Re: problem statement [was Re: New Version Notification for draft-hinden-ipv4flag-00.txt]

Jen Linkova <furry13@gmail.com> Mon, 20 November 2017 04:17 UTC

Return-Path: <furry13@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85DA1126C22 for <ipv6@ietfa.amsl.com>; Sun, 19 Nov 2017 20:17:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NV0GGOIFPuA9 for <ipv6@ietfa.amsl.com>; Sun, 19 Nov 2017 20:17:12 -0800 (PST)
Received: from mail-lf0-x22d.google.com (mail-lf0-x22d.google.com [IPv6:2a00:1450:4010:c07::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1EC7126579 for <ipv6@ietf.org>; Sun, 19 Nov 2017 20:17:11 -0800 (PST)
Received: by mail-lf0-x22d.google.com with SMTP id x68so8545256lff.0 for <ipv6@ietf.org>; Sun, 19 Nov 2017 20:17:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=kPq53zradKHuL/uTDM7IoE3T5aDOx9QVUFpqd4Bg5Gk=; b=bL81sRg7vp4eg9rL56WEEf8lgSFLjjtjnmj7wIAkHEuv7P/5SDSlP2RR6ngAXJm3DS kv4qOwmhIoTZpQ5rYg+/4e1QCxkYcYJftSGgk1TK8dJtbyxFJTCMv4RZ5UWQPTCNA1Ma 1/61eUEV+uC4do4P8PXgvBCfk0HQe+D4//VLKhEWhQgqaNbW5qv9zKrX9ijNKv+o8ye9 3PniuOk6ArYN0oSuB9Gw/VOmjx03eGCWsMOClQrua2lNJDOHsCPQsVTLrHmhlQmtr2PN GmRoW0eYXrpDeoUCXp1r+jDORcjLKyFVPn/xuDDc8Zafm1w9yjoNtvPNNec/XO/Z399v Aw6Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=kPq53zradKHuL/uTDM7IoE3T5aDOx9QVUFpqd4Bg5Gk=; b=r4wESxQPhZeqJXKv8B8oIb9n4nyFHOb9GlEG/5PWF1NG7twAbDaGZO3RCB/luo97Ds nudfT4VygvN1Fbmr5QAwlC7hiGhKIR6gVydrq7FsADfxhzQHoTvjSBKCmVdalpw3L0c4 i8wmyHHYQ/ImT1XY99dpr0Y28dL4psXOv9YDdMCsJ1/sR+RTyn9IPtPS5p8dFNNrr9qI fyF5cmDQt9M8HJuG+jYGD8CGOOriDLGFJal7y/E7tmxw4/kiRd/jrsGvOfmU20idn8nB GgO9pQf8ItvvNZ3g0NxI0SbayManAPCupSb0yVz87cwrnYT92KpBLL6FljRSq0KoXn1H sgkw==
X-Gm-Message-State: AJaThX5hJRBTL9sAwAeDwzIZ6psO1KwH9FOjxWt+eF3VtqII/tROGYR8 9xf74YHZxq0bUZzP2p6WiZ6+RbKcoqXqDx7M4jwKEQ==
X-Google-Smtp-Source: AGs4zMa2D9XQzMLLy4YlqcrdDY84d+6aPwkjHsGOA3BEeh8d6K5iI22BUZNT44Me3tdjO1tGRWisP6id2Me92dCqA2k=
X-Received: by 10.46.2.17 with SMTP id 17mr4169617ljc.67.1511151430093; Sun, 19 Nov 2017 20:17:10 -0800 (PST)
MIME-Version: 1.0
Received: by 10.25.205.2 with HTTP; Sun, 19 Nov 2017 20:16:49 -0800 (PST)
In-Reply-To: <5A119443.2030108@foobar.org>
References: <151090059151.22321.3357672601322845792.idtracker@ietfa.amsl.com> <E838C63E-7612-4AA4-9375-854C184D699E@gmail.com> <CAFU7BAQKoWPcEFQZgU3k_d0gUL4en6d2pyNq1V4RMNZ6HrSG8w@mail.gmail.com> <649be36e-5006-7688-448f-bc2794d6a39c@gmail.com> <CAKD1Yr3WC+vwL_=0PeiJ_D85NqFVTCkb8c83x-ZtGhAbSELGMA@mail.gmail.com> <5A119443.2030108@foobar.org>
From: Jen Linkova <furry13@gmail.com>
Date: Mon, 20 Nov 2017 15:16:49 +1100
Message-ID: <CAFU7BASwgLfkO-4kk9-vba_P+jmcFHD5+Hy_7b3cnNkOSv30wg@mail.gmail.com>
Subject: Re: problem statement [was Re: New Version Notification for draft-hinden-ipv4flag-00.txt]
To: Nick Hilliard <nick@foobar.org>
Cc: Lorenzo Colitti <lorenzo@google.com>, IETF IPv6 Mailing List <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/csHUKcqxUlwRBIUAleZvmvxtj-Q>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Nov 2017 04:17:13 -0000

On Mon, Nov 20, 2017 at 1:25 AM, Nick Hilliard <nick@foobar.org>; wrote:
> One relatively straightforward way of dealing with extraneous dhcpv4
> packets would be to create a new dhcpv4 reply option hinting to the
> requester to cease DHCPv4 requests on the interface in question, or to
> slow down the request rate from one every two minutes to one every X
> minutes where X is network defined.

The idea of using a protocol X to tell device 'there is no protocol X
on this link' sounds very entertaining ;)
If I run a single-stack network I do not want to configure IPv4
addresses, dhcp relays etc on v6-only interfaces
and most likely I have no desire to run DHCPv4 for those segments. I
might not even allow v4 traffic on the link at all
(as it reduces the attack surface).

There are two unrelated things which could be done:
A) To protect the network from excessive amount of undesirable (v4)
traffic some actions need to be taken on the network level. Those
actions
could not be completely delegated to hosts as most likely we are
talking about large number of devices, uncontrolled, potentially
outdated etc.
However the network indeed could provide some hints to hosts in case
those hosts are willing to listen. Here comes B)
B) To improve the device performance at v6-only network, the device
can do smth to detect the lack of IPv4 on the link (either explicitly,
like the RA flag we are discussing) or implicitly (no DHCPv4 replies
-> back-off etc).


-- 
SY, Jen Linkova aka Furry