IETF Logo Mail Archive

Re: [IPv6] Second Working Group Last Call for <draft-ietf-6man-rfc6724-update>

Ted Lemon <mellon@fugue.com> Wed, 10 April 2024 16:03 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE90DC14F605 for <ipv6@ietfa.amsl.com>; Wed, 10 Apr 2024 09:03:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TacCAuquzBI2 for <ipv6@ietfa.amsl.com>; Wed, 10 Apr 2024 09:03:21 -0700 (PDT)
Received: from mail-qv1-xf2e.google.com (mail-qv1-xf2e.google.com [IPv6:2607:f8b0:4864:20::f2e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92AFBC14F5FA for <ipv6@ietf.org>; Wed, 10 Apr 2024 09:02:54 -0700 (PDT)
Received: by mail-qv1-xf2e.google.com with SMTP id 6a1803df08f44-69b10ead8f5so21596146d6.0 for <ipv6@ietf.org>; Wed, 10 Apr 2024 09:02:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20230601.gappssmtp.com; s=20230601; t=1712764973; x=1713369773; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=v02/Bj7Q4aNXGTtJaokmli9HihSsj7QkqwMb60+VghY=; b=jUHtu9a3n6fGkohWdx+MvQIEBydtoHBhZKj+QozTPIkJ0AeVQD1SVKHdVdMBMS0pZw KtgIv2Zj3smoC3t/n/5WofmBBBHaWDftp1TP6HAVpGRmIxT/vN+vBDG7luKUY7tKmwMr 80o9jcOwetFG/8CrGGXR0/+bGWBPxRN40Sc/IPi04QDhvyPFElEIM83MktBp5FVchuxS ODzmjMiZ4jhDsPipXWvAJFpDMEUpyjePJn6SIFsiiboKvm0VohOFh9ICyDUo+H1FAAYY kFfxXaStgbliK6bnGh9d6GYKdsOSpPVRVmpAI4EmE8CnZbwxomW0gFO3/4Fyhixj2+qI IrZA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712764973; x=1713369773; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=v02/Bj7Q4aNXGTtJaokmli9HihSsj7QkqwMb60+VghY=; b=f1MI19nN1aOOzkuDFlAei+QO9xHxwIqH6/FO/NYyiG8fCzP0+Z0LuYR7hvhDB2SHQU 8FRb4EaHK/dLWkOeF9daAUbmF6K0N2YjzLe7ipGaXUWZGnKG+mFtrCS0e7criXFiof3w 1snk/mUTiNAnXzh3f3o16An8ahwF1RswAI4J3LWhvQqDBRkqaaTDli1p8XnQAKQ2844b bN5vARiMjOaV7q6sRck59+haSJohWhdEp5uXq5jhm0ufdBBoPM1n4vJkvS9skCWGNUmv hivQamGYOdupdlUJFbHb22JMzQUHuTkUcGWlu8LserccHtoDmItTnncI3qY8R/oTSqP6 D4MQ==
X-Gm-Message-State: AOJu0Ywa8QXWheRgqrjhwjS7rF6SBfN2luw3wUgglz+CJqS+TnVLootk BsYW8+KPzu7vorQFh/uUBPY9WjbDET7cEubg+L3/48HAXToA6MkqPh+49ysPMxMzK6YIADXe0w2 GHD/EXOWBUBxUx/WpwIQrGLcgUVXDaFpRdtqozQ==
X-Google-Smtp-Source: AGHT+IEDtXT5byDQybwPyAZqU/DJTdY+n1S2dwVcqyaancDZAtY82BD8w5ZQbJuzioiydMKzzsLcSMKKPBzDN7Vg0VE=
X-Received: by 2002:a05:6214:2a8c:b0:696:9f1d:6ec8 with SMTP id jr12-20020a0562142a8c00b006969f1d6ec8mr2639794qvb.36.1712764973153; Wed, 10 Apr 2024 09:02:53 -0700 (PDT)
MIME-Version: 1.0
References: <6A5E5F35-B35F-4358-8EE1-3BD82329141E@jisc.ac.uk> <6FBC1B5A-BF28-4B05-B2B2-A60DA4707755@gmail.com>
In-Reply-To: <6FBC1B5A-BF28-4B05-B2B2-A60DA4707755@gmail.com>
From: Ted Lemon <mellon@fugue.com>
Date: Wed, 10 Apr 2024 12:02:17 -0400
Message-ID: <CAPt1N1m-Ye8vfOVnsPesFshLMV5QuVoxWqM=HVZiJ37zaBg6AA@mail.gmail.com>
To: Bob Hinden <bob.hinden@gmail.com>
Cc: IPv6 List <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cf23710615c02b9d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/JXWaPCV3Mpc2AjZDUHTlFQRSP4g>
Subject: Re: [IPv6] Second Working Group Last Call for <draft-ietf-6man-rfc6724-update>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2024 16:03:23 -0000

Thanks, Bob. A few comments.

First, the abstract is too long, and contains a document reference.
Document references are (IIRC) not allowed in abstracts. The abstract
should tell us why to read the document, rather than briefly recapitulating
the introduction. I would suggest:

This document updates RFC6724 (default address selection for IPv6) based on
experiences with IPv6 deployment since RFC6724 was published. It makes
changes to the priority of various address types in default address
selection: ULA priority is increased, and 6to4 address priority is
decreased, for example. This document  also makes some behaviors, e.g.
"rule 5.5" mandatory rather than optional. With these changes, hosts are
more able to operate correctly in multi-homed networks and networks where a
ULA address can be expected to be more stable than a GUA address for
intra-site communication.

I continue to think that section 3,  "Operational Issues Regarding
Preference for IPv4 addresses over ULAs," should make the new proposed ULA
behavior mandatory rather than optional. I don't see a downside to making
it mandatory. Hosts will come into compliance when they can; older
implementations will not implement this new behavior, but I don't see any
point in perpetuating that.

Section 5 illustrates this well: it changes "MAY" to "SHOULD" but doesn't
explain why an implementation might not do this. "SHOULD" is not for
situations where we think some implementor might prefer not to implement
the recommended behavior out of expedience—it's for cases where we think
there's a reason that in some cases an implementation SHOULD NOT do it.
Since we have not documented any such cases, we should not say SHOULD here,
but rather "MUST."

Section 5.3 seems to suggest that if there are no "known-local" ULAs, all
ULAs should have the "known local" priority. I don't see any reason for
doing this. Is this what was actually intended? Is the notion that some
node might not be able to keep a full list of known-locals, and that in
that case it would be better to treat all ULAs as known-local rather than
none? If nothing else, this should be explained.

This text is a bit hard to follow:

   Such known-local ULA prefixes include /48 prefixes containing a ULA
   address assigned to any interface via manual configuration, DHCPv6
   NA_IA, or SLAAC or learned from a PIO received on any interface,
   regardless of how the PIO flags are set.  Additionally, type C hosts,
   as defined in [RFC4191] section 3, include any ULA prefixes learned
   from RIOs as known-local ULAs.

I would suggest something like:

A known-local ULA prefix is the /48 ULA prefix that contains an address or
prefix known to be local by the host. Such addresses and prefixes are known
to be local because they appear either in addresses offered for local use
by DHCP (e.g. delegated prefixes and allocated addresses) or in router
advertisement PIO and RIO options.

This paragraph could also use some work, in particular the use of "should"
is confusing:

   Any such inserted "known local" ULA entries should also have a
   different, but common, label, rather than the default ULA label, 13.
   This document defines a label of 14 for such inserted known-local ULA
   prefixes.

How about:

Known-local ULAs have a policy table label of 14; other ULAs have a policy
table label of 13.

I also don't love that we are proposing to just put all these prefixes in
the policy table. It might be worth emphasizing that this is how we are
explaining it, but there is no requirement that the internal data
representation be a table exactly as described here. But maybe that's
obvious and doesn't need to be stated.

I'm trying and failing in section 8 to see what changed in rule 5, but a
difference is highlighted. Maybe it's just line breaking?

So, I think the document is in pretty good shape modulo the above comments,
but would like us to change the SHOULD to MUST for known-ULA support.
However, I support this document either way—I just think it would be a
missed opportunity to leave known-ULA support at "SHOULD."

v2.23.0 | Report a Bug | By Email