IETF Logo Mail Archive

Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05

David Farmer <farmer@umn.edu> Mon, 13 May 2019 17:44 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 025AD12019C for <ipv6@ietfa.amsl.com>; Mon, 13 May 2019 10:44:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8vplsyVHQYcT for <ipv6@ietfa.amsl.com>; Mon, 13 May 2019 10:44:33 -0700 (PDT)
Received: from mta-p7.oit.umn.edu (mta-p7.oit.umn.edu [134.84.196.207]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9BAC312001E for <ipv6@ietf.org>; Mon, 13 May 2019 10:44:33 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mta-p7.oit.umn.edu (Postfix) with ESMTP id BAA199A for <ipv6@ietf.org>; Mon, 13 May 2019 17:44:32 +0000 (UTC)
X-Virus-Scanned: amavisd-new at umn.edu
Received: from mta-p7.oit.umn.edu ([127.0.0.1]) by localhost (mta-p7.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v-nmCoVNeLoK for <ipv6@ietf.org>; Mon, 13 May 2019 12:44:32 -0500 (CDT)
Received: from mail-vk1-f198.google.com (mail-vk1-f198.google.com [209.85.221.198]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p7.oit.umn.edu (Postfix) with ESMTPS id 68C8D48 for <ipv6@ietf.org>; Mon, 13 May 2019 12:44:32 -0500 (CDT)
Received: by mail-vk1-f198.google.com with SMTP id y19so6802461vky.4 for <ipv6@ietf.org>; Mon, 13 May 2019 10:44:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=zryU/fNVYgX8+u5Rwj7Akq8/DcLdRl+dAukWGKX+fCg=; b=TVVY2oyaBLpOnMOmXjHPQkehV7qk+iFmyoev3phtM/pbo/YJoJNNg5FhrrHdiO+HJn 8sgyhMjjh+vVVHDqfzsbDrCFECZN4nb+bDWQMY/qBrBDXeyGoPxQecfPe1gRPS8RgIlo bkBCCqQQNkyIz3EGLlpFEo3mmtKm3ZOcRyNR3SP90eCHriqKmNsMbwFeLU/bvuFLIW5b S8mmBlAIU0ZPWU5OuP2uvQ3VcewrAYj5gBe3ujIBkzp3TgkZS1uKlrh939OGz+UcbYgK 4womi4o+YdOjWnC0xpTQuUWfcMNAgdm5wjfomBbJD9C7jESGcygTXxsRjMein+T0QNos TGdQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=zryU/fNVYgX8+u5Rwj7Akq8/DcLdRl+dAukWGKX+fCg=; b=kxXFaOLbQYfpRFVGSy92a5o6ABGMv4MwLIX1i4r8xjKqbISXv7GROE2aElYmUoAv8B azjIX9q4tiH6B2t2lQMglvv3XE33AmcyPv8W9DJTulG/cai9xb7JVF7V0neNUpBsLIUB bbbSREtqWs+FxQ5b0xjRr5ikwOPNGhlJTCcgPSEuOaCgB4TggjRRGAvUlrFJ+SnbrFKh ltVFiCxiUMoQl+k9ocxkGbsSpV9Uoa4Gt5Yf0wfpPDBl5ejkm0evQqldZsl+jWJI4Kba 1bg6qEi2FacSEgYf0olcdEAwAJ/X0ota32K/fmUyRI7XmeFeUsWh1yWBXEi42vKb50Py hDXA==
X-Gm-Message-State: APjAAAU/7xCrnutN2x2rZWUALQI77ERSDwXP7unh5z2D2eRDO5yHSn8M t2GcyMyUYkoNbl0x/bDLLSHuzeZp9dtp5IXxPtvBQKmbhYLxAi+2mHs+LToUfnLJlZn/cO2fOnQ ushLOLKKi9tG3apEgt9qaNQcF
X-Received: by 2002:a9f:3e4e:: with SMTP id c14mr13843335uaj.71.1557769471035; Mon, 13 May 2019 10:44:31 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxAc4W+M8lZrJ8o0PKCJM/1lW+385KH87n1IqJVOVEZssd+Qnev7p3IV5LhRh3ty5SnRxwTlovT5qvCtPy3w6I=
X-Received: by 2002:a9f:3e4e:: with SMTP id c14mr13843311uaj.71.1557769470564; Mon, 13 May 2019 10:44:30 -0700 (PDT)
MIME-Version: 1.0
References: <F8BFFCAD-E58E-4736-8A1C-56579B6F6032@employees.org> <a2465e81-a17f-ab48-efda-20fe12a70077@foobar.org> <30239E0C-C444-4A7E-8342-AEE47BF8A2BB@employees.org> <20190505200449.GB7546@vurt.meerval.net> <80073906-c3c0-1f22-9e7f-c2b349063936@gmail.com> <CAO42Z2xzVW3m0mN7jEn8SYyYCYhrufVnkfp3rBjJcijBkvucNQ@mail.gmail.com> <CACWOCC-35yVYXSRR0sRL-MBMHyOFZtJx9E9h14G8qqVh5T7qGA@mail.gmail.com> <232c1a43-0fd9-4eae-737b-260a3906f72a@gmail.com> <663F6C0B-7B8A-4088-B9C0-B2867B0C3EB8@gmail.com> <CAN-Dau3VJN7qNHAW-yStMrDRCa4vsDs2ObkAxswnYbcHde2t_w@mail.gmail.com> <m1hPqHO-0000J8C@stereo.hq.phicoh.net> <CAN-Dau3R=4JbcbK7tWkJKYzVjq7DvAAEjVsbCLbZdYYO8OJ0YA@mail.gmail.com> <m1hQ7Dm-0000M3C@stereo.hq.phicoh.net> <CAN-Dau040j6U+1CCn0QJiVMy2nVShHqqSFdCkM-FbMAH-2wjRA@mail.gmail.com> <m1hQCYr-0000KBC@stereo.hq.phicoh.net>
In-Reply-To: <m1hQCYr-0000KBC@stereo.hq.phicoh.net>
From: David Farmer <farmer@umn.edu>
Date: Mon, 13 May 2019 12:44:12 -0500
Message-ID: <CAN-Dau3Lcv3qTBVtig36RfbQKuGpoqdTLfrM=eWfYxCCQRy5Sw@mail.gmail.com>
Subject: Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05
To: Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com>
Cc: 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ef6f250588c877b5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/UYYj-HyB76AVco8x6IY6QZk-K-Q>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 May 2019 17:44:36 -0000

On Mon, May 13, 2019 at 10:08 AM Philip Homburg <
pch-ipv6-ietf-6@u-1.phicoh.com> wrote:

> >I don't propose this, I simply contend that it is what RFC3927 and
> >dual-stack model intends. Per Section 2 of RFC 4213, the dual-stack model
> >expects dual-stack hosts to be fully compatible with IPv4-Only hosts.
>
> RFC 4213, Section 2.1 starts with:
> "Because the nodes support both protocols, IPv6/IPv4 nodes may be
> configured with both IPv4 and IPv6 addresses."
>
> Nowhere does RFC 4213 Section 2 say that IPv4 address configuration has to
> be the same between IPv4-only and dual stack.
>

The very first sentence of RFC 4213 Section 2 says, "The most
straightforward way for IPv6 nodes to remain compatible with IPv4-only
nodes is by providing a complete IPv4 implementation." You are basically
suggesting that RFC3927 isn't needed. Which seems to be part of a complete
IPv4 implementation, at least as far as I can tell.


> Beyond that, IPv4 is a legacy protocol. There is no reason we can't publish
> a RFC that updates a RFC from 2005.
>

Yes, we can update it, but we need consensus to do so and doing it the way
you suggest will break or at least make things that work less reliably than
they do today, so I'm not sure we'll get consensus for what you suggest.

Some people didn't link the breakage possible with this flag, at least
before I suggested that it should be a secondary signal and the lack of
IPv4 DHCPOFFERS should be the primary signal to not configure a global
scope unicast IPv4 address.


> >Further, there are good reasons to require this for compatibility between
> >dual-stack hosts and IPv4-Only hosts. If dual-stack hosts were to do as
> you
> >say and not configure a Link-Local IPv4 address if they have a working
> IPv6
> >address they would not be able to communicate with IPv4 Link-Local or
> >global scope unicast IPv4 addresses on the local link unless they receive
> a
> >global scope unicast IPv4 address via DHCPv4. Your proposed change breaks
> >the dual-stack model.
>
> Please provide examples where people are actively using IPv4 link local
> together with IPv6-only in the case the DHCPv4 server fails.
>

The point is RFC3927 is automatic, most of the time you don't even know you
are using it.  But the easy example of what you break would be printing to
a local IPv4-Only printer. If the dual-stack host doesn't receive a global
unicast IPv4 address and it doesn't configure an IPv4 Link-Local address it
won't be able to print to the local IPv4-Only printer. This kind of thing
would be rather common in the home network environment, and RFC3927 is
important when there are issues with the Internet gateway.


> I clearly wrote that the user should be able override this behavior. So if
> a site wants to use IPv4 link local to access legacy devices, then the user
> would have to change a setting. That's to be expected if you want to use
> legacy devices in a modern network.
>
> IPv4 is a legacy protocol. We should not add protocol complexity just to
> keep
> obscure IPv4 features alive.
>

Then you are saying that it is ok for local access at unmanaged sites to an
IPv4-Only device can be broken when there is an issue with the local
gateway.


> >By the way, do you mean any working IPv6 address? Because all IPv6 host
> >will have an IPv6 Link-Local address. So, do you mean a global scope
> >unicast IPv6 address?
>
> Just an IPv6 link-local is not evidence of IPv6 connectivity. My guess is
> that checking for any global address is enough. But if a stack wants to
> go beyond that and make sure that there is global connectivity and access
> to a DNS resolver then that is fine with me.
>

I figured that is what you meant, but we need to be specific.


> >Without some kind of explicit signal that a network is intended to be
> >IPv6-Only, per Section 2 of RFC4213 a dual-stack host needs to be fully
> >compatible with IPv4-Only hosts that could be on the dual-stack network.
>
> There is no need to maintain obscure details of a legacy protocol.
>
> If IPv4 link locals combined with IPv6 are in active use, then obviously
> that
> would make the situation. But, as far as I know, IPv4 link local is
> useless, except for some rather obscure edge cases.
>

Those edge cases you think are so obscure, happen every day in the home
environments when the provider gateway goes away, and there are IPv4-Only
devices.


> For most people, an IPv4 link local just means that DHCP failed. Not some
> thing you use in a network design.
>

Yes, but if you want local access to work in the meantime then you need
RFC3927.


-- 
===============================================
David Farmer               Email:farmer@umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================

v2.23.0 | Report a Bug | By Email