18:53, Mark Andrews wrote:
> 
> 
>> On 25 Oct 2018, at 4:29 pm, Manfredi (US), Albert E <albert.e.manfredi@boeing.com> wrote:
>>
>> -----Original Message-----
>> From: Brian E Carpenter <brian.e.carpenter@gmail.com> 
>>
>>> Please read the draft again, since it intends to answer that exact question. (Nick and others have objected to some assertions in the text, but regardless of that... the draft intends to answer your question.)
>>
>>   However, hosts transmitting IPv4 packets would still do so, consuming
>>   their own battery power and some radio bandwidth.  The intent of this
>>   specification is to provide a mechanism that prevents such traffic,
>>   and also works on networks without the ability to filter L2 traffic,
>>   or where there are portions of a network without the ability to
>>   filter L2 traffic.  It may also be valuable on unmanaged networks
>>   using routers pre-configured for IPv6-only operations and where Layer
>>   2 filtering is unavailable.
>>   ...
>>   Because there is no IPv4 support on IPv6-only routers, the only way
>>   to notify the dual stack hosts that this link is IPv6-Only is to use
>>   an IPv6 mechanism.  An active notification will be much more precise
>>   than attempting to deduce this fact by the lack of IPv4 responses or
>>   traffic.
>>
>> So, the network doesn't want to support IPv4. Is it not possible for the devices on the network to use their own updated heuristics?

There's certainly no universal heuristic. For example, as I've said before,
there will be some devices that will never stop trying IPv4 whatever you tell
them - it doesn't really matter whether those are legacy devices or devices
whose implementer took a specific decision to ignore the flag. And there
will probably be devices that don't bother to look at the flag because
they don't even have an IPv4 stack in the first place.

I don't see why this matters. There's no interop problem here; the goal is to
reduce pointless IPv4 traffic, especially multicast. If different hosts
behave differently, so what?

> Please go write down the heuristics that you think hosts should use to say “now is the time to turn off
> IPv4 on this interface” and get it right?  I can’t think of any set of rules that will achieve that.

No, because there's no universal right answer.

>> Their own timeout timers, without having to rely on the network admin? This much we already discussed briefly, earlier on. Is it not just as easy to tell device makers that some networks may be dropping IPv4 altogether, and let these device makers do what's right, instead of saying that the network will transit this flag, to achieve that same purpose? Either way, the hosts will need updating. (Some device makers will eventually give IPv6 priority.)
>>
>> In networks where IPv4 can legitimately be dropped, in principle, the admin will have determined that all legitimate hosts can reach everything with IPv6. EtherType filtering primarily protects the network. If no EtherType filtering is possible in parts of the network, then what help is a flag? The hosts that will create nuisance broadcasts would be unable to read that flag anyway, because they are not updated, presumably. Still, the network can simply not route IPv4, not provide IPv4 addresses in the DNS, not respond to DHCPv4 requests. Without EtherType filtering, IPv4 broadcasts would remain a nuisance in those parts of the network, until those users give up. Yes, legacy IPv4 users will be irritated by long waits, and then failure. But no flag will help that. Those hosts are not updated to read the flag anyway. And updated hosts will have the new heuristics, to minimize or prevent these nuisances.
>>
>> For networks that support both stacks, but the equipment vendor is serious about conserving battery power, that device may try IPv6 first, regardless of any flag, would adjust IPv4 timers regardless of any flag, and so on. Just to save power. Why rely on a network admin?

> Because that really is the ONLY way to determine if a network that could be dual stack should be IPv6-only.

Right. We're talking about the administrator's *intention* and computers aren't
very good at guessing human intention.

> 
>>   It is expected that on IPv6-Only networks it will be common for
>>   access to IPv4 external services to be reached by techniques such as
>>   NAT64 [RFC6146] and DNS64 [RFC6147] at the edge of the network.  This
>>   is beyond the scope of this document.
>>
>> In this case, flag or no flag, any device with the updated IPv4 timeout timers, and especially those which try first to use IPv6, will be happy. Devices which will instead waste time insisting on IPv4, are not updated, and therefore, they won’t understand any flag.
>>
>>   The intent is that the administrator of the router configures the
>>   router to set the IPv6-Only flag if she/he wants to tell the hosts on
>>   the link that the link is IPv6-Only.  This is a configuration flag,
>>   it is not something that the router decides on it's own.  Routers MAY
>>   log a configuration error if the flag is set and IPv4 is still active
>>   on the routers interface to the link.
>>
>> I think I covered that above. It's a bit of a paradigm shift. Even without any new flag, the IETF can make device makers aware of this threat of no IPv4 service in some networks in the near future, and to take their own action. I don’t know how prevalent unmanaged switches are, in parts of the network that a network admin controls, but again, that is for network self-protection, mostly.

Sure.

Look, it's entirely possible that we could suggest a heuristic that would work
for most hosts most of the time *without* this flag, based on tuning the
timers for DHCPv4 and other IPv4 actions. I think the notion of a v6ops draft
on this topic is a good one. The authors aren't going to insist on defining
a flag if there's a convincing case for an operational solution that works
without one. In the end we're after a statistical solution that stops most
useless IPv4 traffic most of the time. Because of differing host behaviours,
you can't stop all useless IPv4 traffic all of the time.

   Brian

v2.23.0 | Report a Bug | By Email