IETF Logo Mail Archive

Re: [IPv6] Adoption call for draft-bctb-6man-rfc6296-bis

Ole Trøan <otroan@employees.org> Wed, 20 March 2024 05:01 UTC

Return-Path: <otroan@employees.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74EA9C151536 for <ipv6@ietfa.amsl.com>; Tue, 19 Mar 2024 22:01:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.213
X-Spam-Level:
X-Spam-Status: No, score=-1.213 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, MIME_HTML_ONLY_MULTI=0.001, MIME_QP_LONG_LINE=0.001, MPART_ALT_DIFF=0.79, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=employees.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M1-FYnVkurXU for <ipv6@ietfa.amsl.com>; Tue, 19 Mar 2024 22:00:58 -0700 (PDT)
Received: from proxmox01.kjsl.com (proxmox01.kjsl.com [204.87.183.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2BE90C151549 for <ipv6@ietf.org>; Tue, 19 Mar 2024 22:00:58 -0700 (PDT)
Received: from proxmox01.kjsl.com (localhost.localdomain [127.0.0.1]) by proxmox01.kjsl.com (Proxmox) with ESMTP id A04E3E1A36; Wed, 20 Mar 2024 05:00:57 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=employees.org; h=cc:cc:content-transfer-encoding:content-type:content-type :date:from:from:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=prox2023; bh=Ba/XCTL58wlzV5i5 idrHDvmjALfXJWoP8fj2fTR8AGc=; b=kEaEyyhYCnEGqOOHzjXI/xD1HqylRezQ l0g7NtaXbnvST0dfnEtPeXbEEtdx/y8P1s6TOE0eJsk/ycsb/JMrCQs9k5E58O1d 9WZ4JpM9v598LAa3lbsbUrXnTIxmZMj6/5T7t5WGqOL6EEALJmo8dDOd770c1dcI nB0AzQ3dDUk0DUu2pMjkpanVvXb/Ux5nJz9aZ5PMT/S7bxVUvh+Luf6MKt3p+8kh DgP/sPXykKMwpZJW09TrfuJJHc4rR53nak8TPiyzU3lnw8KTXtZuregADI029UZp a5TO/WKD8pEKjqbQdb4jSEmTe9yqHW5dBAS59XuQD/Iy/xDzT/8QUg==
Received: from clarinet.employees.org (clarinet.employees.org [IPv6:2607:7c80:54:3::74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by proxmox01.kjsl.com (Proxmox) with ESMTPS id 73FE0E1A2D; Wed, 20 Mar 2024 05:00:57 +0000 (UTC)
Received: from smtpclient.apple (unknown [IPv6:2001:4650:c3ed:37a:a855:7e61:a191:a620]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by clarinet.employees.org (Postfix) with ESMTPSA id 3725A4E11D06; Wed, 20 Mar 2024 05:00:57 +0000 (UTC)
Content-Type: multipart/alternative; boundary="Apple-Mail-675BCAE8-C869-4E7B-AC52-B1EC1FEFB8CC"
Content-Transfer-Encoding: 7bit
From: Ole Trøan <otroan@employees.org>
Mime-Version: 1.0 (1.0)
Date: Wed, 20 Mar 2024 06:00:44 +0100
Message-Id: <82FF5551-9665-4F1B-988D-125016F90E83@employees.org>
References: <CAPt1N1nUtBrh0dam7rCm-Tx4hGy4VJbH16c6r+bQTfV0EgaMBg@mail.gmail.com>
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, IPv6 List <ipv6@ietf.org>
In-Reply-To: <CAPt1N1nUtBrh0dam7rCm-Tx4hGy4VJbH16c6r+bQTfV0EgaMBg@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
X-Mailer: iPhone Mail (21D61)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Rat-6s2ljavSAHjK7bqzFQVQlTI>
Subject: Re: [IPv6] Adoption call for draft-bctb-6man-rfc6296-bis
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2024 05:01:03 -0000

Ted,

You seem to make the assumption that MPMH, SAS/DAS selection and multi-homing policy distribution can actually be made to work.

Across every application and every host stack in a network. Ivory tower?

We should not ignore the other use cases for identity/locator split. Abstracting services for example. (Although those are sometimes done at L4 or L7 as if that makes it better). 

I agree we should discuss solution based on merit. It has not been shown that your alternative proposal has merit (yet). There’s still hope perhaps, but we have hand-waved these solutions around for a few decades. Mostly to the detriment of IPv6 deployment unfortunately. 

O. 

On 20 Mar 2024, at 04:28, Ted Lemon <mellon@fugue.com> wrote:


It will come as a shock to all, no doubt, but I read the document, and specifically those bits.

The problem is not that this document doesn't solve that problem. It's that it is not an unsolved problem: we do not need this document to solve that problem.

As Lorenzo pointed out, if you use ULAs for your internal servers, and also distribute whatever GUAs you get from the ISP through your network, you never need to renumber your infrastructure because your ISP changes your external GUA prefix. We don't even need to update source/dest address selection to deal with this: you just do not use addresses in the ISP-provided GUA in your configurations. So e.g. your internal DNS /only/ publishes the ULA, never the GUA. If you give your routing infrastructure routable addresses, the addresses you configure are from your ULA. Basically precisely what you would do if you were using NPTv6—the only thing you change is that you also propagate the ISP-provided prefix for external connectivity.

This should behave much better than NPTv6, because there isn't a weird transition point at the edges of your network where magic happens that is not seen internally.


On Wed, Mar 20, 2024 at 1:19 PM Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
On 20-Mar-24 15:08, Ted Lemon wrote:
> I would appreciate it if we could discuss the merits and not the marketability of this proposal. When the IETF publishes a standards-track or informational document, we are indeed recommending the documented solution.
>
> It’s fine for you to disagree with me, but as a general principle IETF consensus should be based on technical arguments, not marketing arguments. Of course we want whatever we recommend to be something the market would use, but we don’t need to solve a problem simply because the market would buy the solution to the problem. There should be an actual problem to solve that is not already solved by an existing standard. That’s not the case here.

Huh? While I don't think the applicability text in the draft is done yet, the "Address Independence" and  "NPTv6 Applicability" sections already describe use cases that are not otherwise satisfied.

RFC 8678 is worth reading at this point, and the draft should certainly reference it.

    Brian

>
> Op wo 20 mrt 2024 om 11:04 schreef IPv6 <ipv6@jima.us <mailto:ipv6@jima.us>>
>
>     Ted,
>
>     I don't think standardization is necessarily the implicit (or explicit?) endorsement that you're suggesting it is.
>
>     Some vendors already offer more or less the functionality in question; some network operators will implement this whether or not there's a Standards-track RFC outlining it (assuming they're not already). Not having an official-ish RFC just means they might do it more poorly.
>
>     Or they'll just do N:1 NAT/PAT/"NAT overload."
>
>     Or they'll just announce provider-independent space from every site (this would be a different kind of bad).
>
>     Or they'll just continue to not adopt IPv6, because it can't do the things to which they're accustomed on IPv4.
>
>     Technical purity aside, I'd rather have the least-bad option for the internet at large.
>
>     - Jima
>
>     ________________________________________
>     From: Ted Lemon <mellon@fugue.com <mailto:mellon@fugue.com>>
>     Sent: Tuesday, March 19, 2024 7:43 PM
>     To: IPv6 <ipv6@jima.us <mailto:ipv6@jima.us>>
>     Cc: Nick Buraglio <buraglio@forwardingplane.net <mailto:buraglio@forwardingplane.net>>; IPv6 List <ipv6@ietf.org <mailto:ipv6@ietf.org>>
>     Subject: Re: [IPv6] Adoption call for draft-bctb-6man-rfc6296-bis
>
>     Is that a use case that the IETF would recommend in a standards-track document, though? This is my point: it's not wrong to document this. What I'm suggesting is that we shouldn't standardize it. We should not, e.g., have 7084-bis recommending it. Or anything else.
>
>     On Wed, Mar 20, 2024 at 10:34 AM IPv6 <mailto:ipv6@jima.us <mailto:ipv6@jima.us>> wrote:
>     Lack of imagination (or maybe cursed knowledge) doesn't mean it only solves a single problem. ;-)
>
>     It also solves something of an edge case where a leaf site is numbered off of a core site's static address space, but needs selective local internet break-out for bandwidth-intensive workloads (which aren't desired to be backhauled through the core site).
>
>     (Sorry if it sounds niche; I didn't invent this construct. -_- )
>
>     - Jima
>     ________________________________________
>     From: ipv6 <mailto:ipv6-bounces@ietf.org <mailto:ipv6-bounces@ietf.org>> on behalf of Ted Lemon <mailto:mellon@fugue.com <mailto:mellon@fugue.com>>
>     Sent: Tuesday, March 19, 2024 19:19
>     To: Nick Buraglio <mailto:buraglio@forwardingplane.net <mailto:buraglio@forwardingplane.net>>
>     Cc: IPv6 List <mailto:ipv6@ietf.org <mailto:ipv6@ietf.org>>
>     Subject: Re: [IPv6] Adoption call for draft-bctb-6man-rfc6296-bis
>
>     On Tue, Mar 19, 2024 at 11:32 PM Nick Buraglio <mailto:mailto <mailto:mailto>:buraglio@forwardingplane.net <mailto:buraglio@forwardingplane.net>> wrote:
>     Agreed, happiness should not determine success. From what I have seen (which is admittedly limited) moving from experimental to a "higher level" RFC is typically accompanied by something like a deployment status document, e.g. the SRv6 deployment status doc here https://datatracker.ietf.org/doc/html/draft-matsushima-spring-srv6-deployment-status" rel="noreferrer nofollow" target="_blank">https://datatracker.ietf.org/doc/html/draft-matsushima-spring-srv6-deployment-status <https://datatracker.ietf.org/doc/html/draft-matsushima-spring-srv6-deployment-status" rel="noreferrer nofollow" target="_blank">https://datatracker.ietf.org/doc/html/draft-matsushima-spring-srv6-deployment-status>
>
>     I think it's really important  to distinguish between "this draft solves a problem" and "this draft solves a problem that can't be solved already" and "this experiment has succeed and we can promote the document to informational or standards-track."
>
>     I think we can all agree that this draft solves a problem. I think it solves exactly one problem: allowing sites to keep stable internal addressing in the face of renumbering by ISPs and/or changing ISPs.
>
>     However, this problem can be addressed the way 7084 currently solves it: by numbering the internal network with a stable ULA and hosting services on addresses within that ULA rather than on a temporary GUA provided by the ISP.
>
>     Problems NPTV6 does not solve:
>
>     * MHMP (although it solves some aspects)
>     * Internal address privacy
>
>     So I don't actually think this document does anything useful for the Internet community. I don't mind that there is a document that describes NPTv6, but I don't think it should be standards track or informational, and I don't think IETF documents should normatively reference it.
>
>     Regarding experiments, at least from a scientific perspective, an experiment needs to have a control group. If we wanted to know whether NPTv6 solved the problem in an easier way than dual ULA/GUA, we would want to set up an experiment where some sites continued to use IPv4, some used NPTv6, and some used ULA/GUA. As far as I know, no such experiment has been done, and no such comparison has been documented.
>
>     I think the presentation Paulo has just done is the most interesting, but what we are not seeing is an answer to the question "how's it going, what problems do you have, etc."
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6" rel="noreferrer nofollow" target="_blank">https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email