IETF Logo Mail Archive

Re: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt

Lee Howard <lee@asgard.org> Sat, 20 October 2018 15:37 UTC

Return-Path: <lee@asgard.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E027F130E53 for <ipv6@ietfa.amsl.com>; Sat, 20 Oct 2018 08:37:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.234
X-Spam-Level:
X-Spam-Status: No, score=-1.234 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mi9WzAIkXMka for <ipv6@ietfa.amsl.com>; Sat, 20 Oct 2018 08:37:55 -0700 (PDT)
Received: from atl4mhob04.registeredsite.com (atl4mhob04.registeredsite.com [209.17.115.42]) by ietfa.amsl.com (Postfix) with ESMTP id F0E0D12F1AB for <ipv6@ietf.org>; Sat, 20 Oct 2018 08:37:54 -0700 (PDT)
Received: from mailpod.hostingplatform.com (atl4qobmail03pod6.registeredsite.com [10.30.71.211]) by atl4mhob04.registeredsite.com (8.14.4/8.14.4) with ESMTP id w9KFbppt010201 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for <ipv6@ietf.org>; Sat, 20 Oct 2018 11:37:51 -0400
Received: (qmail 9977 invoked by uid 0); 20 Oct 2018 15:37:51 -0000
X-TCPREMOTEIP: 104.153.224.169
X-Authenticated-UID: lee@asgard.org
Received: from unknown (HELO ?172.19.248.225?) (lee@asgard.org@104.153.224.169) by 0 with ESMTPA; 20 Oct 2018 15:37:50 -0000
Subject: Re: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt
To: ipv6@ietf.org
References: <153973137181.9473.10666616544238076833@ietfa.amsl.com> <092346e1-6350-e54e-e711-9c5ee6dc4e6b@gmail.com> <CAFU7BASO_ByzbanhLKnWV280O_fASd-8W+ujpj3sN6d2-whw2w@mail.gmail.com> <CACWOCC-u7aAPwAOcixYvt2On=-o_8X25GhqdXTfA+tWRC1o2XA@mail.gmail.com>
From: Lee Howard <lee@asgard.org>
Message-ID: <fbeb28dd-5e05-1883-e0b5-78ac6634181b@asgard.org>
Date: Sat, 20 Oct 2018 11:37:12 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <CACWOCC-u7aAPwAOcixYvt2On=-o_8X25GhqdXTfA+tWRC1o2XA@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------07C87E6D12C69C6ACF0E047B"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/RbfTUx7CgcSx7t4SiXAf2XkxjpE>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Oct 2018 15:37:57 -0000

I've been meaning to say the same thing. I don't think there's astronger 
advocate for IPv6-only than I am, but I have some misgivings on this 
document that I haven't quite been able to articulate.

I haven't been following the discussion closely, but have we heard from 
any OS developers about what they plan to do if they see the flag?

I don't need to see code deployed in the wild, but I sure would like to 
have some hint from implementors what will happen in the wild. Different 
implementations might well intepret the flag differently, which might 
result in some surprising behaviors on the wire(less).

For instance:
Devices come up with at least IPv4 enabled and start sending some kind 
of local multicast, maybe doing service discovery over IPv4. Then a 
router sends the IPv6-only flag. If some hosts recognize it and others 
don't, they may try a service that has previously been advertised over 
IPv4.
Does Happy Eyeballs solve this? I don't know whether printer services 
implement that, though I know that on my dual-stack network I can't 
print if I lose IPv6.

So I'd like to see how OSs will detect and recover.

Lee

On 10/19/2018 08:35 AM, Job Snijders wrote:
> I think it would be good to have some running code before advancing 
> this to IESG review and RFC publication. I don’t mean someone being 
> able to send the flag in a RA, but an operating system reacting to 
> receiving a RA with the flag set.
>
> Operating system implementers will be able to provide valuable 
> feedback to the working group on how to mitigate risk for some of the 
> suspected attack vectors - and it’ll be educational to see how this 
> works in practice. I think running code will improve this specification.
>
> Kind regards,
>
> Job
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email