Re: rfc4941bis: trying to keep focus

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Fri, 31 January 2020 07:46 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4DFD120086 for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 23:46:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.498
X-Spam-Level:
X-Spam-Status: No, score=-14.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=kFdiJSce; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=Fipclob0
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JrolK3tkd-Xq for <ipv6@ietfa.amsl.com>; Thu, 30 Jan 2020 23:46:51 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3087712001E for <6man@ietf.org>; Thu, 30 Jan 2020 23:46:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10018; q=dns/txt; s=iport; t=1580456811; x=1581666411; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=aVbV1H2AqJKx6lA4WJlpk7rcBDC8Lyy6Vcb1oOfoMo0=; b=kFdiJSce3Fii7nFDIK1utvAOZhA8Vyt8CrgIpse3yHkSER25kkHMm4QU SwuWrS5Kher1XyUuzfs2jjO3orCK6GLERJjuUN1pVcZYYUwo7JOzb7ywS QSnpcVlGiJc+r4h2IpVzSgQG3zC6088SGEoyK5+w8xVtrhoCGvJrze2Rq g=;
IronPort-PHdr: =?us-ascii?q?9a23=3Aj2cvThOa7mD7USgHiu4l6mtXPHoupqn0MwgJ65?= =?us-ascii?q?Eul7NJdOG58o//OFDEu6w/l0fHCIPc7f8My/HbtaztQyQh2d6AqzhDFf4ETB?= =?us-ascii?q?oZkYMTlg0kDtSCDBjjMP73ZSEgAOxJVURu+DewNk0GUMs=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DKCAC22jNe/4QNJK1lHgELHIFwC4F?= =?us-ascii?q?UUAVsWCAECyqEFINGA4p0gl+YD4FCgRADVAkBAQEMAQEYCwoCAQGEQAIXghg?= =?us-ascii?q?kNwYOAgMNAQEEAQEBAgEFBG2FNwyFXwEBAQIBAQEQEREMAQEsCwEECwIBCA4?= =?us-ascii?q?MAiYCAgIlCxUQAgQOBSKDBAGCSgMOIAECDKE1AoE5iGJ1gTKCfwEBBYJEgk4?= =?us-ascii?q?YggwDBoEOKoUehwIagUE/gTgggU5+PoJkAQGBPQ4YgxAygiyNXQQmgk+IJYc?= =?us-ascii?q?xjzUKgjuWPRuCSIgNi2uERal2AgQCBAUCDgEBBYFoI4FYcBU7KgGCQVAYDY4?= =?us-ascii?q?dDBeDUIUUhT4BdIEpiloBASYBA4IXAQE?=
X-IronPort-AV: E=Sophos;i="5.70,385,1574121600"; d="scan'208";a="624477916"
Received: from alln-core-10.cisco.com ([173.36.13.132]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 31 Jan 2020 07:46:49 +0000
Received: from XCH-RCD-003.cisco.com (xch-rcd-003.cisco.com [173.37.102.13]) by alln-core-10.cisco.com (8.15.2/8.15.2) with ESMTPS id 00V7knBT027860 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 31 Jan 2020 07:46:49 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-RCD-003.cisco.com (173.37.102.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 31 Jan 2020 01:46:49 -0600
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 31 Jan 2020 01:46:48 -0600
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 31 Jan 2020 01:46:48 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VZ8Bp4zmd0dNOYmyiIdui7tacKoB2u2qzKv5CGgvyYxp4Az8RqDMsgV8rOdDji5icv9d7kGZvD1OBTBdstBsEowFNL1nVFNnXjIvaHrMx9Sevr0Jwd3BVrH6nO/gtDKr6jCVFrwPtlmAvcZazdcKPTXLTqAG/2poox2euL9Hhosw7jpoOmBB31VBRkWm++zejaWBiSVvxzEwQp/FOpjCydiF/nF1k64GFt55B0DmfVK1KzRTdcaiKf2HiwodDnLCSUsJAPfYFdMg+ltpCnyx0SiQFRThWNTCn1PxABuL29vi7TRhkoGbPd6VHvKA0c+EhbQcOtuZYhuUYfJTTkRr8g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aVbV1H2AqJKx6lA4WJlpk7rcBDC8Lyy6Vcb1oOfoMo0=; b=ObzAqBxrDA5aRg/lSOHhRxh3O1pEIwGslG8Dxg3BWNu8jS08Pg/aL6e0TBuRfsRnmXKPivPjF1plL3vdnYE9GwpWq+Xc83jP9o66IJLxrYgy5p1cHtGgbCHs4d76Ano1DgjZsHZg7DqOyOATXtC8Ypn4e+kghkNHb4gRiSi4ROQU0IQZt69ShYjYf5A/VNmmUKaYmuEQMTR4gBpuLVPObNiTWfrGJui9IQDhZWFVsmxVfqezQheyHsp8rXRzd40QIQhyNBIxkPPm7PttdqG3+CfLVIi14BT80JJ1NTndrQgFa4RXT4PGRgGgtVHyKU8Yo+UUplyiGrca21fhCme1yg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aVbV1H2AqJKx6lA4WJlpk7rcBDC8Lyy6Vcb1oOfoMo0=; b=Fipclob00H1TH/hVCrcLGetldzCuHCNdMuN3G1XVgnSVV2GMRkA97TY/nuiRrdWbmf8qmAsvibaTlsaJgT+CGL1fVUlx0vR98x7fcPrblOaRq8F1X++g09ek38AHBWzUj0lBpu6gW+OdgVjgo3jKkcYKLPC98G5jjatF1lmpAwU=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB3951.namprd11.prod.outlook.com (20.179.151.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2665.22; Fri, 31 Jan 2020 07:46:47 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::fd76:1534:4f9a:452a]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::fd76:1534:4f9a:452a%3]) with mapi id 15.20.2665.027; Fri, 31 Jan 2020 07:46:47 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Fernando Gont <fgont@si6networks.com>
CC: "6man@ietf.org" <6man@ietf.org>
Subject: Re: rfc4941bis: trying to keep focus
Thread-Topic: rfc4941bis: trying to keep focus
Thread-Index: AQHV168kmTlcQ6R4xk6o/v5cuct+dqgEZc+u
Date: Fri, 31 Jan 2020 07:46:47 +0000
Message-ID: <A3D49A64-24BF-4C9A-BF15-FE2E56E6F420@cisco.com>
References: <4085840f-6c30-323a-b2e9-544f1a783103@si6networks.com>
In-Reply-To: <4085840f-6c30-323a-b2e9-544f1a783103@si6networks.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2a01:cb1d:4ec:2200:c98e:8b76:9062:40fe]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: aa8502c9-f151-4eca-420c-08d7a621b9c1
x-ms-traffictypediagnostic: MN2PR11MB3951:
x-microsoft-antispam-prvs: <MN2PR11MB39517FB52B387900D762E12FD8070@MN2PR11MB3951.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 029976C540
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(366004)(39860400002)(396003)(346002)(376002)(189003)(199004)(316002)(6506007)(66574012)(36756003)(6916009)(86362001)(33656002)(5660300002)(966005)(478600001)(6486002)(2906002)(81166006)(81156014)(8936002)(71200400001)(6512007)(8676002)(2616005)(66476007)(64756008)(4326008)(91956017)(76116006)(66556008)(66946007)(66446008)(186003); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3951; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: CcWDYwmhuDSTCjQ1Zfjce8Oe9RRKZzqWv5tHdEk8zTxtjDzFX8czEjkmEpE+h2n+b/VRRTmbrzFlHCbG4rUzizT6IHtJHYkDaaupSvRf9CVK98jDQb6QMpa1A96iTTpDRXOBI0xV8JwslYeZhhJU53ig3oCuvtxnHSQO5l8Ya+diGYu8j+6JTN1c8eOi7OMSc6Z8w0r244lZ0rMYnTcEW2gpsiAxb2N1Hmnhd+3yELmiQlDi0FUynAFWh1ST6fV5LGbDd+4VXpi/p77d1NLqlwHk/fK7jJewAbURphWx22TcYgj8PZubdQ3rbDgtPLtvbslD2/IhhNA8O8sIY6/ix0M0z8FWfz2w/UMLvaha2nlJza2YbiWWZr1EJ0tsuqgAvOTxaKFeCOf4SEbDqzB6dAgBnLoQrdCRxw1O5Hug3I9XhXZaeFD1VHjWEM3r1N4xRFAPjCMqeSy09tN7ywNt/PuMtSZoTHemgH4aeUiBL9eig8IBbWw4aaX+NPzfou5D3Ou2Are6sdzQNDRd3Oz29g==
x-ms-exchange-antispam-messagedata: V9uU+viCi40MLBZ8nHhAErRI/oWgD2B5Z7Ym6ogu4SZx52uf4bzo3zo6E2diogKfqdPcEpFMdqmQIf4/2jzu6NdMcXDkYA9c7j6sfymxrsZJ/s2C0JRUUoWxg/3FdKKUy/OaLSHDq+B1JX9OGuNJj3CaulKTG+H4+wCT/jx+hOViHojmt5FtjK13nclfvlCk/Yl/qcx3bLQmNov7Fvol9w==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: aa8502c9-f151-4eca-420c-08d7a621b9c1
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Jan 2020 07:46:47.5497 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: MggP4LP97RoNX1lpC5bMyk+3XEvK6lmssyLfTLvh3KGOzKgJHWzkObV66AIXNQ4cNd+06wyd+IUUd/3jeFs0+w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3951
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.13, xch-rcd-003.cisco.com
X-Outbound-Node: alln-core-10.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/gn_CUHFLesQ_6ujwHy3NDedT2UA>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jan 2020 07:46:54 -0000

Hello Fernando 

Long but great summary !

Please see below 




> Le 30 janv. 2020 à 21:52, Fernando Gont <fgont@si6networks.com> a écrit :
> 
> Folks,
> 
> I'm trying to summarize what I've seen as part of the recent discussion about (or at least triggered by) rfc4941bis.
> 
> First, let me give the (obvious) context:
> 
> rfc4941bis is meant, for the most part, to address flaws in RFC4941 --
> RFC4941 is a Standards Track document, already. rfc4941bis is not proposing or introducing temporary addresses, but simply addressing flows in the scheme *we already have* (which is widely deployed).
> 
> 
> Now, let's move to the main topics of this discussion:
> 
> 
> 1) "temporary addresses results in too many addresses"
> 
> This is not a problem araising from RFC4941, but a problem with SLAAC. In SLAAC, routers offer network configuration information, and hosts do... what they virtually please.
> 

And they don’t express their intention and/or ask if it’s ok.

> Routers could also advertise many different prefixes on the same link, leading to many addresses. Hosts could also manually configure lots of addresses.  An OS might also provide a proprietary interface for proprietary apps to request "one address per flow".
> 
> Given a sufficient number of prefixes and hosts, this may get to a point where implementation limits such as the maximum number of NCE may be hit.
> 

NCE in the host is hardly a limit as it was in the last century when ND was designed. The problem has migrated to harder state in the network that cannot be easily removed and reformed for the lack of cooperation.

I still agree with your bottom line.


> If folks are concerned about the maximum number of addresses that may be employed in a network (a valid concern), then I guess energy should be spent on how to address this general issue of SLAAC, *in SLAAC*, as opposed to simply bother about one of the many possible ways in which a host may configure addresses.

I’d say this general issue of SLAAC, *in IPv6ND*. The SL may partially need to go away. Because it’s been a lie for roughly 10 years already in managed networks. But we can maintain the AAC whenever it’s valuable.



> 
> I'd note that we have a BCP (RFC7934) about the topic of "number of addresses". In the typical/default case, RFC4941 will lead to a maximum of 7 addresses per host. In the context of RFC7934, I guess being able to handle 7 addresses per host is the least one could expect. I do understand that some systems can't handle them (given a sufficient number of hosts). Maybe we need to send a signal to router vendors. Maybe a few thousand entries in the NC is way too IPv4ish? All these issues are worth discussing... but they are issues with SLAAC or ipv6 network configuration, and not with RFC4941.
> 

Yes.

 What would enrich 4941 would be improved signaling by the router In RA messages of the constraints it wants applied. Once we have that the default does not really matter any more.

The other thing that would improve the draft is a bit in the NA signaling whether the address is permanent or transient.

I can propose text if you like.

But the real thing is to rethink AAC. Which took 10 years in the IOT world but was finally published.


> That said, and given recent feedback, it seems sensible to reduce the preferred lifetime and valid lifetime of temporary addresses to 1 day and 2 days, respectively. This would result in one preferred and one deprecated temporary addresses (as opposed to 1 preferred and 6 deprecated addresses resulting from RFC4941).
> 

There is a confusion between the valid lifetime of the prefix and that of an address. We should be able to revalidate an address within the prefix lifetime. I agree with Michael, losing sessions (VNC in my case) is embarrassing and a loss of perceived quality vs. IPv4.

> 
> 2) The value of temporary addresses
> 
> As noted above, one would assume that since RFC4941 has not been deprecated, there is consensus that RFC4941 provides value in the area of privacy.
> 
> Everytime you reuse an identifier, it leaks information. Temporary addresses reduce the address lifetime, and hence limit the amount of time you reuse an identifier. That's an improvement. And it is a middleground between not using temporary addresses (and hence resuse the same identifier forever) or doing "one address per flow" which, while interesting, would take the number of addresses employed in any network to another dimension. As such (a middle-ground), it can't be expected to be perfect.
> 
> Temporary addresses are meant employed for outgoing connections. Maybe RFC4941 should provide stronger hints or even recommendations that this use mode is enforced. For connection-oriented transport protocols, the concept is straightforward. For stateless protocols, not so much.
> 
> But even if this mode is enforced for connection-oriented transport protocols, this would make temporary addresses reduce host exposure quite a lot. This is another area where temporary addresses have value.
> 
> That said, I'm not sure to what extent it makes sense to argue about the value of temporary addresses in the context of *this* document. If we take the to extreme possible outcomes:
> 
> * we don't publish rfc4941bis, and we keep a flawed RFC4941
> * we publish rfc4941bis, and have an improved version of rfc4941
> 
> Only one of these options will improve RFC4941, and none of them will obsolete rfc4941.
> 

Choose your evil?


> 
> 3) Should temporary addresses be enabled by default?
> 
> One would assume that since RFC4941 has not been deprecated, there is consensus that RFC4941 provides value in the area of privacy.
> 
> In that sense, and in the context of RFC7258, I believe it would be a hard case to make to have temporary addresses disabled by default.
> 
> I do believe some network might want to disable them. That would require the network to be able to convey this policy to hosts. This was tried (draft-gont-6man-managing-slaac-policy) and rejected ten years ago.
> 

Things change. People awareness improves. 

> I believe that, at least in the absence of policy, and in the context of RFC7258, it is sensible for the default to be "on".
> 
> Besides, in a post-Snowden era, I believe we'd nevertheless have a hard time recommending OS vendors to disable them by default.
> 

The problem is not there anyway. The problem is to get to a point where the hosts and network agree on the addresses, and that can happen with many addresses if that’s what serves the user best.

A side thing is to admit that SLAAC is obsolete in a number of environments, and damaging to the network operation. But as you say it’s about modernizing ND not counting addresses.

All the best,

Pascal 

> Thanks!
> 
> Cheers,
> -- 
> Fernando Gont
> SI6 Networks
> e-mail: fgont@si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
> 
> 
> 
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------