IETF Logo Mail Archive

Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 07 May 2019 23:50 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D34F81200CD for <ipv6@ietfa.amsl.com>; Tue, 7 May 2019 16:50:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FCSyC9-eOzb3 for <ipv6@ietfa.amsl.com>; Tue, 7 May 2019 16:50:37 -0700 (PDT)
Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4B7D120073 for <ipv6@ietf.org>; Tue, 7 May 2019 16:50:37 -0700 (PDT)
Received: by mail-pf1-x432.google.com with SMTP id y13so9461430pfm.11 for <ipv6@ietf.org>; Tue, 07 May 2019 16:50:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=/HWurqTVmLCxJUd8mWKIijGShfu6dS5Gf88acRhX9nM=; b=STuD/KBJikQCSo/wNZ7UL9VU6oLtgdDKhpHb5kitkB/VJoOBkqhnGHvDcjkCZmrelU DzT25yoSWkvrfzmDYtHkabgRnzrhijClk47I/zB4EwvjX5mayQq1CQTi23G0Neya5fnl GrwvajoJ2rQ1I5SCQoLO+JszkJzao9HVoDX+kCHyOpKGJ+N5JP5/+2t7Pw0UbaMDgRIA nVuKFOVWIRY8jGel2Kjaj/DCMOwIh9LblxeDl7VVrG5gfAFZEGC5zD5IRBwZqhL5H9al QLQL+LyLbm3wCRkpgOpX11RAMuBfM8ARxVcVY+o7VTPL2aq0/5HZxTTeMWHVSavv1OSp rd0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=/HWurqTVmLCxJUd8mWKIijGShfu6dS5Gf88acRhX9nM=; b=V0WaAVdNKfM7B/yV+EaZREgggqYRPyW1JrZ9gPwVjxbPJlmsgCOd3LEkmU/pHa++hk 7BJvgMpoHVtIgf4/Nkzl6BzBeDP2wVW/GJaBOlACfZvrhWOBFGmaLvzNNWnUmqmatPg2 jdMjAtMKTki4Nh+R7R3MlPyNpu1wPpETKgXlQyY0gDlLakRR+tJviuYyx7sWXDE8GShY hEKCe2xd8MJpA+qrg9SDkgooIe2xfqLY4jp/vNLZwvixKX5JnOGRKS6n8zFWH7nQUMTe 3UNBSSzUgWPXF0l923xw7undLribOLmQriU2Mvaf0SpHmlhpNyrNKOHd7i+Q5Qt/EQtW 403w==
X-Gm-Message-State: APjAAAVuNKaDVhLF5go/yeiTR38KQEbkPrOthFg4xVOd4eNWvYzVVz65 UJZ+MfJto42DCUV+inWeC8/pIj7P
X-Google-Smtp-Source: APXvYqzzuL4UyNRPwpB/YCAKoF+8LY7wbWBS1X4awkuxCcghtcy2Fuu57lAoEEB1TMp4yBln4vm0WQ==
X-Received: by 2002:a63:c601:: with SMTP id w1mr43863911pgg.190.1557273036500; Tue, 07 May 2019 16:50:36 -0700 (PDT)
Received: from [130.216.36.6] (sc-cs-567-laptop.uoa.auckland.ac.nz. [130.216.36.6]) by smtp.gmail.com with ESMTPSA id i75sm26004308pfj.80.2019.05.07.16.50.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 07 May 2019 16:50:34 -0700 (PDT)
Subject: Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05
To: Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com>, ipv6@ietf.org
Cc: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
References: <F8BFFCAD-E58E-4736-8A1C-56579B6F6032@employees.org> <a2465e81-a17f-ab48-efda-20fe12a70077@foobar.org> <30239E0C-C444-4A7E-8342-AEE47BF8A2BB@employees.org> <20190505200449.GB7546@vurt.meerval.net> <80073906-c3c0-1f22-9e7f-c2b349063936@gmail.com> <CAO42Z2xzVW3m0mN7jEn8SYyYCYhrufVnkfp3rBjJcijBkvucNQ@mail.gmail.com> <CACWOCC-35yVYXSRR0sRL-MBMHyOFZtJx9E9h14G8qqVh5T7qGA@mail.gmail.com> <232c1a43-0fd9-4eae-737b-260a3906f72a@gmail.com> <51F2BD2A-A590-4AF1-B8C1-FE62C9416340@steffann.nl> <8C63324F-FEF6-40BD-B918-B413CDEF9186@gmail.com> <BC988F7C-B262-4FF3-929A-02E6BCCE2266@steffann.nl> <BC23F51B-4135-47C6-B22F-8AE5CD8CB6F6@lists.zabbadoz.net> <m1hO4j3-0000IYC@stereo.hq.phicoh.net>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <2980d6ed-c718-1f99-e203-cfdfe0c372c0@gmail.com>
Date: Wed, 08 May 2019 11:50:30 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <m1hO4j3-0000IYC@stereo.hq.phicoh.net>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Qy8W7PKTJYcWU-_juzXfkkaX6m0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 May 2019 23:50:40 -0000

On 08-May-19 06:21, Philip Homburg wrote:
>> Given as of the last draft there is an option to disable processing
>> despite implementing, OS vendors can implement the draft and do
>> what they think suits their users.   Even more so they might leave
>> the default to off for now as an advanced option to turn on and
>> with a major OS update, once the world has moved on, flip the switch
>> in the future.
> 
> This draft has two perspectives:
> - a network perspective (hosts trying to configure IPv4 waste bandwidth)
> - a host perspective (trying to use IPv4 may impact battery lifetime)
> 
> If this draft was part of a complete discussion on what to do with IPv4 
> and it became clear that this flag was required, then I would have no
> problem supporting the draft.
> 
> But nobody is doing any work on what IPv4 should look like in the future.

I don't understand that sentence. IPv4 is a legacy protocol,
so it will simply fade away.

> This draft is just a small hammer looking for a nail.

The nail has never been unknown, but some people claim it's too
small to be worth hammering.
 
> Without a clear idea of where we want to take IPv4 we can see some things
> happening:
> - To start with the host perspective. It is very like that many network will
>   not set this flag. Simply because there is no operator to decide if this
>   flag can be set or not. So hosts will implement counter measures to save
>   battery life even if the flag is not set.

I cerainly hope that's true.

>   Then because of security risks, it makes sense for hosts to either not
>   implement it of leave it off by default.

The draft already recommends configuring it off by default.

> 
>   Because there is no analysis from an IPv4 perspective, we don't actually
>   know if this draft is needed and how much effect it will have. 

We know that we're talking about a few percent of the traffic on an
IPv6-only network. Quantifying the effect on battery life is not
a reasonable task.

>   There is
>   justs some hints from hosts that are not optimized to live without IPv4.
> 
> - for a network, if many hosts do not implement this flag, then the network 
>   somehow has to cope. If the vast majority of the hosts do not implement
>   this draft then implementing this flag in a router is mostly an accident
>   waiting to happen. 

It's unclear to me what that accident might be, apart from what is
already in the security considerations.

>   Something that hardly any network engineer in the 
>   field can quickly diagnose. So it makes sense for routers to not implement
>   this draft. Which may reinforce host behavior to not rely on this flag.
> 
> - Finally, there is an existing code point in DHCPv4 to turn of IPv4 link
>   local configuration. Which is safe to implement for hosts and not hard
>   to provide for router vendors.

No disagreement there. I think we say that in the draft too.

> So we have a draft that clearly makes security worse. 

Not clear to me. Rogue RAs are a well-known danger already.

> That has operational
> risks if widely implemented. And at same time anybody sane will not
> implement the draft. So it probably live on as a useles flag that people will 
> remember to filter on their networks.

Sorry but that's a FUD argument.

   Brian

v2.23.0 | Report a Bug | By Email