IETF Logo Mail Archive

Re: SLAAC, Static & DHCPv6 day 1 interoperability issue

Gyan Mishra <hayabusagsm@gmail.com> Mon, 09 November 2020 22:43 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 497613A14B5; Mon, 9 Nov 2020 14:43:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.087
X-Spam-Level:
X-Spam-Status: No, score=-1.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OVIZwHQzPeaB; Mon, 9 Nov 2020 14:43:45 -0800 (PST)
Received: from mail-vk1-xa2a.google.com (mail-vk1-xa2a.google.com [IPv6:2607:f8b0:4864:20::a2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32F8A3A14B3; Mon, 9 Nov 2020 14:43:45 -0800 (PST)
Received: by mail-vk1-xa2a.google.com with SMTP id a8so2279662vkm.2; Mon, 09 Nov 2020 14:43:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=O1SxQnfNFKuXQ5V6QABTi3j9rkX9P5uhLbDRJSiAk4Q=; b=KL2TBxfbZm5lS4cYMu7WlwotrwyF8nKt3AxjZGd7V5fYCRrlZfx5cQfgn6Ox9t2h+C wTdJLCr7YEFMu29K/WGMq+ANAzTU7OBPn2vSGEzSuGsmr3is3aN59TF2YCAzql1ThFBg 9oMr0EbejKYqmbV1tbJXeJqVXzwA7rww80DR+HSFKw2QRqAaMWdCfldxXYWVqiKInxnw aslqAnbwGzSM/wykyKdkhQLoG6dSmZCdOBeN6hBmlRaQEDnIosiFcZCzOjJSln7j+jaC E5G4Ia3PXBjO7ryukrbXc1vyRz0gyOXq5zcItvnPkJrkCmr7VbzjyyGrThmN3wPmfQSb o/7A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=O1SxQnfNFKuXQ5V6QABTi3j9rkX9P5uhLbDRJSiAk4Q=; b=Bxz0BWqsiAGY1YSGPeoGPqVOLR1eZ/R7WBs6wmtmgJQgK7jcmplTws7pCux9KHBOZR OuuZMlqKM/GKwNFaJwZPmUF7juwqcsPrwKvhRz02utY7NSA/Ynga+kEWIWSFCPTjVLnW KwD4DdmnMaQG04S0NTSNHX7tAaKDBQblXOiWFmVcbJAx0EYu33pugSbd/CxpqAFL3nOo gW+AA1V9ZjkszWLhSdzMwnxXXR9fPDL9KgKhqbA9sdhGqH1Nh+VBqUOMwp4mUjBwOzju oVis8jUPUdnrc4i3CgxGTZGWxFdd91yraeAo1LusruKqhlEe1PHxMyHUjxe3gaOFQ9J+ GAEw==
X-Gm-Message-State: AOAM5322O5kGpCpwPz8mO+g40gT9wBbvdaFWutUX1y2ETzVJbFTbz0YA hSIvPxs9ifln29r4up7mT98412w5hWa+k5kEtcM=
X-Google-Smtp-Source: ABdhPJxuceNjPRWwNavXO1O+gQPk11X2Csoi4Xd2RVgXl8d0mjba8uQ/mjvoQqsC55KmFqYrGdTZOVj+7+kuPshOY1A=
X-Received: by 2002:a1f:e584:: with SMTP id c126mr5675847vkh.3.1604961824072; Mon, 09 Nov 2020 14:43:44 -0800 (PST)
MIME-Version: 1.0
References: <CABNhwV1D7ng8JHJVUBrMhVmbQEQrhECBN_XUUcS5ZSV0WF=Lnw@mail.gmail.com> <4658abe3-909e-af0a-ddad-85db06e161ff@gmail.com> <CABNhwV1rBhWF6e7Tuk6L-R=gTmWgfXvFkWkCQyvbmEA06W3t0A@mail.gmail.com> <4088150e-1289-5c4f-184d-30df3e66f354@gmail.com>
In-Reply-To: <4088150e-1289-5c4f-184d-30df3e66f354@gmail.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Mon, 09 Nov 2020 17:43:33 -0500
Message-ID: <CABNhwV2DQ_N8b8RsRAd0Bcd5v7qXV9Dq3p+BheQVxFz+zar-BQ@mail.gmail.com>
Subject: Re: SLAAC, Static & DHCPv6 day 1 interoperability issue
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: Alexandre Petrescu <alexandre.petrescu@gmail.com>, Dmytro Shytyi <dmytro@shytyi.net>, Dusan Mudric <dusan.mudric@gmail.com>, IPv6 IPv6 List <ipv6@ietf.org>, Naveen Kottapalli <naveen.sarma@gmail.com>, "draft-mishra-6man-variable-slaac@ietf.org" <draft-mishra-6man-variable-slaac@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000066e6a605b3b44b44"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/cw6R_YWzmyWy3yJCn-Gu228LVUk>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2020 22:43:47 -0000

In-line

On Mon, Nov 9, 2020 at 4:57 PM Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> In line...
>
> On 10-Nov-20 04:35, Gyan Mishra wrote:
> > Brian
> >
> > In-line
> >
> > On Sun, Nov 8, 2020 at 3:14 PM Brian E Carpenter <
> brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>> wrote:
> >
> >     Gyan,
> >
> >     I don't think you were around for the original discussions, so there
> is an aspect that is missing from your logic below.
> >
> >     The inclusion of a separate interface identifier field in IP
> addresses was an entirely intentional feature of IPng. If all we had wanted
> to do was IPv4 with bigger addresses, that's what we would have done and
> the address length would have undoubtedly been 64 bits. In fact there were
> various proposals to do exactly that, with a variety of associated
> transition and coexistence mechanisms.
> >
> >     But the rough consensus was to do more than that, and to allow
> *extra* space in the address for an interface identifier that was not part
> of the subnetting mechanism. Originally it was going to be 48 bits, so the
> longest subnet prefix would have been 80; on second thoughts it was set to
> 64, which gave *exactly* the same extension to the subnettable space as we
> would have got from IPv4 with bigger addresses.
> >
> >     That isn't inconsistent with what we now call BCP198, which says
> that on links where an interface identifier & SLAAC isn't needed,
> subnetting can extend out to /127.
> >
> >     All that was despite the fact that we hadn't even realised the
> potential privacy benefits of a host-defined interface identifier at the
> time; that is much more recent.
> >
> >     As far "day 1" goes, please remember that DHCPv6 is a retro-fit:
> >
> >     RFC1971 IPv6 Stateless Address Autoconfiguration. August 1996
> >     RFC3315 Dynamic Host Configuration Protocol for IPv6 (DHCPv6). July
> 2003.
> >
> >
> >     Gyan> Makes sense then that as DHCPv6 was a retrofit “add on” to the
> base architecture that this issue came about afterwards.
> >
> >
> >
> >     (In fairness, draft-ietf-addrconf-ipv6-auto-00 was dated January
> 1995 and draft-ietf-dhc-dhcpv6-00 was dated February 1995, but it advanced
> very slowly compared to SLAAC.)
> >
> >
> >     Gyan> From a problem statement perspective do you agree with the
> title of this thread “Day 1 interoperability issue”?
>
> No. From the dates of the RFCs, it's a "Year 7 interoperability issue".


    Gyan>  I think you meant to say 17 year interoperability issue as RFC
3315 is dated 2003.   This is a MAJOR issue that had shackled operators in
deployments of longer prefixes to host subnets.  That is a fact.

>
>
> > Do you agree that one way to solve is to allow SLAAC to support longer
> prefix lengths?
>
> That's one way, but it's the wrong way. The right way is for all
> operators, including mobile operators, to assign /48 or /56 to all end
> users.


    Gyan> If you go to the “root” of the problem the root is the original
IPv6 specification RFC 1884 dated 1995, RFC 2373 dated 1998, RFC 3513 dated
2003 and now the present RFC 4291 dated 2006.  As soon EUI64 mac based IID
become not recommendedR and obsolete the standard should have immediately
updated RFC 4291 as the dependency on fixed IID is no longer as now random
IID generation schema starting with RFC 4941 privacy extension dated 2007
soon became standard for all OS vendors and later RFC 7217 stable IID
became an alternative option to provide a “random” IID.

Once random IID became mainstream in all Host Operating Systems it was at
that moment that the standard should have changed to update RFC 4291 to
permanently remove in all RFCs any mention of 64 bit boundary.

So this change if I do the math is now 13 years past due.  Even if you gave
a few years for host operating systems to adopt the new standard which I
believe back then was fairly quickly the standard should have changed
eliminating the 64 bit boundary.

Think of all the problems “Day 17 years” this has caused and even now all
of these threads.

This is clearly an IETF standards issue and needs to be fixed.

We can’t pass the blame to operators to dole out shorter prefixes or
support PD.  The IETF really needs to take onus end fix the broken standard.

Not going to happen for PDP as their are technical issue related to the
Mobile Network Gateway to support PD.   I will try to dig up the exact
reason but the network element is very different then a BNG broadband
gateway which supports most all L3 features.

As far as 3GPP operators they are following the well documented RIPE-690
which only requires allocation of /64.  The main reason mobile operators
are not making shorter prefix a standard is that is overkill from their
perspective as you may have many mobile handsets in a household and there
 is no reason for everyone at a single location to have shorter prefixes
per PDP.  When you are at honme you use your wired broadband and when are
away from home on the road on 3GPP on PDP is when the segmentation comes
into play to subdivide the /64 prefix to downstream devices but in a
household is only needed to be provided by one of the devices.
Bottom line is from a 3GPP provider standpoint it does not make sense to
provide a shorter prefix and I don’t think that will ever change even with
5G PDP.

Fixed 5G broadband which is a wired broadband replacement will follow
RIPE-690 guidelines and will allocation much shorter prefixes as with
network slicing and other capabilities with 5G offers the requirements
exist for shorter prefixes.  Not so much for PDP.


https://www.ripe.net/publications/docs/ripe-690#4-2-4--considerations-for-cellular-operators

4.2.4. Considerations for Cellular Operators

There is a clear exception to the rule described above when assigning
prefixes in a cellular network. In this case, a /64 will need to be
provided for each PDP context for cellular phones, whereas for LTE
modems/routers, i.e. in the case of broadband by means of cellular access,
it will still be necessary to choose a /48 or /56 in accordance with the
aforementioned considerations.




>
> > Do you agree that this is a major operational issue that needs to be
> solved?
>
> Yes, but as Barbara says, that needs some collaboration with the SDOs and
> operator fora to get rid of /64 assignments.
>
>    Brian
>
> --

<http://www.verizon.com/>

*Gyan Mishra*

*Network Solutions A**rchitect *



*M 301 502-134713101 Columbia Pike *Silver Spring, MD

v2.23.0 | Report a Bug | By Email