IETF Logo Mail Archive

Re: Alternatives to the flag (Was:Confirmation to advance: draft-ietf-6man-ipv6only-flag-05)

David Farmer <farmer@umn.edu> Wed, 15 May 2019 22:29 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BB0312009C for <ipv6@ietfa.amsl.com>; Wed, 15 May 2019 15:29:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t_bcMLl1XKmh for <ipv6@ietfa.amsl.com>; Wed, 15 May 2019 15:29:40 -0700 (PDT)
Received: from mta-p7.oit.umn.edu (mta-p7.oit.umn.edu [134.84.196.207]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AAEA120041 for <ipv6@ietf.org>; Wed, 15 May 2019 15:29:40 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mta-p7.oit.umn.edu (Postfix) with ESMTP id B55E099E for <ipv6@ietf.org>; Wed, 15 May 2019 22:29:39 +0000 (UTC)
X-Virus-Scanned: amavisd-new at umn.edu
Received: from mta-p7.oit.umn.edu ([127.0.0.1]) by localhost (mta-p7.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0aXf0494ShNj for <ipv6@ietf.org>; Wed, 15 May 2019 17:29:39 -0500 (CDT)
Received: from mail-vk1-f197.google.com (mail-vk1-f197.google.com [209.85.221.197]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p7.oit.umn.edu (Postfix) with ESMTPS id 6636AB9A for <ipv6@ietf.org>; Wed, 15 May 2019 17:29:39 -0500 (CDT)
Received: by mail-vk1-f197.google.com with SMTP id s5so495651vkd.0 for <ipv6@ietf.org>; Wed, 15 May 2019 15:29:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZcNmxvwDWygnjw9H1b6fEwexPcvUSP+agK7f9tyMVIw=; b=klBG75ePhBbB1c6iR0bb8l9grQgyLy4iUbK2TAYxzW2mIMYJPCtVpuy3iWl/WWlg7/ jfKhBtTZDFDaqU23FHSSnjrdpqRWVDzehHsPX9CqUvriewTmvgK+lwszEIyBnY7EetUm BbEs5cUkTCiuG4Rfds4AbaT7FRV+mD9uo8FBZL2SXKvph32muXsn7hF+CLam8Ias7QVM B6s4GhF/f8CNO1ixMtFbOFMUOmJM78QYnVns397hZIKXYweZa24fPUGuzHzZCXv37D5+ cnDVlD2sz6VbHNaHrkupfdwvxLG8ZwJhuy0Jh9enI4tCRbNdSAIf+oM+bRl5LJpYpPJ1 nEIw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZcNmxvwDWygnjw9H1b6fEwexPcvUSP+agK7f9tyMVIw=; b=GqhGQH0THsnmzSse870oKuM5EkaTMZRkZdcUcF0jSgumZYETkOwzKKh2IuiBLY1ZcN 7uLexndM/ry4a1czoVubFS9omKynWXHudUs07j76qS4NsFj4knJbiuIWQvtCOuiZjaMY 0+iemVTPZN5uOXNmQ+TuSTWjx8JK3zCAlT//BC6G0ihF/AgT9hweFGhXo+7xAjE/iqyu cXq04BNktcah1j6IQhTpcO5QyIOhcX39plof/nw/71F0VfAfqlDnvHQFW/0RnFIGckz1 uWwTv9rDGQqhGY8H7gT789vlUiNsUB7tHXK8GTaLm6olmApRLZ/KmPTBotThn7psZCOd kg4w==
X-Gm-Message-State: APjAAAW8YrLErl7wXBfxMJzc4IbNUEKrtvQjOP6/jBiUqjuag+kH1IMI P8jVqBlpBmGfR72p8CzeGx/BWVqse4hhTREwhyDDCAoBN6m376gFsLVQtCj5KDF8uLot1nooDz7 omZqSuk84KGMABlKuvrInkEDd
X-Received: by 2002:a67:87cf:: with SMTP id j198mr6199543vsd.167.1557959378485; Wed, 15 May 2019 15:29:38 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzUUoWxDgH9CEmYKDS2eHtyRB+OtYN1RBw4fSDIvPn+Ox82kidw8V5PxsTvY38kYR5kjYKWIDdiaUDDD3S7daA=
X-Received: by 2002:a67:87cf:: with SMTP id j198mr6199526vsd.167.1557959378045; Wed, 15 May 2019 15:29:38 -0700 (PDT)
MIME-Version: 1.0
References: <F8BFFCAD-E58E-4736-8A1C-56579B6F6032@employees.org> <a2465e81-a17f-ab48-efda-20fe12a70077@foobar.org> <30239E0C-C444-4A7E-8342-AEE47BF8A2BB@employees.org> <20190505200449.GB7546@vurt.meerval.net> <80073906-c3c0-1f22-9e7f-c2b349063936@gmail.com> <CAO42Z2xzVW3m0mN7jEn8SYyYCYhrufVnkfp3rBjJcijBkvucNQ@mail.gmail.com> <CACWOCC-35yVYXSRR0sRL-MBMHyOFZtJx9E9h14G8qqVh5T7qGA@mail.gmail.com> <232c1a43-0fd9-4eae-737b-260a3906f72a@gmail.com> <663F6C0B-7B8A-4088-B9C0-B2867B0C3EB8@gmail.com> <CAN-Dau3VJN7qNHAW-yStMrDRCa4vsDs2ObkAxswnYbcHde2t_w@mail.gmail.com> <m1hPqHO-0000J8C@stereo.hq.phicoh.net> <CAN-Dau3R=4JbcbK7tWkJKYzVjq7DvAAEjVsbCLbZdYYO8OJ0YA@mail.gmail.com> <m1hQ7Dm-0000M3C@stereo.hq.phicoh.net> <CAN-Dau040j6U+1CCn0QJiVMy2nVShHqqSFdCkM-FbMAH-2wjRA@mail.gmail.com> <m1hQCYr-0000KBC@stereo.hq.phicoh.net> <CAN-Dau3Lcv3qTBVtig36RfbQKuGpoqdTLfrM=eWfYxCCQRy5Sw@mail.gmail.com> <m1hQfSy-0000LTC@stereo.hq.phicoh.net> <CAN-Dau3akjaZ-j16ucOY=-d0nabG4ZdFs6wrSD4EGr3NEh9Wsw@mail.gmail.com> <e2f9520e-a0b6-baac-b0fc-6c834b6bad44@foobar.org>
In-Reply-To: <e2f9520e-a0b6-baac-b0fc-6c834b6bad44@foobar.org>
From: David Farmer <farmer@umn.edu>
Date: Wed, 15 May 2019 17:29:22 -0500
Message-ID: <CAN-Dau1pLTQ9o=jFDYiF7gM+Nq8sGtujn4ZN=Q-CfAtd5NNjPg@mail.gmail.com>
Subject: Re: Alternatives to the flag (Was:Confirmation to advance: draft-ietf-6man-ipv6only-flag-05)
To: Nick Hilliard <nick@foobar.org>
Cc: Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com>, 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000004dac080588f4afb6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/_fSWVsWlYOGlDS6EEHjgVS-Dsj4>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 May 2019 22:29:43 -0000

On Wed, May 15, 2019 at 9:10 AM Nick Hilliard <nick@foobar.org> wrote:

> David Farmer wrote on 15/05/2019 14:27:
> > Ok, I could live with that. But, when I've heard this kind of thing
> > discussed before there were serious objections to it. The objections I
> > remenber heraing were the change you propose effectivly breaks local
> > printing from a dual-stack host to an IPv4-Only printer if there are any
> > problems with the local DHCP server.
> >
> > So, I'm not willing to drop what I think is a viable solution to the
> > problem unless other stakeholders are willing to buy into this kind of
> > change. In particular, I'm thinking the people maintaining mDNS in dnssd
> > wg. I can't see making the change proposed above without their buy-in.
> >
> > In theory, an IPv4 stack could passively detect the filtering of
> > Ethertype 0x0800 and 0x0806 by passively looking for other ARPs and/or
> > IPv4 service discovery traffic. However, both of these types of MAC
> > layer broadcast traffic are typically suppressed on most WiFi networks
> > by the use of proxy ARP and service discovery proxying or other forms of
> > control or filtering to limit MAC layer broadcast which is very
> > inefficient on WiFi.  And, battery-powered WiFi devices is where
> > suppressing the futile IPv4 traffic is most useful in this whole
> discussion.
> >
> > So I think we either need the flag or disable RFC 3927 by default on
> > dual-stack hosts.
>
> Mikael kindly pointed out that I misread your email.
>
> If there are ipv4 ethertype filters in place, RFC 2563 will obviously
> not work because dhcp requests will be blocked. This means that any
> traffic from the host device to the network will be broadcast (ARP) or
> multicast (mdns) only.
>
> MAC layer broadcast/multicast from AP to host is inefficient on WiFi
> because it uses basic rate, but we're talking here about a network with
> L2 ACLs in place, so this won't happen.  Host to AP broadcast/multicast
> frames are sent by unicast to the AP, i.e. normal transmit rate, which
> is efficient in terms of power usage.  That said, the low priority
> nature of mdns can be used to deprioritise transmission of these frames,
> i.e. coalescing transmits with other ipv6 packets, so that you don't end
> up with chip wakeups.


Ok, maybe I buy that, can someone tell me if that done today?


> Also, you can heuristically determine that if
> there are no mdns replies on ipv4 but plenty on ipv6, that ipv4 isn't
> active on the network.
>

So please expand on how you heuristically determine you don't need mDNS or
maybe IPv4 LL especially in the presence of ARP and service discovery
proxies which are common on WiFi to suppress MAC Layer broadcasts. Which I
believe makes it had to passively see others host's broadcast. I suppose
you could do an mDNS query for all host on the network and then get back
nothing and decide you are on an IPv6-Only network. But then how would you
know for sure you just aren't the only mDNS speaker on a dual-stack network
at the moment.

Talking this through, if you Layer 2 filter on IPv6-only, I agree that you
prevent any IPv4 traffic from waking up other devices on the network. But
dual-stack battery-powered devices will still produce futile IPv4
DHCPDISCOVERS, exponential back-off work for this. I'm not too worried
about the initial round, I think that is good power spent for now since the
host probably on a dual-stack network, not an IPv6-Only network. However,
I'm not seeing a good heuristic for squelching the IPv4 LL service discover
traffic. Now, I'm ok with what Philip proposed just don't do RFC3927 on
dual-stack hosts, but I don't think other stakeholders will go for this,
but I could be proved wrong.

So without a good heuristic for squelching the IPv4 LL service discover
traffic, battery-powered devices will futilely generate traffic, now I
grant you these devices won't use any more power than they would on a
dual-stack network, and in fact maybe a little less because they will never
receive IPv4 back in response. But if this traffic could be squelched,
there would be power savings, but you seem to be claiming this isn't worth
the effort. I think this is where we disagree.


If there are no MAC ACLs in place, then RFC 2563 provides a solution to
> ipv4 mdns chatter.
>
> Either way, the justification for another flag seems to be limited.
>

A good heuristic for squelching the IPv4 LL service discover traffic isn't
obvious to me.

Dropping RFC3927 on dual-stack hosts would work, but I'm skeptical of
needed buy off for that plan.

I'd be open to changing my mind with a good heuristic for squelching the
IPv4 LL service discover traffic, without it, the justification for the
flag is good enough for me.

-- 
===============================================
David Farmer               Email:farmer@umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================

v2.23.0 | Report a Bug | By Email