Re: rfc4941bis: On the use of multiple addresses

Lorenzo Colitti <lorenzo@google.com> Fri, 31 January 2020 00:18 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7267120809 for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 16:18:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.499
X-Spam-Level:
X-Spam-Status: No, score=-17.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZaluAfD9mfbf for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 16:18:27 -0800 (PST)
Received: from mail-il1-x12d.google.com (mail-il1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BBD9A120807 for <6man@ietf.org>; Thu, 30 Jan 2020 16:18:27 -0800 (PST)
Received: by mail-il1-x12d.google.com with SMTP id i7so4695335ilr.7 for <6man@ietf.org>; Thu, 30 Jan 2020 16:18:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=DHrk4UNkjbC7uf/83eo3aSnZFrg8FW2UzKCBDgLuG0o=; b=J1mhrsvcXva5ekmLMhqHqPp4/QdYHpLQhbrZILgMOA9jdjXdLXW0AwqdkwIr3WObGo dqX5sZYPkoYzegs5G7iMePpo37wKXNFp+/V8lTmXygSzUVetw23pKsMZTQaFgiUggnsH jKfT2xbaWNfGThhPf9OZdQaXJMRpw6GtteXjsCuSo8WHgAFZXv+6Q7cUviZpXuQ4ieU7 kN4lTQKM8i2cgt/Lpg7wbPvBeR6bERIAbbWNzSLvxpOtXp5MHr/K3eNcknIXu3wZ89PE ZXbPrbWZVA+461qrlV3ZdiBO+ZlfM+wa8VaWQR+aG/kvvZnawMqcf9fNTpBXX2uRsDXU rC2w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=DHrk4UNkjbC7uf/83eo3aSnZFrg8FW2UzKCBDgLuG0o=; b=LnCoVXo3im6gZfnnPlo5p06P4jsvtrxXo9jnvrKGo4KxgnepinJNc5Vu3wqU18f4rM U+C3K7v5U/EovSAvQdimrpU8ppLwAcmronRS9IheTBuXl6yM/PQfAZ/rwFJ9piL3h0GP Td21Oy5bXghm+2DRPgaNmIsta9seDgMCGTGRRHJ6nmNuKLZt31479bMfGIVP57cpsgCH /5nkgioXUDFBSEf9Sg2+mmoyvT39j6eOC4dkKyDM15Emwb1+Tf8VmOuhbhW2aceU3/Sm APPVwhyWeymLmKA94xKEsCW7HJE0fTgeZPtUXHwLb0Fbm2DM4dmBTdr/aDO2iQ3v7u1k t+YQ==
X-Gm-Message-State: APjAAAW3V3tnPrspJeWlxzB5Riz129udAXwyvnD2oQabA7/CZUf/OvcT A5bI4aPdMTmb57iVd21OOgxErS+pjc0mJYmV0ooBYBch8svMNw==
X-Google-Smtp-Source: APXvYqyZm28tQ2tG/MyzgqLF7njiAgzYR4qiWG+NdmlwEw0sii6eq2KmnnaFM3pEX4fejCbI/q0qTpC4bz4wt43HMbI=
X-Received: by 2002:a92:8686:: with SMTP id l6mr7538729ilh.170.1580429906708; Thu, 30 Jan 2020 16:18:26 -0800 (PST)
MIME-Version: 1.0
References: <4c7c16fd-ddef-eec0-d34e-29e91df6ce25@si6networks.com>
In-Reply-To: <4c7c16fd-ddef-eec0-d34e-29e91df6ce25@si6networks.com>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Fri, 31 Jan 2020 09:18:15 +0900
Message-ID: <CAKD1Yr1-xNPPs9obsGnn28fU15NQ85NuXwTppCkF60twdKGMgw@mail.gmail.com>
Subject: Re: rfc4941bis: On the use of multiple addresses
To: Fernando Gont <fgont@si6networks.com>
Cc: "6man@ietf.org" <6man@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002ee2fb059d6483ad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Tt6Y2k0u76P3sFbzW0ARdqjhuto>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2020 00:18:30 -0000

I don't think the two RFC citations are appropriate. RFC 6583 is about the
size of subnets, not about the number of hosts per subnet. RFC 7039 is
about the SAVI framework, and I don't think there's anything in there about
limiting the number of bindings. I also can't find anything in that
document that talks about "enforcing port security that may enforce a limit
on the maximum number of configured addresses per host". SAVI is a security
mechanism to prevent spoofing, not a mechanism to limit the number of
addresses.

draft-ietf-mboned-ieee802-mcast-problems is relevant in the sense that more
addresses on the link create more neighbour discovery traffic. So how about
rewording to the following?

=====
Network deployments are currently recommended to provide multiple IPv6
addresses from each prefix to general-purpose hosts. In some scenarios, use
of a large number of IPv6 addresses may have negative implications on
network devices that permanently maintain forwarding entries for all
neighbour caches (e.g., [RFC7039]). Additionally, concurrent active use of
multiple IPv6 addresses will increase neighbour discovery traffic if
neighbour caches in network devices are not large enough to store all
addresses on the link. This can impact performance and energy efficiency on
networks on which multicast is expensive (e.g.
[draft-ietf-mboned-ieee802-mcast-problems]).
=====

On Fri, Jan 31, 2020 at 7:54 AM Fernando Gont <fgont@si6networks.com> wrote:

> Folks,
>
> Based on the recent discussion regarding the possible impact of the use
> of multiple addresses, I suggest we include the following text in
> Section 4 of rfc4941bis:
>
> "Network deployments are currently recommended to provide multiple IPv6
> addresses from each prefix to general-purpose hosts. However, in some
> scenarios, use of a large number of IPv6 addresses may have negative
> implications on some network devices (e.g. [RFC6583]), exacerbate other
> operational problems (e.g. [draft-ietf-mboned-ieee802-mcast-problems])
> and/or may lead to traffic employing these addresses being dropped by
> devices that enforcing port security that may enforce a limit on the
> maximum number of configured addresses per host (e.g. [RFC7039]). A
> discussion on possible approaches to allow for unconstrained use of IPv6
> addresses can be found in [RFC7934]"
>
> Thoughts?
>
> Thanks!
>
> Cheers,
> --
> Fernando Gont
> SI6 Networks
> e-mail: fgont@si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>