IETF Logo Mail Archive

Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05

Bob Hinden <bob.hinden@gmail.com> Fri, 03 May 2019 05:33 UTC

Return-Path: <bob.hinden@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26F7B12006B for <ipv6@ietfa.amsl.com>; Thu, 2 May 2019 22:33:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nN0D1HqZ1I1k for <ipv6@ietfa.amsl.com>; Thu, 2 May 2019 22:33:34 -0700 (PDT)
Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 133B3120059 for <ipv6@ietf.org>; Thu, 2 May 2019 22:33:34 -0700 (PDT)
Received: by mail-wr1-x433.google.com with SMTP id k16so6171022wrn.5 for <ipv6@ietf.org>; Thu, 02 May 2019 22:33:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=kJYlXf9TFCCc5uYYSIFTQStMemb+Bbca7oWxnUd/KN4=; b=D1G4f7TMjYRNApjR2oK5Nw2v3aZaZwNTWBq4zd6T5RT+LOpS0kuy4Rbugsxp4t33Dk MnGmBDJis4I0essF46UWlrTzwNvRTs9GjJu2m9bKbgG0Dma5L0EopwvjG+5sSGWV5eY3 w3aOfIkR/EjscODw4Zt25i2F2JDg87hkJcWfAI7Xfcd/+9gvNmkhKAfj4+NHnD45Df4u tBxiRTrTxOrSlZUXUnFLYIndYHPUOTgrXEFnkL/WXksmB/bLE5655p0yeYIV3kwNwwTE 7G9yvLO4d4BtPq/PgBhEcTR+o57GjvxT4GQ1yJSiJgU4h58PrgMg7cmyRjni3pmG7YT3 +shA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=kJYlXf9TFCCc5uYYSIFTQStMemb+Bbca7oWxnUd/KN4=; b=DfkhEXsGEGum5s9hqyNsb9g5AYFu+1kU1sOGP1Z2E6FIasu43wwKmntHCTlt9VSBNZ mZzzhNxhJKWejChKSZWZfuVWApoqkWSKuIYvgbWF/y/FhQqA5D3P7TOJsM10ZF+xJkye lW3TTgqo9niqx4HqdyIl4Kzalop6jYYjQQLLUt72s81fXgbiYI+RC84hdiyEOsp/QNh/ rv831IWkliQ9p4U715fCFY4jTA1t1kotCEP0nwLP1zXTlZFJqSDuFGgfMLqv/PvGREeX WPeBPNNehXjE8gv+AZYrV89PiZ2SkDRdD0USEK0ZLszWLkCzJN0QQ9StWULfvN/13yli LbNA==
X-Gm-Message-State: APjAAAWpgLGXh4l2LsMCgq+ro3t9zH051SGbqYrBduCkMoZy+P+fPR2H 1SnL5yU20ss/p49HPz4KHB4=
X-Google-Smtp-Source: APXvYqykIcKExH4onzxAet1eGlwsHG71GjxviupQL75OCOuRxcFbL+NHXrZeZNVGmc9BEzn+FJchTA==
X-Received: by 2002:adf:f7d0:: with SMTP id a16mr5226477wrq.211.1556861612468; Thu, 02 May 2019 22:33:32 -0700 (PDT)
Received: from [10.0.0.199] (c-24-5-53-184.hsd1.ca.comcast.net. [24.5.53.184]) by smtp.gmail.com with ESMTPSA id s2sm1142711wmc.7.2019.05.02.22.33.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 02 May 2019 22:33:31 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.8\))
Subject: Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05
From: Bob Hinden <bob.hinden@gmail.com>
In-Reply-To: <0DB31AD4-BD78-4962-A7E8-97513F236939@gmail.com>
Date: Thu, 02 May 2019 22:33:22 -0700
Cc: Bob Hinden <bob.hinden@gmail.com>, IPv6 List <ipv6@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <332ED492-2037-467D-AB98-FDB82A3E37C9@gmail.com>
References: <F8BFFCAD-E58E-4736-8A1C-56579B6F6032@employees.org> <a2465e81-a17f-ab48-efda-20fe12a70077@foobar.org> <30239E0C-C444-4A7E-8342-AEE47BF8A2BB@employees.org> <8b9fd743-bfcc-525c-98f6-154f3fa713cc@foobar.org> <CAO42Z2zEWvt9NyemMb8H0AEvPvmNSDGa4wcXiS6n5yRxNFCHQg@mail.gmail.com> <c7e18765-be04-6494-8193-984dbccb520b@foobar.org> <CANMZLAYh+V57yrWOzmUyjSMK0g95u1D5_GZmyZBMOMKAZnrnCg@mail.gmail.com> <3F474511-6FE3-4A0A-9B84-7C37F08FBB5D@steffann.nl> <E352C226-C708-4418-BCDE-10525CAB109A@jisc.ac.uk> <652fb10e-b8ce-0151-a9a0-62d2378caed2@gmail.com> <0079c716-d56c-7199-f493-f5e56e1307ae@foobar.org> <A0FF10A2-995B-40A1-B0AA-E3D9F0F64728@gmail.com> <0DB31AD4-BD78-4962-A7E8-97513F236939@gmail.com>
To: Gyan Mishra <hayabusagsm@gmail.com>
X-Mailer: Apple Mail (2.3445.104.8)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/_CnEmD9QgrqZpUUfOP-SGncSg04>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 May 2019 05:33:36 -0000

Gyan,

> On May 2, 2019, at 3:34 PM, Gyan Mishra <hayabusagsm@gmail.com> wrote:
> 
> One other important concept of this theoretical distant future of IPv6 only networks is that we would have to be 100% every server on the internet dual stacked IPv6 reachable entire internet local intranets and extranet peering networks to 3rd parties customers have to be 100% dual stacked or only on IPv6 and even if let’s say there is one host 1 url that is not dual stacked that can only be reached via IPv4 then you cannot do IPv6 only.

In Section 4. IPv6-Only Definition it says:

   It is expected that on IPv6-Only networks it will be common to access
   to IPv4 external services by techniques such as NAT64 [RFC6146] and
   DNS64 [RFC6147]  at the edge of the network.  This is beyond the
   scope of this document.

So it is not expecting that 100% of every server on the internet is dual stack.

Bob


> 
> I get it that the directional is to move to IPv6 but this is not going to make it happen any quicker but the risk with attack vector created is far worse that a little bit of IPv4 traffic.
> 
> Gyan
> 
> Sent from my iPhone
> 
>> On May 2, 2019, at 6:29 PM, Gyan Mishra <hayabusagsm@gmail.com> wrote:
>> 
>> I read through the draft as it has had 5 revisions and improvements I understand the rationale behind wanting this flag.
>> 
>> I would say my biggest concern with this flag at least introducing it now as we are not even anywhere close to a 50/50 tipping point that folks that end users would stop using IPv4.
>> 
>> The major downside is security vulnerabilities that can impact the mainstream of traffic flow which is IPV4.  
>> 
>> I could see introducing this flag let’s say we were past the tipping point and the proliferation and penetration of IPV6 was so tremendous that we were well beyond 50% and more like 70% plus and only few remaining stragglers on IPv4.
>> 
>> I would say for that to happen it would be beyond all of our lifetimes that the internet local intranet and extranet are even close to a tipping point
>> 
>> That being said the gains of negligible control plane dhcp traffic reduction is minuscule as compare to impact if their is an IPv4 outage from now newly introduced attack vector.
>> 
>> That being said I do not support this draf.
>> 
>> I would say maybe give it 50 to 100 years and I might change my mind given IPv6 penetration at that point.
>> 
>> Gyan
>> 
>> Sent from my iPhone
>> 
>>> On Apr 30, 2019, at 5:55 PM, Nick Hilliard <nick@foobar.org> wrote:
>>> 
>>> Brian E Carpenter wrote on 30/04/2019 21:48:
>>>> So I'd rather understand *why* the costs outweigh the benefits. One more thing for an operator to configure and check in each first-hop router, vs reduction of pointless traffic on updated hosts. I'm not sure how to make that an objective rather than a subjective trade-off.
>>> Hi Brian,
>>> 
>>> Email is being a serious barrier to communication in this discussion :-(
>>> 
>>> The problem statement just isn't there:
>>> 
>>> https://mailarchive.ietf.org/arch/msg/ipv6/GCGYTXhg0V9mQBrcO7zhC5wtnp0
>>> 
>>> The contents of this email largely still apply to the current text in -05.
>>> 
>>> The cost is too high:
>>> 
>>> https://mailarchive.ietf.org/arch/msg/ipv6/NIJ194PI8CLkuZT8U_jKEOY01QI
>>> 
>>> You've shown no analysis of realistic use cases.
>>> 
>>> For something standards track, and this far down the protocol stack and with such a large security considerations section, the proposal ought to be thoroughly compelling for a wide variety of deployment scenarios, but it isn't.  There are better ways of skinning this cat.
>>> 
>>> Nick
>>> 
>>> --------------------------------------------------------------------
>>> IETF IPv6 working group mailing list
>>> ipv6@ietf.org
>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>> --------------------------------------------------------------------
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email