IETF Logo Mail Archive

Re: SLAAC, Static & DHCPv6 day 1 interoperability issue

Gyan Mishra <hayabusagsm@gmail.com> Mon, 09 November 2020 23:14 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F8403A14CF; Mon, 9 Nov 2020 15:14:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.087
X-Spam-Level:
X-Spam-Status: No, score=-1.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JCtb_tqmkFLO; Mon, 9 Nov 2020 15:14:27 -0800 (PST)
Received: from mail-vs1-xe2f.google.com (mail-vs1-xe2f.google.com [IPv6:2607:f8b0:4864:20::e2f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C17E3A0FF6; Mon, 9 Nov 2020 15:14:27 -0800 (PST)
Received: by mail-vs1-xe2f.google.com with SMTP id b129so5967570vsb.1; Mon, 09 Nov 2020 15:14:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=oOPOQcAHf/i0w/G2pYh70O8cNTEDOwHhUQev7QMlHoY=; b=KlyStRSiNStWPUTLgCzHyPSUvPT/zHsqGlkfA9zt7o+JootWpXhK24undgG4AyLUhO WJ+xdB/46bI7zBv2Yp1zJMCMmNVB4Ypv4t8YmJ+szHUrmDzsx4//SPW9wMtwXGCnwmrl yJHXqBQJQvexLcvR/eJBO6/zyXgQNGK0e/mB0zXcOx7aj6d5ukPTUYrOLUqKPlcs3ZHZ 145F22uZkeLQYk3N2z8JEa9kOwoMfmFjJixNG15x72zVlGxcDKC3Ns4w8LoU0rk6tmFU lOx1kNjAI0/yHOqKJ8bDVO3+UHCTSSSivSCfo+Y4YtS8qdjHcXZISQcWRCbdVk3f+iwZ 4Dwg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=oOPOQcAHf/i0w/G2pYh70O8cNTEDOwHhUQev7QMlHoY=; b=S4YPhVTwqJqC2hY1oJezlfqvKOvghZNleP8BXJUHl+JcV2sjR1RAt1Zul02iAbL/2F UWDzHcyAij0P6bY1T4pMZva1EwFIvMfRcpny6qFlJ1BjxKWLfOoQCB36CdVceqf6AMOM zSMo07dt2PJr5lXbmCVzTu0mt+pVEbESXsuDp3EHELxWXJNftU1JaRohqwzz5quVEegu d/P+xFUu4KtRQEhbmamt75YFNgW4X85jAEaJGVJtwx3fpyjY4CfPV/f52nHwkoM7O3mr nkM/3UwMggBkECm8V8Tpv/eM82F2+1GlgDuf0H8LTvm0B0PeBCViQOwtX7M7aCcL66zV /F+w==
X-Gm-Message-State: AOAM532fDOdTIp1bQhs7BuyxVMIBx7hgU1d3fe1hGDRI11Vv88YcvCDn vf7dtsj+yuszscJsLx2n0c+eKpHbH152YER5LhU=
X-Google-Smtp-Source: ABdhPJxOBcxrz1x90quyYePGqctfRwO3t3pjFpQvxFKt+w7Z5Buea1My6S1zoP3rD7tZ2zE6PrxW1StG14r+AqJDgfg=
X-Received: by 2002:a67:6f06:: with SMTP id k6mr9907886vsc.20.1604963666610; Mon, 09 Nov 2020 15:14:26 -0800 (PST)
MIME-Version: 1.0
References: <CABNhwV1D7ng8JHJVUBrMhVmbQEQrhECBN_XUUcS5ZSV0WF=Lnw@mail.gmail.com> <4658abe3-909e-af0a-ddad-85db06e161ff@gmail.com> <CABNhwV1rBhWF6e7Tuk6L-R=gTmWgfXvFkWkCQyvbmEA06W3t0A@mail.gmail.com> <4088150e-1289-5c4f-184d-30df3e66f354@gmail.com> <CABNhwV2DQ_N8b8RsRAd0Bcd5v7qXV9Dq3p+BheQVxFz+zar-BQ@mail.gmail.com> <99059E36-BE6B-4DB1-AE9E-176154A0F730@isc.org>
In-Reply-To: <99059E36-BE6B-4DB1-AE9E-176154A0F730@isc.org>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Mon, 09 Nov 2020 18:14:15 -0500
Message-ID: <CABNhwV0t=GQ3mdXV7pKnEmeEsBC2SbLTVrk+tPu6agz=7YbamA@mail.gmail.com>
Subject: Re: SLAAC, Static & DHCPv6 day 1 interoperability issue
To: Mark Andrews <marka@isc.org>
Cc: Alexandre Petrescu <alexandre.petrescu@gmail.com>, Brian E Carpenter <brian.e.carpenter@gmail.com>, Dmytro Shytyi <dmytro@shytyi.net>, Dusan Mudric <dusan.mudric@gmail.com>, IPv6 IPv6 List <ipv6@ietf.org>, "draft-mishra-6man-variable-slaac@ietf.org" <draft-mishra-6man-variable-slaac@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000039cef005b3b4b90c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/S1PpPLKaT-KOSmomwiJjOT4a5Jo>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2020 23:14:30 -0000

On Mon, Nov 9, 2020 at 6:04 PM Mark Andrews <marka@isc.org> wrote:

>
>
> > On 10 Nov 2020, at 09:43, Gyan Mishra <hayabusagsm@gmail.com> wrote:
> >
> >
> > In-line
> >
> > On Mon, Nov 9, 2020 at 4:57 PM Brian E Carpenter <
> brian.e.carpenter@gmail.com> wrote:
> > In line...
> >
> > On 10-Nov-20 04:35, Gyan Mishra wrote:
> > > Brian
> > >
> > > In-line
> > >
> > > On Sun, Nov 8, 2020 at 3:14 PM Brian E Carpenter <
> brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>> wrote:
> > >
> > >     Gyan,
> > >
> > >     I don't think you were around for the original discussions, so
> there is an aspect that is missing from your logic below.
> > >
> > >     The inclusion of a separate interface identifier field in IP
> addresses was an entirely intentional feature of IPng. If all we had wanted
> to do was IPv4 with bigger addresses, that's what we would have done and
> the address length would have undoubtedly been 64 bits. In fact there were
> various proposals to do exactly that, with a variety of associated
> transition and coexistence mechanisms.
> > >
> > >     But the rough consensus was to do more than that, and to allow
> *extra* space in the address for an interface identifier that was not part
> of the subnetting mechanism. Originally it was going to be 48 bits, so the
> longest subnet prefix would have been 80; on second thoughts it was set to
> 64, which gave *exactly* the same extension to the subnettable space as we
> would have got from IPv4 with bigger addresses.
> > >
> > >     That isn't inconsistent with what we now call BCP198, which says
> that on links where an interface identifier & SLAAC isn't needed,
> subnetting can extend out to /127.
> > >
> > >     All that was despite the fact that we hadn't even realised the
> potential privacy benefits of a host-defined interface identifier at the
> time; that is much more recent.
> > >
> > >     As far "day 1" goes, please remember that DHCPv6 is a retro-fit:
> > >
> > >     RFC1971 IPv6 Stateless Address Autoconfiguration. August 1996
> > >     RFC3315 Dynamic Host Configuration Protocol for IPv6 (DHCPv6).
> July 2003.
> > >
> > >
> > >     Gyan> Makes sense then that as DHCPv6 was a retrofit “add on” to
> the base architecture that this issue came about afterwards.
> > >
> > >
> > >
> > >     (In fairness, draft-ietf-addrconf-ipv6-auto-00 was dated January
> 1995 and draft-ietf-dhc-dhcpv6-00 was dated February 1995, but it advanced
> very slowly compared to SLAAC.)
> > >
> > >
> > >     Gyan> From a problem statement perspective do you agree with the
> title of this thread “Day 1 interoperability issue”?
> >
> > No. From the dates of the RFCs, it's a "Year 7 interoperability issue".
> >
> >     Gyan>  I think you meant to say 17 year interoperability issue as
> RFC 3315 is dated 2003.   This is a MAJOR issue that had shackled operators
> in deployments of longer prefixes to host subnets.  That is a fact.
> >
> >
> > > Do you agree that one way to solve is to allow SLAAC to support longer
> prefix lengths?
> >
> > That's one way, but it's the wrong way. The right way is for all
> operators, including mobile operators, to assign /48 or /56 to all end
> users.
> >
> >     Gyan> If you go to the “root” of the problem the root is the
> original IPv6 specification RFC 1884 dated 1995, RFC 2373 dated 1998, RFC
> 3513 dated 2003 and now the present RFC 4291 dated 2006.  As soon EUI64 mac
> based IID become not recommendedR and obsolete the standard should have
> immediately updated RFC 4291 as the dependency on fixed IID is no longer as
> now random IID generation schema starting with RFC 4941 privacy extension
> dated 2007 soon became standard for all OS vendors and later RFC 7217
> stable IID became an alternative option to provide a “random” IID.
> >
> > Once random IID became mainstream in all Host Operating Systems it was
> at that moment that the standard should have changed to update RFC 4291 to
> permanently remove in all RFCs any mention of 64 bit boundary.
>
> No.  The point of having a “fixed” size is to make the lives of everyone
> on the planet easier.  How you fill in the last 64 bits is a orthogonal
> issue.  Having a fixed /48 for a site was made for the same reason.  To
> make everyone’s lives easier.


   Gyan> Well that is what is stated in RFC 3177 for a default /48
allocation which is obsoleted by 6177 which takes a step back and is now
not making any recommendations and is putting the onus on operators to
figure it out and do what they feel is best which would definitely not be
one size fits all approach.

Please read the summary section in RFC 6177 below

5 <https://tools.ietf.org/html/rfc6177#section-5>.  Summary

   The exact choice of how much address space to assign end sites is an
   issue for the operational community.  The recommendation in RFC
3177 <https://tools.ietf.org/html/rfc3177>
   [RFC3177 <https://tools.ietf.org/html/rfc3177>] to assign /48s as a
default is not a requirement of the
   IPv6 architecture; anything of length /64 or shorter works from a
   standards perspective.  However, there are important operational
   considerations as well, some of which are important if users are to
   share in the key benefit of IPv6: expanding the usable address space
   of the Internet.  The IETF recommends that any policy on IPv6 address
   assignment policy to end sites take into consideration the following:



>
> > So this change if I do the math is now 13 years past due.  Even if you
> gave a few years for host operating systems to adopt the new standard which
> I believe back then was fairly quickly the standard should have changed
> eliminating the 64 bit boundary.
> >
> > Think of all the problems “Day 17 years” this has caused and even now
> all of these threads.
> >
> > This is clearly an IETF standards issue and needs to be fixed.
> >
> > We can’t pass the blame to operators to dole out shorter prefixes or
> support PD.  The IETF really needs to take onus end fix the broken standard.
> >
> > Not going to happen for PDP as their are technical issue related to the
> Mobile Network Gateway to support PD.   I will try to dig up the exact
> reason but the network element is very different then a BNG broadband
> gateway which supports most all L3 features.
> >
> > As far as 3GPP operators they are following the well documented RIPE-690
> which only requires allocation of /64.  The main reason mobile operators
> are not making shorter prefix a standard is that is overkill from their
> perspective as you may have many mobile handsets in a household and there
> is no reason for everyone at a single location to have shorter prefixes per
> PDP.  When you are at honme you use your wired broadband and when are away
> from home on the road on 3GPP on PDP is when the segmentation comes into
> play to subdivide the /64 prefix to downstream devices but in a household
> is only needed to be provided by one of the devices.
> > Bottom line is from a 3GPP provider standpoint it does not make sense to
> provide a shorter prefix and I don’t think that will ever change even with
> 5G PDP.
> >
> > Fixed 5G broadband which is a wired broadband replacement will follow
> RIPE-690 guidelines and will allocation much shorter prefixes as with
> network slicing and other capabilities with 5G offers the requirements
> exist for shorter prefixes.  Not so much for PDP.
> >
> >
> >
> https://www.ripe.net/publications/docs/ripe-690#4-2-4--considerations-for-cellular-operators
> >
> > 4.2.4. Considerations for Cellular Operators
> >
> > There is a clear exception to the rule described above when assigning
> prefixes in a cellular network. In this case, a /64 will need to be
> provided for each PDP context for cellular phones, whereas for LTE
> modems/routers, i.e. in the case of broadband by means of cellular access,
> it will still be necessary to choose a /48 or /56 in accordance with the
> aforementioned considerations.
> >
> >
> >
> >
> >
> >
> > > Do you agree that this is a major operational issue that needs to be
> solved?
> >
> > Yes, but as Barbara says, that needs some collaboration with the SDOs
> and operator fora to get rid of /64 assignments.
> >
> >    Brian
> >
> > --
> >
> >
> > Gyan Mishra
> > Network Solutions Architect
> > M 301 502-1347
> > 13101 Columbia Pike
> > Silver Spring, MD
> >
> > --------------------------------------------------------------------
> > IETF IPv6 working group mailing list
> > ipv6@ietf.org
> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------
>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742              INTERNET: marka@isc.org
>
> --

<http://www.verizon.com/>

*Gyan Mishra*

*Network Solutions A**rchitect *



*M 301 502-134713101 Columbia Pike *Silver Spring, MD

v2.23.0 | Report a Bug | By Email