Tussles in IPv6 Land
Brian E Carpenter <brian.e.carpenter@gmail.com> Sat, 10 June 2017 01:33 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A7436126C89 for <ipv6@ietfa.amsl.com>; Fri, 9 Jun 2017 18:33:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DmL9IJUxcS6J for <ipv6@ietfa.amsl.com>; Fri, 9 Jun 2017 18:33:12 -0700 (PDT)
Received: from mail-pg0-x22f.google.com (mail-pg0-x22f.google.com [IPv6:2607:f8b0:400e:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 754F5126C7A for <ipv6@ietf.org>; Fri, 9 Jun 2017 18:33:12 -0700 (PDT)
Received: by mail-pg0-x22f.google.com with SMTP id f185so31267750pgc.0 for <ipv6@ietf.org>; Fri, 09 Jun 2017 18:33:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:organization:to:message-id:date:user-agent :mime-version:content-language:content-transfer-encoding; bh=cBuHSBYBnzCK8obEw2jnujyZ+HWPfKIxkF5a+XG6j8c=; b=aAWL4cVkd5RacBNnIpm9rzcjCqLkKsGYx7ZQmIpBe9zt2e8uZX3h5HJHv4es9Fz6qo wrlAzrtydDBCSm41gbhOrfjSAQ3kTvd+ZJkd6Hr0kaCqbyIhMwrIta4vnx+NLnVU5qtv QVNCbCGPlieyQvOGKQ7886MXUDvFH6ulxLLL0W4xugMziaIl3GlqVltFfp6RrEX60N5F YAXG+YG0i7F7r7Ep33+aL951UGDkfHXU3wGTHlkcSU713ul0rVM5ILumKBHhd/HIJTuk 5dX94OiCf73g8KtYarOHbiTgW29ZbSM5cD0vKZXWOQRttd+RQzXVaxhnO2b9scFt3eBQ P/qQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:organization:to:message-id:date :user-agent:mime-version:content-language:content-transfer-encoding; bh=cBuHSBYBnzCK8obEw2jnujyZ+HWPfKIxkF5a+XG6j8c=; b=GrEfcypkV0obySD5NhxMnmZ0/CjyhgyOok4WSY8U2JzX7fM9lzSvHfPPAn+W44RQvE /OHOa8r6NMt2cpuEJa8ZSnGarUo+OgQOj72kJitJpaJ4BoPRAp17L8FkIZh7aN18rCMG yUwBQbf65gKxEDtI5mMxzmuVHt0IGiZTLDVjnw0n42JUzaCCAxV5/pQ0q+p2eEIAOv+W rp8FqxW/MK1MD02R0m5cLtA1dCjOwdzgcwrHal0UBgr1CDYZhvYl97o9+un++KG/oHiX sHQJHc7iRiEp09p1Zt3C9JpXSeIeDq2zInVbSxpnAq/ted2VOF582VdT6o6E4eH8Wb+N OoAQ==
X-Gm-Message-State: AODbwcBJ3OUYf5qVQokCHP5mPu7WtkLgoTqpA8Zh8iWyxD/lMdqdgyUq t5VsYndQ+B/USRtD
X-Received: by 10.99.152.70 with SMTP id l6mr45470366pgo.136.1497058391772; Fri, 09 Jun 2017 18:33:11 -0700 (PDT)
Received: from [192.168.178.21] ([118.148.119.180]) by smtp.gmail.com with ESMTPSA id m123sm5435527pfc.51.2017.06.09.18.33.08 for <ipv6@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Jun 2017 18:33:10 -0700 (PDT)
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Subject: Tussles in IPv6 Land
Organization: University of Auckland
To: 6man <ipv6@ietf.org>
Message-ID: <13c1417b-36ab-b608-599e-8293c0a87402@gmail.com>
Date: Sat, 10 Jun 2017 13:33:17 +1200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/ameL9YL-0H2ZRGaPS7ErmEoMW6A>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Jun 2017 01:33:15 -0000
Hi, I wrote the text below a couple of months ago, but then got distracted. However, I do think it's important that as we argue about (for example) /64, to remember what's going on behind the apparent argument. Regards Brian Tussles in IPv6 Land Today (April 2017) we seem to have three very active tussles in the IPv6 technical community. 1. Is header insertion on the fly OK, or is it the work of the devil? 2. Is the fixed interface identifier length of 64 bits OK, or is it the work of the devil? 3. Which is the work of the devil: getting the DNS server address via Router Advertisments, or getting the DNS server address via DHCPv6? Each of these issues has generated several hundred emails recently. Clearly, they matter to some part of the community. Why? And why now? None of them are exactly new. Why they matter *now* seems clear. IPv6 is on the march. Although there are still IPv6 'deniers' it's become a bit like climate change denial: the temperature is up, the waters are rising. More and more operators are being forced to consider IPv6 not as a remote possibility, but as a requirement that will directly impact how they operate and how much it costs to operate successfully. To a significant extent the above three issues are tussles between operational needs and conceptual purity. To be specific: 1. Large data centres need to achieve throughput and parallelism. To do that they need to chain services together across very large numbers of nodes. The large address space of IPv6 is potentially very valuable for that, if it can be brought to bear: and an attractive way of doing so is segment routing. An attractive way of doing segment routing is using an IPv6 routing header. An attractive way of doing that within the data centre is by having the first-hop router insert the IPv6 routing header, so that the application servers don't need to know about it. So data centre operators like this idea. So router vendors like this idea too. Unfortunately, many people involved in the IPv6 design think it's a terrible idea (and a misreading of the IPv6 standard). That's because inserting stuff (any stuff, not just this header) in a packet changes its length and thereby breaks all known methods of determining the maximum packet size allowed on a given path across the Internet. So, header insertion is the work of the devil across the Internet and also the goose that might lay the golden egg inside a data centre. 2. The interface identifier length was fixed at 64 bits about 20 years ago. It was not an arbitrary choice then - it was designed to match the hardware address size of FireWire, then expected to be the network of the future. (It actually turned out that the network of the past, Ethernet, became the network of the future. But if we'd fixed on 48 bits for that reason, we'd be having the same tussle about 80+48 that we're having today about 64+64.) Network operators have two complaints about the boundary at 64 bits. Firstly, although in theory it could be different for different media (for example, 64 for FireWire and 48 for Ethernet) in practice it's been set at 64 for everything. Secondly, bitter experience with IPv4 25 years ago taught everybody (we thought) that routing should always be "classless" with no rigid rules about the length of routing prefixes. But the de facto rule in IPv6 is that leaf subnet prefixes MUST be 64 bits long. ISP operators would like that 64-bit boundary to float. Unfortunately, many people involved in the IPv6 design think it's a terrible idea (and a change to the IPv6 standard). There are several reasons for that - though the main one seems to be that having a 64 bit boundary everywhere makes portability (of code, and of computers) easier. Also, much software blindly assumes the 64 bit rule. But this has its own downside: suppose an ISP follows bad practice and gives a retail subscriber exactly one 64 bit prefix. If the subscriber needs to operate more than one subnet in their home or office, they simply can't do so unless the 64 bit rule is relaxed. That wastes considerable potential for IPv6 deployment. But - again, but - if the 64 bit rule was made flexible, perhaps some ISPs would decide to go further - say give a retail subscriber exactly one 80 bit prefix. This could generate a race to the bottom, where the really cheap and nasty ISPs give a subscriber, say, exactly one 120 bit prefix, wasting even more of IPv6's potential. On this argument, sticking to the 64 bit rule seems safest. So, the 64 bit boundary is the well-understood solution that works everywhere, or the spawn of the devil that blocks future flexibility for both routing and address space conservation. 3. An IPv6 host can get its DNS server's IPv6 address in two ways (let's call them Alpha and Omega). Therefore, a router can supply a DNS server's IPv6 address in two ways (also Alpha and Omega of course). So some host operating systems support Alpha or Omega alone; some routers support both, but others support either Alpha or Omega alone. So it is entirely possible for a host that only supports Alpha to roam to a network that only supports Omega (or vice versa), in which case the host can't get DNS service over IPv6 at all. Believe it or not, the fallback is then DNS service over IPv4, even to retrieve IPv6 addresses. Alpha is the work of the devil if you (a network operator) prefer to assign host addresses using Omega. And vice versa. However, some operators are pragmatic enough to support both Alpha and Omega in their routers, regardless of whether they prefer Alpha or Omega for assigning addresses to hosts. So this is an interesting tussle, because operators don't agree among themselves about the best approach; neither do router vendors; neither do host operating system developers. Feel free to assign the values "RA/RDNSS" and "Stateless DHCPv6" to Alpha and Omega either way round. It makes equal sense. --
- Tussles in IPv6 Land Brian E Carpenter
- Re: Tussles in IPv6 Land Richard Hartmann
- Re: Tussles in IPv6 Land otroan
- Re: Tussles in IPv6 Land otroan
- Re: Tussles in IPv6 Land Brian E Carpenter
- Re: Tussles in IPv6 Land Tim Chown
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land Richard Hartmann
- Re: Tussles in IPv6 Land Tom Herbert
- RE: Tussles in IPv6 Land Raymond Burkholder
- Re: Tussles in IPv6 Land John Leslie
- Re: Tussles in IPv6 Land Lee Howard
- Re: Tussles in IPv6 Land james woodyatt
- Re: Tussles in IPv6 Land Behcet Sarikaya
- RE: Tussles in IPv6 Land Manfredi, Albert E
- Re: Tussles in IPv6 Land Behcet Sarikaya
- Re: Tussles in IPv6 Land Fred Baker
- Re: Tussles in IPv6 Land Brian E Carpenter
- Re: Tussles in IPv6 Land james woodyatt
- Re: Tussles in IPv6 Land Roger Jørgensen
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land Mark Smith
- Re: Tussles in IPv6 Land Lee Howard
- Re: Tussles in IPv6 Land Sander Steffann
- Re: Tussles in IPv6 Land Alexandre Petrescu
- Re: Tussles in IPv6 Land Mark Smith
- Re: Tussles in IPv6 Land Alexandre Petrescu
- Re: Tussles in IPv6 Land Philip Homburg
- Re: Tussles in IPv6 Land Philip Homburg
- Re: Tussles in IPv6 Land Philip Homburg
- Re: Tussles in IPv6 Land Behcet Sarikaya
- Re: Tussles in IPv6 Land David Farmer
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land Ralph Droms
- Re: Tussles in IPv6 Land Tom Herbert
- Re: Tussles in IPv6 Land Mark Andrews
- Re: Tussles in IPv6 Land David Farmer
- Re: Tussles in IPv6 Land David Farmer
- Re: Tussles in IPv6 Land Ca By
- Re: Tussles in IPv6 Land Mark Smith
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land Erik Kline
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land Tom Herbert
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land Alexandre Petrescu
- Re: Tussles in IPv6 Land Tom Herbert
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land Leddy, John
- Re: Tussles in IPv6 Land Brian E Carpenter
- Re: Tussles in IPv6 Land Bob Hinden
- Re: Tussles in IPv6 Land Tom Herbert
- RE: Tussles in IPv6 Land Manfredi, Albert E
- Re: Tussles in IPv6 Land Brian E Carpenter
- RE: Tussles in IPv6 Land Manfredi, Albert E
- Re: Tussles in IPv6 Land Ca By
- Re: Tussles in IPv6 Land Tom Herbert
- Re: Tussles in IPv6 Land Mark Andrews
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land t.petch
- Re: Tussles in IPv6 Land Mark Smith
- Re: Tussles in IPv6 Land Lee Howard
- Re: Tussles in IPv6 Land Tom Herbert
- Re: Tussles in IPv6 Land Mark Smith
- RE: Tussles in IPv6 Land Manfredi, Albert E
- Re: Tussles in IPv6 Land Mark Andrews
- RE: Tussles in IPv6 Land Manfredi, Albert E
- Re: Tussles in IPv6 Land Mark Andrews
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land George Michaelson
- Re: Tussles in IPv6 Land Sander Steffann
- Re: Tussles in IPv6 Land Mark Smith
- Re: Tussles in IPv6 Land sthaug
- Re: Tussles in IPv6 Land Mark Smith
- Re: Tussles in IPv6 Land Nick Hilliard
- Re: Tussles in IPv6 Land Tom Herbert
- Re: Tussles in IPv6 Land Philip Homburg
- Re: Tussles in IPv6 Land Ca By
- Re: Tussles in IPv6 Land Nick Hilliard
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land Nick Hilliard
- Re: Tussles in IPv6 Land Ca By
- Re: Tussles in IPv6 Land Ca By
- Re: Tussles in IPv6 Land Lorenzo Colitti
- Re: Tussles in IPv6 Land Ross Chandler
- Re: Tussles in IPv6 Land Tom Herbert
- Re: Tussles in IPv6 Land Nick Hilliard
- Re: Tussles in IPv6 Land Ca By
- Re: Tussles in IPv6 Land Fernando Gont