IETF Logo Mail Archive

Re: [IPv6] Second Working Group Last Call for <draft-ietf-6man-rfc6724-update>

Ted Lemon <mellon@fugue.com> Thu, 11 April 2024 20:35 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 565A2C14F713 for <ipv6@ietfa.amsl.com>; Thu, 11 Apr 2024 13:35:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.896
X-Spam-Level:
X-Spam-Status: No, score=-6.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nSNBjB0-SL0N for <ipv6@ietfa.amsl.com>; Thu, 11 Apr 2024 13:35:15 -0700 (PDT)
Received: from mail-vs1-xe2c.google.com (mail-vs1-xe2c.google.com [IPv6:2607:f8b0:4864:20::e2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44446C14F710 for <ipv6@ietf.org>; Thu, 11 Apr 2024 13:35:15 -0700 (PDT)
Received: by mail-vs1-xe2c.google.com with SMTP id ada2fe7eead31-479dc603962so88717137.2 for <ipv6@ietf.org>; Thu, 11 Apr 2024 13:35:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20230601.gappssmtp.com; s=20230601; t=1712867714; x=1713472514; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=ZCQMWU449ALK19tYOYK6mS74tlGJebgpbu6K/QOHfRw=; b=bV+W0iDpHifBf6tH/warZzSZ369js3KPM6akP1pu4RyufRWjE/xBnNAT8pnoTa5l6i cQVnRnoOKjDP2CNA//eG3LtVw1nLxpRllTJSgJcsiV3sSBskdaRXUXrvuOjE1udjs0UJ 7W3vyPQpE1uoYhROOuHQ0S7mCD1S5L/MwcA/dQL4SofFAXRUzcVnMuMjyp8vE672H9s/ ag/Lg7sZDIFYNs/oclBv08fS55G1XE8D1VJqKlF7akr6dv4a5uSZWUiFrG1hR2U7KqhJ CNL3saCl3wPqLKXfBuCm2/Vms2pYnJ69zdO0SL870CnXxBbEMOdWSJFD3FVIvUmyTFQ8 1Nbg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712867714; x=1713472514; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ZCQMWU449ALK19tYOYK6mS74tlGJebgpbu6K/QOHfRw=; b=rwXKmdtrzfJVVZ2D3qm7wDAhTg4mRRU7Pkqs2yDaa1ABueZGAUnKxa1es9i3AwNEOo zTycGyqP8su53HuUtIlFdjjVX09qvFRexYKjK51j8KSkcl+/1eDANYXLj3d/5Rkttbtb x9vAEDBxpL50jvRxaG8gqwpbPRHMWbofhBArcQSXpXEcHLR5klLSLLcvCI+/VRfQSmmu ikU4nLLJxNdHlJvGbuE7oHOsXd8KwjVoEjgnTeIdC8tUO1g7eGXClOymycgpvFwjkklm Nd4INZyTLrX8DhljUweANjj/Hp2/Q6DNRTJpYJMkCoFJf/izszQMfUFsB3FcNBnYDqWT ckpQ==
X-Forwarded-Encrypted: i=1; AJvYcCXUH1szy2YY2QhRVmjcxCPJNu18hLkufIxugch/1722UkhZcaFfRwJXCKGcNU5iHc3L+EWdobDgLzgbSTa7
X-Gm-Message-State: AOJu0YyW1vVN1+kolgB/O50mMPGcGKnz8jV71AD7gOwV3if5zUx419jx ghjMZ86rqIqukTudGnRD9Kk57FRuktXH4+spEBu9JEq/i/shAfmZ8bM1DByyqxr/hgIp5BjscNZ 2C423Ohi0L9t7oxT85dLzY14+iDgMdtFryDSRNA==
X-Google-Smtp-Source: AGHT+IHCafFtGQOz+DSS2BqurYGzJ2OyNOte1Bzv8HOGiqmEL9yfk10KPFRJX3y8hqjcjYw3QY3ol9usLqyZlf40Xwc=
X-Received: by 2002:a05:6102:3caa:b0:47a:1d76:9ebb with SMTP id c42-20020a0561023caa00b0047a1d769ebbmr1005070vsv.35.1712867713911; Thu, 11 Apr 2024 13:35:13 -0700 (PDT)
MIME-Version: 1.0
References: <6A5E5F35-B35F-4358-8EE1-3BD82329141E@jisc.ac.uk> <6FBC1B5A-BF28-4B05-B2B2-A60DA4707755@gmail.com> <CAPt1N1m-Ye8vfOVnsPesFshLMV5QuVoxWqM=HVZiJ37zaBg6AA@mail.gmail.com> <CAKD1Yr1NTvFj0zB0=+nnUKck7TBtwHFz2XoFkD1smx4yCuZohQ@mail.gmail.com> <CAJU8_nWyE5TqBTXB9wfSkn6refaqYNVN967YAtCp-0VMk-5qWQ@mail.gmail.com> <CAPt1N1mqszfafMMY=54ezpoRymoy=bBjeVnWzxj6A27smR1eig@mail.gmail.com> <CAJU8_nWDDfwWEoahU4dqTEh3_HCq2UfpkFjefnXohb+5DAbjew@mail.gmail.com> <CAPt1N1nTJ1sDEQrn1iNUbvreu5bt0BweWgX7iOw6fmPgNBvUqw@mail.gmail.com> <CAJU8_nWsg=eGxu59akfB0+pOTJ-TYud-a_wGhtgnpp1RizVhrw@mail.gmail.com> <CAPt1N1nbTuSH4GGrimFAxe3YqTLbhiTX5KVjYsw+JRjoadzzrw@mail.gmail.com> <CAN-Dau36qjfT5YCPWAhko-RKjj3Cqeo-r9csM0fOadcdehvhBQ@mail.gmail.com> <161eca7b-0e2b-4110-9bbd-7fe4740052a2@gmail.com>
In-Reply-To: <161eca7b-0e2b-4110-9bbd-7fe4740052a2@gmail.com>
From: Ted Lemon <mellon@fugue.com>
Date: Thu, 11 Apr 2024 16:34:38 -0400
Message-ID: <CAPt1N1nC5G1On7WM1=Dn8jHa4CyupyZXa4wgotTZ3m46YwBHOw@mail.gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: David Farmer <farmer@umn.edu>, Bob Hinden <bob.hinden@gmail.com>, Lorenzo Colitti <lorenzo@google.com>, IPv6 List <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a2a9b00615d8172c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/VWt10NqJj6zS6XPWK223PU4CxEs>
Subject: Re: [IPv6] Second Working Group Last Call for <draft-ietf-6man-rfc6724-update>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2024 20:35:16 -0000

I don't think anybody has stated a use case for turning off the known-ULA
behavior, Brian. Kyle's objection is not that he thinks the behavior is
bad, but that he thinks it will delay implementation of the stuff he cares
about and encourage stuff he objects to. So being able to turn it off won't
make him any happier.

On Thu, Apr 11, 2024 at 4:25 PM Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> On 12-Apr-24 06:27, David Farmer wrote:
> >
> > On Thu, Apr 11, 2024 at 8:29 AM Ted Lemon <mellon@fugue.com <mailto:
> mellon@fugue.com>> wrote:
> >
> >     On Thu, Apr 11, 2024 at 8:51 AM Kyle Rose <krose@krose.org <mailto:
> krose@krose.org>> wrote:
> >
> >         On Thu, Apr 11, 2024 at 8:41 AM Ted Lemon <mellon@fugue.com
> <mailto:mellon@fugue.com>> wrote:
> >
> >             But this is counterfactual. Rght now if you publish a ULA in
> the global DNS, it will not cause a delay because no host with IPv6
> connectivity will try to connect to it. We only run into a problem if we
> decide to prefer all ULAs over all IPv4 addresses. That /will/ in fact
> cause delays.
> >
> >
> >         Because something is misconfigured. Right now, that
> misconfiguration is hidden, and becomes visible only when IPv4 connectivity
> is broken for whatever reason. Fix the glitch, which is the ULA in global
> DNS.
> >
> >
> >     Kyle, I don't know if you can see this from where you're sitting,
> but you are making a religious argument here. It is not a misconfiguration
> to put a ULA in the DNS right now in the sense that it causes a problem.
> It's a misconfiguration because it doesn't match your mental model of How
> Things Should Be.
> >
> >     I don't entirely disagree with you about this—I don't think that we
> ought to put ULAs in the global DNS. But I don't actually have a solid
> argument against Lorenzo's position—I just don't happen to agree with it.
> >
> >
> > I disagree with both of you. The distinction between local and global
> DNS only exists in the human mind. It doesn't exist in the DNS protocol or
> on the wire, except for the relatively recent availability of the .local
> zone.  And even with .local, there is no way to distinguish between
> different instances of .local.
>
> With mDNS, resolving printer.local comes back with a zone as well as an
> IPV6 address. It's different from normal DNS resolution, where all you get
> back is the AAAA. I do know that not all code on Linux deals with this
> correctly (
> https://github.com/becarpenter/misc/tree/main/zelect#linux-a-tale-of-woe).
> I don't know what happens if you try to have two instances of printer.local
> on two different interfaces.
>
> BTW, .internal is now defined (by ICANN, since the IETF didn't have the
> guts, apparently). That isn't a perfect solution, but it is an opportunity
> to do a better job of split horizon DNS. The challenge here is that not
> everybody agrees that split horizon DNS is a good idea, and not everybody
> agrees that ULAs in DNS are a bad idea, so we have weak language in RFC4193
> and no well-defined approach to split horizon.
>
> What I suggested yesterday still seems like the best way out for the
> current draft:
>
> >>> All implementations MUST support inserting known-local prefixes.
> >>> This feature MUST be configurable on or off.
> >>> This feature SHOULD be configured on by default.
>
>     Brian
>
>
> > You don't know if a .local query is for or if the response is from your
> instance or my instance of .local. Except for the .local zone, there is no
> way to know if a query is intended to be global or local or if a response
> is global or local. The protocol on the wire is identical, and any
> distinction is a fiction of the human mind.
> >
> > Furthermore, ULAs are global in scope, and if implemented correctly,
> they are effectively unique globally. The only real question is whether
> they are reachable or not, and preferring known-local ULAs and not
> other ULAs speaks directly to the reachability question. Whether or not the
> ULAs belong in the DNS or not, and how the DNS is configured, is
> irrelevant. The real question is only if they are reachable or not, and
> again, known-local ULAs resolve this question.
> >
> > Thanks
> >
> >
> >
> > --
> > ===============================================
> > David Farmer Email:farmer@umn.edu <mailto:Email%3Afarmer@umn.edu>
> > Networking & Telecommunication Services
> > Office of Information Technology
> > University of Minnesota
> > 2218 University Ave SE        Phone: 612-626-0815
> > Minneapolis, MN 55414-3029   Cell: 612-812-9952
> > ===============================================
> >
> > --------------------------------------------------------------------
> > IETF IPv6 working group mailing list
> > ipv6@ietf.org
> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email