IETF Logo Mail Archive

Re: slaac-renum: New rev of draft-gont-6man-slaac-renum (Fwd: New Version Notification for draft-gont-6man-slaac-renum-08.txt)

Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com> Tue, 26 May 2020 16:13 UTC

Return-Path: <pch-b9D3CB0F5@u-1.phicoh.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E8AA3A07BF for <ipv6@ietfa.amsl.com>; Tue, 26 May 2020 09:13:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.622
X-Spam-Level:
X-Spam-Status: No, score=-1.622 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.276, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1BVAk-ikwMRf for <ipv6@ietfa.amsl.com>; Tue, 26 May 2020 09:13:11 -0700 (PDT)
Received: from stereo.hq.phicoh.net (stereo6-tun.hq.phicoh.net [IPv6:2001:888:1044:10:2a0:c9ff:fe9f:17a9]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C66503A07B1 for <ipv6@ietf.org>; Tue, 26 May 2020 09:13:10 -0700 (PDT)
Received: from stereo.hq.phicoh.net (localhost [::ffff:127.0.0.1]) by stereo.hq.phicoh.net with esmtp (TLS version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305) (Smail #157) id m1jdcCQ-0000IUC; Tue, 26 May 2020 18:13:06 +0200
Message-Id: <m1jdcCQ-0000IUC@stereo.hq.phicoh.net>
To: ipv6@ietf.org
Cc: Fernando Gont <fgont@si6networks.com>
Subject: Re: slaac-renum: New rev of draft-gont-6man-slaac-renum (Fwd: New Version Notification for draft-gont-6man-slaac-renum-08.txt)
From: Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com>
Sender: pch-b9D3CB0F5@u-1.phicoh.com
References: <158986953939.9945.6882780269741835824@ietfa.amsl.com> <8354111a-7d3f-ecfa-bcf1-baaae27209ee@si6networks.com> <m1jb46e-0000K4C@stereo.hq.phicoh.net> <04027980-51a1-a831-df0c-750c4194333e@si6networks.com> <m1jbRDw-0000IQC@stereo.hq.phicoh.net> <a2710dfc-ec66-9e9f-8a2b-0fa0ad7e2b32@si6networks.com> <m1jc9hu-0000K8C@stereo.hq.phicoh.net> <772d4a92-9a4d-ef71-dac5-cb944acba925@si6networks.com> <m1jdEpw-0000IEC@stereo.hq.phicoh.net> <3da7df4d-a191-d9d9-6d00-b9c30d7b03d1@si6networks.com>
In-reply-to: Your message of "Mon, 25 May 2020 13:26:59 -0300 ." <3da7df4d-a191-d9d9-6d00-b9c30d7b03d1@si6networks.com>
Date: Tue, 26 May 2020 18:13:03 +0200
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/RFcQQGGbpP_WB8uXf2ooJIMa83A>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 May 2020 16:13:28 -0000

>> My issue is with LTA_DEPRECATE.
>
>What's the issue with LTA_DEPRECATE when the algorithm separates the 
>processing of different address types (e.g. ULA and NON-ULA)?

I'm saying it is fragile, because it will fail if a third type of address
is in use.

>Note: Previous alternative proposals have suggested to prefer the latest 
>prefix received, in which case, if prefixes were sent in multiple RAs or 
>there were multiple-prefixes sent by multiple routers, they were 
>guaranteed to oscilate.

This sounds like a strawman. You ignore my proposal and then refer to something
that has been shot down already.

>> This means that valid reasons can exist why the router doesn't do that.
>
>SHOULD is "only do if you have a very good reason". And, if for some 
>reason you were to send PIOs in different RAs, non-ulas are only 
>deprecated by non-ulas, and ula-are only deprecated by ulas. (assumming 
>PIOs are sent in multiple RAs (currently not the case, there are 
>multiple non-ulas pios being sent (not the typical case, either) *and* 
>an RA gets lost).
>
>Where's the breakage?

Packets gets lost all the time. It is very fragile if we have one part
of a standard that says that you can split RAs and then another where hosts
will fail in unexpected ways if you do that. In my book that's just a bad
standard.

If you want it to be a MUST then make it a MUST and see if that gets 
consensus.

If you keep it at a SHOULD because the MUST doesn't get consensus, then
take it into account that RAs will be split.

>The document does consider it -- that's why prefixes are not deprecated 
>at once. Deprecation will only happen if there's another address of the 
>same type being announced.

Like I said many times already, that will fail if there a 3rd type of address.

>> Can you give an example. In thinking about the current problem, I found the
>> policy table remarkably ineffective when it comes to ULAs.
>
>See the rule about addresses of minumum scope. Otherwise you'd never get 
>to actually use ULAs.

ULAs get picked up by the longest matching rule. Maybe you can give
an example where a ULA doesn't get using the old table?

>> I can imagine an issue with destination selection if you have both a ULA and
>> a non-ULA as part of a single DNS RR-set.
>
>Which issue?

Upon re-reading RFC 3484 it seems that destination selection would also
work if the host has no knowledge of ULAs.

>non-ULAs are only deprecated when you have another non-ula. Same with 
>ULAs: you only deprecate an ULA if you have another preferred ULA.
>
>THe algorithm in draft-gont-6man-slaac-renum will never deprecate the 
>only ULA you ahve or the only non-ula you have.

This fails if there is a 3rd type of address.

>That's because strictly speaking is not a different address type: they 
>are essentially  GUAs that are known to be filtered on the site boundary.

That's why it is fragile to have an algorithm that can fail if there is
a third type of global address.

>If you introduce a new address type, yes, of course you need hosts to be 
>updated. There's no magic.

I explained before that ULAs can be used by hosts that have an unmodified
policy table, just like RFC 1918 addresses are used by unmodified IPv4 hosts.

So, yes there is magic. Hosts do not have to know about the properties of
the routing system.

>You seem to assume that:
>1) You can positively tell whether a router splits RAs -- but you can't. 
>You're still playing with probabilities here.

I'm just assuming the same packet loss as for RAs in general.

>2) This requires more complexity, and more packets (multiply that by 
>number of hosts in a network).

It doesn't require more packets. It may take a host longer to deprecate a 
prefix in rare circumstances.

>3) And all this to deal with a case that this document recommends 
>against, does not currently happen in practice, and that is dealt with 
>the current algorithm, as indicated above.

Then make it a MUST. Keeping it a SHOULD is a clear indication that the
split will happen.

If you say: a router MUST send all SLAAC prefixes in a single RA,
then this problem is solved.

v2.23.0 | Report a Bug | By Email