IETF Logo Mail Archive

Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05

Gyan Mishra <hayabusagsm@gmail.com> Tue, 14 May 2019 05:51 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 447691200F1 for <ipv6@ietfa.amsl.com>; Mon, 13 May 2019 22:51:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N1molqV3xgIw for <ipv6@ietfa.amsl.com>; Mon, 13 May 2019 22:51:49 -0700 (PDT)
Received: from mail-it1-x12e.google.com (mail-it1-x12e.google.com [IPv6:2607:f8b0:4864:20::12e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D5AB120025 for <ipv6@ietf.org>; Mon, 13 May 2019 22:51:49 -0700 (PDT)
Received: by mail-it1-x12e.google.com with SMTP id m141so2993999ita.3 for <ipv6@ietf.org>; Mon, 13 May 2019 22:51:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=JjMQgSQ7RCgSr5+5yZtnMd4Yc3BgPG+ock2om4pI4qQ=; b=J83zw3JlibrsIJyXjHiPZc53I1Wn0zkTGemXERSBYTpMzI58EnhfHtsKSzaHxWbg8g vBVQKoDzVzO9A5paDIydbb5qNhxbDx80/XCxvP71lNTeuDeLQ8gxYzeZdy3wWURoJkXR MStsgFMxs3DdhE6KWFumdURRB9k8om391uZgBuYiVyXi1OGi693m6y8T5irEDa0qErRF yWrVzRC7Hdjwqw02FUbhlmK5LkAEWgJ1LVKkYqFZVtJCd9lZCwpfgUoR4eKhtufg2Kx2 9iPDnbn3tchoKkJeWhAS9hs/0yF560rlYSArj9I2Bs2WdsNOxbZOR3YO5PL98t0P+J6Q iV7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=JjMQgSQ7RCgSr5+5yZtnMd4Yc3BgPG+ock2om4pI4qQ=; b=Hu9DZP8KqU5lO4Gp6tKYqKaPxeLPgJTNPgRn6TCO4ZLFk3tZ+iJHio3AWQGJcnLUq3 apqj/kZfsQ7tyXwYGblYAdScfcPZzRLMG09l2zuQy1u8DDDOy9tHwo1Fp2X27Erp0Az3 8QN/mJF5IYHNwQY3MDlkRskONxvWPV6em09kOngP13B4SChZcG5mzZOC4P2/sreMObUz SBRENZbZICzATeYs7e9Z0Bp9L4DlT74w8vR1S3o0Qo7CY+usDNu46QLVWDor/HHCn25O StpzusMVq4yv82k/yLfJTrDTw1/W7Y+mHrAurMfsdLYu20McWCUpgfZQ3bpRL+4Ipch+ abcQ==
X-Gm-Message-State: APjAAAW0SEjvYtv5mnYjBDKAM+1wIHpb3h6ZJq+ZxL3vEtCUqY2JEG/a 2/OIX8BCPzlsocUYftVpvCz7qrQWF29uYHJBV0s=
X-Google-Smtp-Source: APXvYqxl/N56TJJyOAG1ni6e2x3zQI+h+8ltI3lVV58bmy0vQiDOWjaGa6BiQ3boOaFFc97VySWwyIRaFCASt8g1ZSM=
X-Received: by 2002:a02:3b24:: with SMTP id c36mr22656922jaa.52.1557813107804; Mon, 13 May 2019 22:51:47 -0700 (PDT)
MIME-Version: 1.0
References: <F8BFFCAD-E58E-4736-8A1C-56579B6F6032@employees.org> <a2465e81-a17f-ab48-efda-20fe12a70077@foobar.org> <30239E0C-C444-4A7E-8342-AEE47BF8A2BB@employees.org> <20190505200449.GB7546@vurt.meerval.net> <80073906-c3c0-1f22-9e7f-c2b349063936@gmail.com> <CAO42Z2xzVW3m0mN7jEn8SYyYCYhrufVnkfp3rBjJcijBkvucNQ@mail.gmail.com> <CACWOCC-35yVYXSRR0sRL-MBMHyOFZtJx9E9h14G8qqVh5T7qGA@mail.gmail.com> <232c1a43-0fd9-4eae-737b-260a3906f72a@gmail.com> <663F6C0B-7B8A-4088-B9C0-B2867B0C3EB8@gmail.com> <CAN-Dau3VJN7qNHAW-yStMrDRCa4vsDs2ObkAxswnYbcHde2t_w@mail.gmail.com> <m1hPqHO-0000J8C@stereo.hq.phicoh.net> <CAN-Dau3R=4JbcbK7tWkJKYzVjq7DvAAEjVsbCLbZdYYO8OJ0YA@mail.gmail.com> <m1hQ7Dm-0000M3C@stereo.hq.phicoh.net> <CAN-Dau040j6U+1CCn0QJiVMy2nVShHqqSFdCkM-FbMAH-2wjRA@mail.gmail.com> <m1hQCYr-0000KBC@stereo.hq.phicoh.net> <CAN-Dau3Lcv3qTBVtig36RfbQKuGpoqdTLfrM=eWfYxCCQRy5Sw@mail.gmail.com>
In-Reply-To: <CAN-Dau3Lcv3qTBVtig36RfbQKuGpoqdTLfrM=eWfYxCCQRy5Sw@mail.gmail.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Tue, 14 May 2019 01:51:08 -0400
Message-ID: <CABNhwV06dxGjHM6xVgh00fJKWyyEtWBhKzqGf9g=dmb+wZ9Fkg@mail.gmail.com>
Subject: Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05
To: David Farmer <farmer@umn.edu>
Cc: Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com>, 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000eacd880588d2a02d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/EoJOXR7EF89Yk-AOHrzpzQzyVG8>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 05:51:53 -0000

RFC 3927 IPv4 link local use case instance only occurs in a DHCPv4 failed
state where the host failed to get its network configuration.

The goal of the IPv6 only flag is for the host OS to receive this secondary
signal that if the host OS supports the flag it would disable IPv4
operation and when that happens that does break the dual stack model but
that is the goal of the ipv6 only flag is my interpretation as for the use
case for IPv6 only networks.  So as was mentioned the draft implies in my
opinion that rfc 3927 is unnecessary but the goal is to have the host OS
make the decision on whether the flag should be processed and if the OS
processes the flag then it can chose to disable IPv4 if it is not needed
which is the intent of the draft.

The dual stack model works well and I think it is very hard for most
operators including myself to get out of the dual stack mind set that rfc
3927 and 4213 have to be supported and have to work and if that model
breaks then this ipv6 flag option should not be supported which I disagree
that to be a reason to not support the draft.

This flag is for IPv6 only networks so is really mutually exclusive of the
dual stack hosts on the same subnet as all routers on the same subnet would
be sending the flag set to 1 as secondary signal if no offer is received
and the host does not have IPv4 network access then at that point IPv4 can
be disabled if the OS supports and there is no harm in doing so.

Once the IPv4 DHCPv4 fails and the host are in IPv4 link local mode with no
network access so at that point in time they are ready to receive this
secondary signal and process the ipv6 only flag set to 1 so that IPv4 can
be disabled.

The flag to me would be useful in migration of enterprises quickly to IPv6
and not have to support two protocols and the administrative  overhead of
supporting both and IPv4 & IPv6 addressing plan.  So to me this flag seems
like a great way to get all access network within the enterprise quickly
migrated to IPv6 only subnet.  I think would help break up the dual stack
dependency as well and allow for flatter larger L2 networks.  I think their
are a lot of advantages and use cases for this flag to be incorporated into
migration from dual stack to IPv6 only networks.

Gyan



On Mon, May 13, 2019 at 1:44 PM David Farmer <farmer@umn.edu> wrote:

>
>
> On Mon, May 13, 2019 at 10:08 AM Philip Homburg <
> pch-ipv6-ietf-6@u-1.phicoh.com> wrote:
>
>> >I don't propose this, I simply contend that it is what RFC3927 and
>> >dual-stack model intends. Per Section 2 of RFC 4213, the dual-stack model
>> >expects dual-stack hosts to be fully compatible with IPv4-Only hosts.
>>
>> RFC 4213, Section 2.1 starts with:
>> "Because the nodes support both protocols, IPv6/IPv4 nodes may be
>> configured with both IPv4 and IPv6 addresses."
>>
>> Nowhere does RFC 4213 Section 2 say that IPv4 address configuration has to
>> be the same between IPv4-only and dual stack.
>>
>
> The very first sentence of RFC 4213 Section 2 says, "The most
> straightforward way for IPv6 nodes to remain compatible with IPv4-only
> nodes is by providing a complete IPv4 implementation." You are basically
> suggesting that RFC3927 isn't needed. Which seems to be part of a complete
> IPv4 implementation, at least as far as I can tell.
>
>
>> Beyond that, IPv4 is a legacy protocol. There is no reason we can't
>> publish
>> a RFC that updates a RFC from 2005.
>>
>
> Yes, we can update it, but we need consensus to do so and doing it the way
> you suggest will break or at least make things that work less reliably than
> they do today, so I'm not sure we'll get consensus for what you suggest.
>
> Some people didn't link the breakage possible with this flag, at least
> before I suggested that it should be a secondary signal and the lack of
> IPv4 DHCPOFFERS should be the primary signal to not configure a global
> scope unicast IPv4 address.
>
>
>> >Further, there are good reasons to require this for compatibility between
>> >dual-stack hosts and IPv4-Only hosts. If dual-stack hosts were to do as
>> you
>> >say and not configure a Link-Local IPv4 address if they have a working
>> IPv6
>> >address they would not be able to communicate with IPv4 Link-Local or
>> >global scope unicast IPv4 addresses on the local link unless they
>> receive a
>> >global scope unicast IPv4 address via DHCPv4. Your proposed change breaks
>> >the dual-stack model.
>>
>> Please provide examples where people are actively using IPv4 link local
>> together with IPv6-only in the case the DHCPv4 server fails.
>>
>
> The point is RFC3927 is automatic, most of the time you don't even know
> you are using it.  But the easy example of what you break would be printing
> to a local IPv4-Only printer. If the dual-stack host doesn't receive a
> global unicast IPv4 address and it doesn't configure an IPv4 Link-Local
> address it won't be able to print to the local IPv4-Only printer. This kind
> of thing would be rather common in the home network environment, and
> RFC3927 is important when there are issues with the Internet gateway.
>
>
>> I clearly wrote that the user should be able override this behavior. So if
>> a site wants to use IPv4 link local to access legacy devices, then the
>> user
>> would have to change a setting. That's to be expected if you want to use
>> legacy devices in a modern network.
>>
>> IPv4 is a legacy protocol. We should not add protocol complexity just to
>> keep
>> obscure IPv4 features alive.
>>
>
> Then you are saying that it is ok for local access at unmanaged sites to
> an IPv4-Only device can be broken when there is an issue with the local
> gateway.
>
>
>> >By the way, do you mean any working IPv6 address? Because all IPv6 host
>> >will have an IPv6 Link-Local address. So, do you mean a global scope
>> >unicast IPv6 address?
>>
>> Just an IPv6 link-local is not evidence of IPv6 connectivity. My guess is
>> that checking for any global address is enough. But if a stack wants to
>> go beyond that and make sure that there is global connectivity and access
>> to a DNS resolver then that is fine with me.
>>
>
> I figured that is what you meant, but we need to be specific.
>
>
>> >Without some kind of explicit signal that a network is intended to be
>> >IPv6-Only, per Section 2 of RFC4213 a dual-stack host needs to be fully
>> >compatible with IPv4-Only hosts that could be on the dual-stack network..
>>
>> There is no need to maintain obscure details of a legacy protocol.
>>
>> If IPv4 link locals combined with IPv6 are in active use, then obviously
>> that
>> would make the situation. But, as far as I know, IPv4 link local is
>> useless, except for some rather obscure edge cases.
>>
>
> Those edge cases you think are so obscure, happen every day in the home
> environments when the provider gateway goes away, and there are IPv4-Only
> devices.
>
>
>> For most people, an IPv4 link local just means that DHCP failed. Not some
>> thing you use in a network design.
>>
>
> Yes, but if you want local access to work in the meantime then you need
> RFC3927..
>
>
> --
> ===============================================
> David Farmer               Email:farmer@umn.edu
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE        Phone: 612-626-0815
> Minneapolis, MN 55414-3029   Cell: 612-812-9952
> ===============================================
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>


-- 
Gyan S. Mishra
IT Network Engineering & Technology Consultant
Routing & Switching / Service Provider MPLS & IPv6 Expert
www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT
Mobile – 202-734-1000

v2.23.0 | Report a Bug | By Email