Re: Running code (Was: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt)

[Simon Hobson <linux@thehobsons.co.uk>]

Manfredi (US), Albert E <albert.e.manfredi@boeing.com> wrote:

>> Err no, you've explicitly broken some networks - specifically just about every dual stack network !

> Not hardly.
> 
> Again, an equipment designer, intent on saving battery power, would not need to use IPv4 ever, if IPv6 provides all the needed services. In a dual-stack network, SAME THING. That's why an equipment vendor who wants to do what's best will still need updated heuristics, with or without a flag. The interests of the network are not necessarily aligned with the interests of the host.

>> The MOST IMPORTANT think is for whatever is done to NOT BREAK EXISTING NETWORKS. This flag does that - it only has an effect when manually set by the administrator who we have to assume has got some sort of clue. Thus the default is to not break anything - ie the flag not set.

> Not even close. The heuristics I described break nothing. A dual-stack host on a dual-stack network, where the host can do everything the user asks with IPv6 only, breaks absolutely nothing, and saves power. Plus, I repeat, the host will see IPv4 services are available, from the DNS and the presence of an IPv4 default router. So that, should there be something IPv6 is unable to do, or reach, the host can try IPv4.

Lets get this clear, your algorithm is "if IPv6 appears to work then don't enable IPv4" ?
That's a situation a lot of us would love to get to - but it'll be a lot of years before that's even remotely practical. As I said, on the vast majority of current networks, doing what you propose will BREAK networking for the user - because very few networks so far have reached the "don't need any IPv4" stage yet.



Albert E <albert.e.manfredi@boeing.com> wrote:

>> It adds the *intention* of the network manager that there should be no

> IPv4 traffic on the link. Of course, a host can decide to ignore that
> intention, and protocol police in the form of layer 2 filters may enforce
> the intention.
> 
> But Brian, the network manager (usually, often) has no business making such decisions, other than for the services net admin provides.

No, the network admin almost always has the business of applying business policies. That may not happen in isolation (eg servers may be managed by a different group), but it is a minority of networks where the network admin does NOT apply policies well beyond what you seem to think.
If the business (collectively - including all the interested parties) decides that sunsetting IPv4 in the network is policy, then it comes down to the network manager to implement that (including by setting this flag in all IPv6 routers if it makes it into use).

> *Especially* if the protocol police filters at layer 2, the network user should be legally and ethically able to bring his own IPv4 peripherals, and switch and/or IPv4 router, and have them work. With no negative impact to anyone else.

On most networks, doing so will get you a "stern talking to", and I've been involved with networks where plugging in your own router would result in you being escorted out of the door. Funnily enough, a few "diagnose WTF is going on" jobs over the last few years have been due to such additions by clueless users.
But even taking your suggestion at face value - yes, if you want to ignore company policy and setup your own island of IPv4 then that's your prerogative. It certainly does not change any of the arguments already made.

> We already know that the flag is set individually, at each router. You may have three routers that have the flag set, and one that does not.

Strictly speaking that a bit of a misconfiguration. The reason for that language is to avoid any ambiguity - and make the result "safe". It also means that a rogue router can't set this flag on a network where it's not appropriate and break IPv4.
If everything is correctly configured, then all routers will send the same flag setting. Your inference is incorrect.