IETF Logo Mail Archive

RE: SLAAC vs DHCPv6 (II)

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Tue, 28 January 2020 14:24 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24917120119 for <ipv6@ietfa.amsl.com>; Tue, 28 Jan 2020 06:24:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=DR9ZUDdE; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=cc27G7Bd
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mjQTvfokISR6 for <ipv6@ietfa.amsl.com>; Tue, 28 Jan 2020 06:24:43 -0800 (PST)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 275D5120071 for <ipv6@ietf.org>; Tue, 28 Jan 2020 06:24:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3279; q=dns/txt; s=iport; t=1580221483; x=1581431083; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=4Zrkg3UbDETImDzqc4jHHgmus1JVyXTmUsNVkHgo3Zk=; b=DR9ZUDdEHKHaBYx40PlaSskuddGjM8SmL53Xxd/GnJgo9GP1FOjVf+LT 61u+JcxzeQz+ISRSZ5Qq5WFqOEKH/8SvXwLxsEhn/JicEXWuTOGyxR7Zy DKmIK0zrJ+h9yyeYdFmXLtkzssv/XHDNBRINQahV4pXzFQP8YWfLxCKtz M=;
IronPort-PHdr: 9a23:wRU03hZuYgkS9uGJseYl5or/LSx94ef9IxIV55w7irlHbqWk+dH4MVfC4el20gabRp3VvvRDjeee87vtX2AN+96giDgDa9QNMn1NksAKh0olCc+BB1f8KavycywnFslYSHdu/mqwNg5eH8OtL1A=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BKAADNQzBe/4wNJK1lHAEBAQEBBwEBEQEEBAEBgWcHAQELAYFTUAVsWCAECyqHWgOEWoY5gl+YD4EugSQDVAkBAQEMAQEYCwoCAQGEQAKCJiQ0CQ4CAw0BAQQBAQECAQUEbYU3DIVeAQEBAQMBARAoBgEBJgYLAQsEAgEIEQQBAR8QJwsdCAIEAQ0FCBqDBYJKAy4BAgyiEgKBOYhigieCfwEBBYFDQYJ+GIIMAwaBOAGJVIJJGoFBP4ERR4FOfj6CZAEBAgEBgTgBKINAgiyNYCAPA5IWjzQKgjmHQo8QmnyKf4NhiGSSKQIEAgQFAg4BAQWBUjmBWHAVO4JsUBgNjh0MF4NQhRSFP3QCgSeKRAEnghsBAQ
X-IronPort-AV: E=Sophos;i="5.70,374,1574121600"; d="scan'208";a="416051533"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 28 Jan 2020 14:24:36 +0000
Received: from XCH-ALN-001.cisco.com (xch-aln-001.cisco.com [173.36.7.11]) by alln-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id 00SEOaqk021980 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 28 Jan 2020 14:24:36 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-ALN-001.cisco.com (173.36.7.11) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 28 Jan 2020 08:24:36 -0600
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 28 Jan 2020 08:24:34 -0600
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 28 Jan 2020 08:24:34 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DeQ4ccWeWEWEThTdjhLqivlI8vcrdjOPl5K6gPgeofEMdLY7IPalb6pyJduhT7uinVx66D71brhbbRGOV0UNJqszzOTvSCX0ATxSaWMAcihfFZECKjWlaYLZs+bz1Bt2/kShsMg3TCkvR3TQ2YtsVOd2O4hlZsVyurhTW2JrfvWQyFV25JHQZVrmkxeV+UqnE7gw2prRnL32+xXKD0N7UyC3Z/LP0Qac9kng9pbU2ojwrs2g5xORtRXFoKCwc6lNj9aLffOmnVXP65vXTbsnbLQpH4YFxpld5r/zmbXBPoUXXKzN4kqBraa9ugGoWF6cCUBJeEksIcLxNW6rGtpILA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4Zrkg3UbDETImDzqc4jHHgmus1JVyXTmUsNVkHgo3Zk=; b=kBrooagW9thjo40vY2B/fCWqMkKe0NR3cbnABwF17+TJ3aP9wr4IH22FBvny2Qs5nOm0a335s95INGqmrSearo03QSHhQSt8qpPmWTdahi2Xb3mw83ncQFHMt0Ok0fX8r3+JKEiDDz0XqdRPEobMpjhKOYiYvSxQKSQXzG4E1+KBBskQfFTeilbcMri5IJ9ZHnSrVPy6gk1tLTwFBMpXULXcx5qPMNkCU1cenjRdzKNhmyZfesfU1hEVqSbzSj9eKPCT4yqB752ese0wdLzBL+0aqnFxaUlqxMWFv2g/jp1oaL00CeYNuf2rqLk8G14M1sJU8siPlrBqXO6i8Fz5XQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4Zrkg3UbDETImDzqc4jHHgmus1JVyXTmUsNVkHgo3Zk=; b=cc27G7BdIjJOIzoUzhQyu4+H45GFld8mEC+89zdlTAuuedwQbCgETvx3zWq7wOHI9brwjgdUqDIZxhLujNRf5MzbIrcgnYkjTB2kcrpnj5D1VcJU4bMOC6ik4VfUNfTSDErEajcGJPYI0iS5l7kkL7/6m+t7XzF0cGGRgCgMkEU=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4335.namprd11.prod.outlook.com (52.135.38.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2665.24; Tue, 28 Jan 2020 14:24:33 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::fd76:1534:4f9a:452a]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::fd76:1534:4f9a:452a%3]) with mapi id 15.20.2665.026; Tue, 28 Jan 2020 14:24:33 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Nick Hilliard <nick@foobar.org>, Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org>
CC: 6man WG <ipv6@ietf.org>
Subject: RE: SLAAC vs DHCPv6 (II)
Thread-Topic: SLAAC vs DHCPv6 (II)
Thread-Index: AQHV1YJDGkV2mVdlpEKBDJEyFuznEqf/cs2AgAAEu4CAAB2ZZoAAA96AgAAmVPCAAAkGAIAAAMNwgAATPYCAADk0gIAAB9Gw
Date: Tue, 28 Jan 2020 14:24:05 +0000
Deferred-Delivery: Tue, 28 Jan 2020 14:23:38 +0000
Message-ID: <MN2PR11MB35658CECD1D538E56D009D3ED80A0@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <03C832CE-7282-4320-BF1B-4CB7167FE6BE@employees.org> <DE7B0688-230F-4A5C-8E24-9EAED9FD9FEB@puck.nether.net> <AFEBAD7D-DF24-4924-8B9A-60DF22BA1953@consulintel.es> <c42affce-fbd3-23ec-c9ff-4f05cdf38630@si6networks.com> <41173152-A8E8-4241-9DE7-376AA7AFB813@consulintel.es> <c4166907-b6c9-a4ef-fd59-cf539bbe0405@si6networks.com> <43D76C96-C16B-4BEB-B9B8-C68D53BCE63F@fugue.com> <fb5b8377-892d-2777-ef9b-4f9ddefa6c93@si6networks.com> <CAKD1Yr034_tu7ZoJ1FCfDYhNSN6igm-ZQyR4u3U+UDMr=huGOw@mail.gmail.com> <1af0b06d-f9d7-5ea1-27f3-b417eb9148fa@si6networks.com> <7606A049-318D-4526-917D-F2A801BF7050@cisco.com> <CAKD1Yr1d9kORFdoOJr22J_UDJ9hLPr6AQLyWuh7=bAQKa+aXGw@mail.gmail.com> <MN2PR11MB356588FC3E8A6410B725D159D80A0@MN2PR11MB3565.namprd11.prod.outlook.com> <CAKD1Yr35meRGh_POo_2jrHA_oazO1xUOG5G_rx43xNLFYHQsMQ@mail.gmail.com> <MN2PR11MB356526F01CAE1CADEF8E4472D80A0@MN2PR11MB3565.namprd11.prod.outlook.com> <CAKD1Yr0-rmyzz3y1d+pCpA0+tGuhSdjojaJovXUzVuyx6UdeLA@mail.gmail.com> <98179a48-8d86-4673-6c82-fc0022988862@foobar.org>
In-Reply-To: <98179a48-8d86-4673-6c82-fc0022988862@foobar.org>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:420:44f3:1300:41e7:7725:e525:b2e8]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 282f068b-84e1-4ed4-fd1d-08d7a3fdcb74
x-ms-traffictypediagnostic: MN2PR11MB4335:
x-microsoft-antispam-prvs: <MN2PR11MB4335963A136A35016C7C0340D80A0@MN2PR11MB4335.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 029651C7A1
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(376002)(396003)(366004)(136003)(39860400002)(189003)(199004)(6506007)(53546011)(186003)(52536014)(9686003)(81156014)(8676002)(66574012)(4326008)(81166006)(8936002)(71200400001)(6666004)(86362001)(110136005)(5660300002)(966005)(316002)(7696005)(55016002)(66946007)(76116006)(478600001)(64756008)(66556008)(66476007)(66446008)(2906002)(33656002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4335; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: tuxlNplxeR7q40U4o0WYEF8ad/dUtsfUmlSss4cZymkLSx6b73y1IxZVE0h0aTsBSJYtMftJZzpXtRirNP6jhQqfJspq6Kcxl6eO8zoAxUbLFRMxfRYh6KfqgZPdWSltzW1dWMUpo5VFLRkylD3GWSR1flVSVAxgzdecSkYo+A3RAIRfV9QAPfRuJjTZ0RHP60se9POdHFJPR/PhGZnVPf/fJnlxHSD3WUSeqOhXkNK6ChzjdTRlcxT3Qbjh7+B230mOsNNgyoAnAJfJni7Tz8SLQXoabteOEfQfYPJcrBLaeqnXKz40P4g88bZvsu6ubGmxdweTVgOfY+eFRasnYg8l/0uWjE0ajVFOrE0xFF5M+B475KqbF+2UsDPPFMAetlMvYJX7HFYwd07mtC6FUec14gYzR9XdsoARZeWSZyl4WqrrlEVXJz9i4tluDFMi1j5vBHltvVwkMFPLv0Ue/Hd9VvNuc5I484ihkOB4z3UUbxT2CJHp3LWZ+DYWvkE1NbVgEM0M3tb7TXc/Hqa3Dw==
x-ms-exchange-antispam-messagedata: 6vbGt1Jem6mO9/x+Xag2njgpl5oqk824zOG0KWFYLD0gSEjiv5IxdYqXW0FXLvwIruqUPB92k6C0f51R1w+Ir+7icYaV5mZt+hEvYoyVkGiwOA4ezi6pNeSaIoN1OLdvRkCGPtX+2Mk4iHrujv+bIhnS/NFQb+VJr5C4l/rXi68qmSu3w1toGtBh5VtEGpC/p2VmesSlDM2P89Ntzp3Pkw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 282f068b-84e1-4ed4-fd1d-08d7a3fdcb74
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jan 2020 14:24:33.0710 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ty7XS3A0mbfj+CjdSb7/P6nr61s7BrylckGO+qfCZG1YKHzrkqLoggCKs4x13QgYbdprm+ABs4BAiqySS1Pj8w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4335
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.11, xch-aln-001.cisco.com
X-Outbound-Node: alln-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/HtaXloKMUx5AWsRKns2C663KoHg>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2020 14:24:46 -0000

Exactly!

Also, I hope this discussion does not turn into a router vendor against a host vendor for who takes the blame in case of an outage. The real question is what gets us the best IPv6 service for the end user and the network admin. 

As you point out, this discussion has already isolated environments, e.g., home when all must work automagically but the multicast pressure is low, and corporate/marge conference where there's a control center and a need for visibility. 

For home, there are a limited number of devices and if the hosts respect whatever best practice, there should not be a problem in normal conditions. There can be misbehavior on the host side, leaks on the router side. I guess the router would malloc to death and reboot when saturated, and at home that would be OK if rare enough. So I just expect "no limits" by default in the home GW. Which mean that the router would automagically have a state maintained for the user addresses for their requested lifetimes, with a better user experience when the address is allocated - Jen's point-, but not much difference.

In a managed environment things are different. If a NOC configures the router to say "sorry, network is full" when the host has one address, and the users complain, it will be between the users and the NOC, not between the router and the host. The network, devices and protocols are not to blame. The NOC can already set that limit today on a variety of products. But for the lack of explicit signaling, the addresses that the network maintains may not be the ones the device wants to use.

On the SAVI point, RFC 8505 makes SAVI more efficient by maintaining a real state as opposed to snooping protocols. Current SAVI experience shows limitations with silent hosts (e.g., a printer that does not expose an address, did DAD last year and still expects to be reachable on that address), mobility (hard to differentiate with impersonation attack), and others. See also with https://datatracker.ietf.org/doc/draft-ietf-6lo-ap-nd/ how it is a lot easier to do a SEND equivalent with a registration.

Cheers;

Pascal


> -----Original Message-----
> From: ipv6 <ipv6-bounces@ietf.org> On Behalf Of Nick Hilliard
> Sent: mardi 28 janvier 2020 14:39
> To: Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org>
> Cc: 6man WG <ipv6@ietf.org>
> Subject: Re: SLAAC vs DHCPv6 (II)
> 
> Lorenzo Colitti wrote on 28/01/2020 10:14:
> > Second: for many networks, the desired saturation point is one
> > address. I think we here all agree that is a bad idea
> 
> This seems to be a curiously simplistic view of a complex policy issue for which
> there is no single answer.
> 
> Specifically we don't all agree that this is a bad idea and many people in this
> working group and others have been very clear that whether this is a good or a
> bad idea depends on the situation.
> 
> Nick
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email