IETF Logo Mail Archive

Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 08 May 2019 22:30 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A781D120194 for <ipv6@ietfa.amsl.com>; Wed, 8 May 2019 15:30:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8etJg8mqgjRC for <ipv6@ietfa.amsl.com>; Wed, 8 May 2019 15:30:17 -0700 (PDT)
Received: from mail-pl1-x62b.google.com (mail-pl1-x62b.google.com [IPv6:2607:f8b0:4864:20::62b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D693312013E for <ipv6@ietf.org>; Wed, 8 May 2019 15:30:17 -0700 (PDT)
Received: by mail-pl1-x62b.google.com with SMTP id d9so84955pls.8 for <ipv6@ietf.org>; Wed, 08 May 2019 15:30:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:cc:references:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=GA/vdCK72UOvzSwPhzTItgTNbPGSAeTJl21WMQWOpu4=; b=Ha1hJ5QR3bXGHK+3hyEzsoeSmloFFIEh+GFy0gSyiaOSH0qJnSTx1wj6nHLGd1PQs4 4XsvAlAzgQFXNXVkOmxYLyBzgeJs+/DkuC7paHrTNVXN8bhp1RyShNZi3FSJzq+iia6Q UhnO4KwMNMKzXGTz2EfvoND31lPibTTMQG/1rSlO9PDdOBxZS120aXtxAfc/yFeae8YV pS0iDjWbB2FZEMVbM+9dZzcH7++25PxpsdAWNUMI15G22a3fhFlp9M7PaiUq3dIBjFgb pQzlR5Jyyg1N8oPm+BVXUBlAP5xoM6r3lkngJLbN1iX0tcLt7Iem14xtlgtGNuNjhlAH 7ktw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:cc:references:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=GA/vdCK72UOvzSwPhzTItgTNbPGSAeTJl21WMQWOpu4=; b=nX2rxRkYEF2Uvlw7ObDF41UU1nORb2vOBdxfiSj/eeSqVaXlneb8iRc3XpjArPcBou 6WKsyFscX5n4WswUjHrzaSsb/DeMA+OT6r+YEOzl3zz9uPXXcUS2DyqFB4vjJ990zovm idQOEAQmnuHkFOQkbnU27aoXYQ96OjqdSz+wjN71N/Nq7w5GCAoGqXYGiWKkByuK/4i7 HhbUSzc3FLPempPaJKyLrYjNb7ae1b9SuBoVE0M7K0m6NOULEpdowuRmljH1pFfaFw9Z gUI2u0DiVo1VyUlUAjQ3X1ptRAlLYWafJGtCbmXGIOFm1VuNeRqdX16xerzQqzX2pw+u UYRw==
X-Gm-Message-State: APjAAAWD6debEHxknzRkB9pifySmWZ0CWBa2oqYt5WP5u4SbPfAQiEqB YtY9XDSFnJty79UA/ygKXJt/l7Ha
X-Google-Smtp-Source: APXvYqwelKOAnET+xIOrLYAGNeIrqP6R9WysZGsr6PApbrZTJAuMM9hr4+PFJs5nCwH75h+V9/iHEg==
X-Received: by 2002:a17:902:822:: with SMTP id 31mr349870plk.41.1557354616906; Wed, 08 May 2019 15:30:16 -0700 (PDT)
Received: from [192.168.178.30] ([118.148.72.205]) by smtp.gmail.com with ESMTPSA id d4sm267163pgt.14.2019.05.08.15.30.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 May 2019 15:30:16 -0700 (PDT)
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Subject: Re: Confirmation to advance: draft-ietf-6man-ipv6only-flag-05
To: David Farmer <farmer@umn.edu>, Fernando Gont <fernando@gont.com.ar>
Cc: IPv6 List <ipv6@ietf.org>, Bob Hinden <bob.hinden@gmail.com>
References: <F8BFFCAD-E58E-4736-8A1C-56579B6F6032@employees.org> <a2465e81-a17f-ab48-efda-20fe12a70077@foobar.org> <30239E0C-C444-4A7E-8342-AEE47BF8A2BB@employees.org> <8b9fd743-bfcc-525c-98f6-154f3fa713cc@foobar.org> <CAO42Z2zEWvt9NyemMb8H0AEvPvmNSDGa4wcXiS6n5yRxNFCHQg@mail.gmail.com> <c7e18765-be04-6494-8193-984dbccb520b@foobar.org> <CANMZLAYh+V57yrWOzmUyjSMK0g95u1D5_GZmyZBMOMKAZnrnCg@mail.gmail.com> <3F474511-6FE3-4A0A-9B84-7C37F08FBB5D@steffann.nl> <E352C226-C708-4418-BCDE-10525CAB109A@jisc.ac.uk> <652fb10e-b8ce-0151-a9a0-62d2378caed2@gmail.com> <0079c716-d56c-7199-f493-f5e56e1307ae@foobar.org> <b33de303-eaca-f7f6-804e-2c9343eb92a1@gmail.com> <6C4ABEF1-2565-4BA9-9FC5-5B3C45A719AD@gmail.com> <c2222416-6491-1906-a403-d012777a4b38@gmail.com> <CABNhwV0-SdKZqQa4z9jhpc8h1Eq=8UxRhtvHt1==BYEMTVRjug@mail.gmail.com> <96790121-7D50-4C6F-924F-87065B989E44@gmail.com> <ccab3694-54f2-bdd1-f8ac-cb159dbc0a81@gont.com.ar> <CAN-Dau0_w0n9C6grqi1bXAL-k239K7RMiQyhx5=c-Y_wqrV2OQ@mail.gmail.com>
Message-ID: <20191d2e-32f3-a8e9-e3be-e67b326e3061@gmail.com>
Date: Thu, 09 May 2019 10:30:12 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <CAN-Dau0_w0n9C6grqi1bXAL-k239K7RMiQyhx5=c-Y_wqrV2OQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/h3GaAFYgxC-rEP9qN7n_TIORzpg>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 May 2019 22:30:21 -0000

David,

Sorry about the runt message just sent, fat finger trouble.

> A host that receives any RAs with the flag set to 1 

No! That must be

A host that receives only RAs with the flag set to 1 

It is an absolute requirement that all routers must agree that the flag is 1, or else it has no effect.

Otherwise I'm sympathetic to your rewrite, but I see little point in updating the draft until the WG Chair gives us a read-out on the rough consensus.

Regards
   Brian

On 09-May-19 09:55, David Farmer wrote:
> 
> 
> On Wed, May 8, 2019 at 2:54 PM Fernando Gont <fernando@gont.com.ar <mailto:fernando@gont.com.ar>> wrote:
> 
>     The question is probably why not use IPv4 to disable IPv4. Entangling
>     one protocol with another generally leads to increased complexity, and
>     interesting attack vectors.
> 
>     I wonder why, if the issue is really a layer 2- one (e.g., stations
>     being awaken unnecessarily), the problem is not solved at layer 2- --
>     e.g. filtering at layer to, based on the Ether Proto.
> 
>     Thoughts?
> 
> 
> First, I don't think this flag is tangling the streams so to speak, IPv4 and IPv6 are tangled by the dual-stack model. I think of the flag as trying to untangle IPv6 from IPv4 so we can run IPv6-Only on dual-stack hosts.
> 
> The primary signal for a dual-stack host to not configure an IPv4 address should be the failure to receive an IPv4 address from a DHCPv4 Server [RFC2131]. This flag should be a secondary signal for a dual-stack host to not auto-configured an IPv4 Link-Local addresses [RFC3927] assuming an address has not received via DHCPv4, to not perform any IPv4 service discovery (such as mDNS [RFC6762]) using IPv4 Link-Local Addresses, and further, to limit the number of attempts that are made to configure an IPv4 address via DHCPv4. 
> 
> Otherwise, without this secondary signal, when a dual-stack host does not receive an IPv4 address from a DHCPv4 Server it would normally auto-configured an IPv4 Link-Local addresses, perform IPv4 service discovery (such as mDNS [RFC6762]) using IPv4 Link-Local addresses, and some dual-stack hosts are quite persistent in their attempt to configure an IPv4 address. It is these sides effects of not receiving an IPv4 address from a DHCPv4 Server that the flag needs to mitigate and that are necessary to untangle IPv6 from IPv4 to run IPv6-Only on dual-stack hosts.
> 
> This secondary signal needs to be expressed with an IPv6 mechanism so that it is compatible with Layer 2 filtering of IPv4 Ethertypes, however, use of the flag doesn't require this filtering. If this signal is expressed in IPv4 then it is impossible for the signal to be received in the presence of Layer 2 filtering of IPv4 Ethertypes. 
> 
> The following is the rewrite I propose for the logic in the Host Behavior Considerations Section based on the above restatement of the purpose of the flag. 
> 
> ---
> 
> A host that receives any RAs with the flag set to 1 SHOULD NOT auto-configured an IPv4 Link-Local Addresses [RFC3927] when it fails to receive an IPv4 address via DHCPv4 [RFC2131] and therefore SHOULD NOT perform IPv4 service discovery (such as mDNS [RFC6762]) using IPv4 Link-Local addresses.
> 
> A host that receives only RAs with the flag set to 1 SHOULD make a limit number of attempts to configure an IPv4 address via DHCPv4 and then make no further attempts. OPTIONAL, such a host could make no attempt to configure an IPv4 address at all. 
> 
> As soon as a host receives any RAs with the flag set to 0 it SHOULD attempt to configure an IPv4 address via DHCPv4 if it does not already have an IPv4 address configured, and MAY continue to periodically attempt to configure an IPv4 address via DHCPv4 if it does not receive an IPv4 address from a DHCPv4 Server as long as it is receiving any RAs with the flag set to 0.
> 
> A host that successfully configures an IPv4 address received via DHCPv4 SHOULD continue using it and attempt to renew it when necessary regardless the status of the flag in the RAs it is receiving. Further, it MAY perform IPv4 service discovery (such as mDNS [RFC6762]) using the configured IPv4 address.
> 
> Thanks.
> 
> -- 
> ===============================================
> David Farmer               Email:farmer@umn.edu <mailto:Email%3Afarmer@umn.edu>
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota  
> 2218 University Ave SE        Phone: 612-626-0815
> Minneapolis, MN 55414-3029   Cell: 612-812-9952
> ===============================================
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email