IETF Logo Mail Archive

Re: “DHCPv6, SLAAC, Static Day X - 17 year interoperability issue” 2nd issue

Ca By <cb.list6@gmail.com> Tue, 10 November 2020 01:53 UTC

Return-Path: <cb.list6@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DCB53A1582; Mon, 9 Nov 2020 17:53:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.847
X-Spam-Level:
X-Spam-Status: No, score=-1.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j9zsosiXHkUf; Mon, 9 Nov 2020 17:53:43 -0800 (PST)
Received: from mail-io1-xd41.google.com (mail-io1-xd41.google.com [IPv6:2607:f8b0:4864:20::d41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DDE063A1581; Mon, 9 Nov 2020 17:53:42 -0800 (PST)
Received: by mail-io1-xd41.google.com with SMTP id s24so11924107ioj.13; Mon, 09 Nov 2020 17:53:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=nzeT60cKz3WFxisvJyk8Bd705JxWxC37mTgtYvOAGQM=; b=CYpesQ4YT86wjpegSeleAUQSOJea2pQRFuLeoaiiyDRD1utmhh2CE172dSzyteAiUT y9WvAJCHkKA1uocBsZm2Z0HLBIHw2z7hEe7vklhT3kG6qT6TO7aYyETp/p+1L7GfaAil 96zOeBMYa99q9Y9yPPyjo8LtFfyA3B4DkOsUrhoomyCi9QRKnBqQVLsIVx4KU13KBeef X04Rle9rfHZjV3egBFB2lZuptswGG23YzGdDQK6IJ4fTYo47s+rnygf3ITRJYXwUZI0m cWT+2DlpmZrL9Eavq8dCkIrsX+Kda8cf44xluMmGGt23dSoAUnSZz28GONJz79SRagiv +lgw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=nzeT60cKz3WFxisvJyk8Bd705JxWxC37mTgtYvOAGQM=; b=cFtUUmRlTfl6RXCGP4Movf3L592KqzItjg38zdtxESj8UY3w67B8FrHdt/OSbsaGNX 5pZa71cEzR5ZWlVCPLg89ah5pxk/dgcytvWeE3/e6HOOVjttkzcjiTacKhyNDobLXtNG 1sFzadTQOIq3KKGX4mjSaKKU4awIl5amrUdjphZQwBFGW/ovAGoNeH9NCnxHWyFEf9Ts F2OAvrRqhoXH/WXkO731KaFcnNVCWqbuYZ5spbY7Rnyy1JNLXtAkOxL+gyvetxINkjFS jyVy0Hnu4E4f/b7S401YF29kM+Du6NngcX/meQa7SZN/eiyg5yhOT3O3qSKQjea/37Zw 1Qow==
X-Gm-Message-State: AOAM533ilFixtko6UGKPQn/pj7iiCo4l1Hf23qD76Oipx2K7a/kCQ2NB e2JllfGd0RWuu5P7ywH1oUjdcmZTT1ZpPpxrXbM=
X-Google-Smtp-Source: ABdhPJwziVNI1vQPK9bG+il86kSaAO7msc8QdCkns6D346MD4H/csULswTjhHtgp7UTfZqLCCBR9Ot8NiyHEJr2Qj78=
X-Received: by 2002:a05:6602:20c7:: with SMTP id 7mr11950903ioz.170.1604973222239; Mon, 09 Nov 2020 17:53:42 -0800 (PST)
MIME-Version: 1.0
References: <3A94E3B6-EA5A-453A-8CB1-C11BBDF88B53@gmail.com>
In-Reply-To: <3A94E3B6-EA5A-453A-8CB1-C11BBDF88B53@gmail.com>
From: Ca By <cb.list6@gmail.com>
Date: Mon, 09 Nov 2020 17:53:31 -0800
Message-ID: <CAD6AjGTcy3eo=4P52fOjCKRLDveVMUJcD7Y_u9JzJtpq3RAj0Q@mail.gmail.com>
Subject: Re: “DHCPv6, SLAAC, Static Day X - 17 year interoperability issue” 2nd issue
To: Gyan Mishra <hayabusagsm@gmail.com>
Cc: 6man WG <ipv6@ietf.org>, Alexandre Petrescu <alexandre.petrescu@cea.fr>, Bob Hinden <bob.hinden@gmail.com>, Dmytro Shytyi <dmytro@shytyi.net>, Dusan Mudric <dmudric@avaya.com>, Naveen Kottapalli <naveen.sarma@gmail.com>, Ole Troan <otroan@employees.org>, draft-mishra-6man-variable-slaac@ietf.org
Content-Type: multipart/alternative; boundary="000000000000c9246c05b3b6f26b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/kO4RvMOPpNkwq6NQfaAbaiTsIFA>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2020 01:53:46 -0000

On Mon, Nov 9, 2020 at 4:36 PM Gyan Mishra <hayabusagsm@gmail.com> wrote:

>
> This may have gotten lost in all the threads so starting a new thread.
> The issue is interoperability related issue between the 3 IPv6 addressing
> options that had been broken for 17 years.
>
> Problem Statement:
>
> The main point I am trying to make is that static address configuration
> and DHCPV6 stateful RFC 8415, you can have any prefix length prefix.
> SLAAC with A flag set requires a  64 bit IID and that stems from RFC 4291
> modified EUI64 mac based IID generation.  However, now with random IID
> generation schemes with RFC 4941 privacy extension and RFC 7217 stable IID
> you can generate any length IID.
>
> The operational issue with SLAAC not supporting any prefix length in PIO
> and requirement for the 64 bit boundary is that in a deployment scenario
> where you would like to deploy longer prefix length subnets with a mix of
> server hosts with static address and mix of client hosts with managed
> address M=1 that get their 128 bit address from the DHCPv6 server pool, the
> fear has always been that if a device came up on the subnet that only
> supports SLAAC it would not work due to the SLAAC A flag set and 64 bit IID
> requirement.  In that case the SLAAC host would not be able to communicate
> with any of the devices with a longer prefix including the router.
>
> So that fear of interoperability of SLAAC hosts not being able to support
> longer prefix lengths has prevented operators from being able to deploy
> subnets with longer prefix lengths, as it’s hard to predict that all hosts
> will be able to support static or stateful and so you may end up in a
> situation where a device type may only support SLAAC so then you are in
> trouble deploying longer prefix lengths.
>
> Due to the SLAAC 64 bit IID restrictions it has prevented operators from
> deploying “host” subnets with >64 bit prefix lengths.
>
> f you go to the “root” of the problem the root is the original IPv6
> specification RFC 1884 dated 1995, RFC 2373 dated 1998, RFC 3513 dated 2003
> and now the present RFC 4291 dated 2006.  As soon EUI64 mac based IID
> become not recommendedR and obsolete the standard should have immediately
> updated RFC 4291 as the dependency on fixed IID is no longer as now random
> IID generation schema starting with RFC 4941 privacy extension dated 2007
> soon became standard for all OS vendors and later RFC 7217 stable IID
> became an alternative option to provide a “random” IID.
>
> Once random IID became mainstream in all Host Operating Systems it was at
> that moment that the standard should have changed to update RFC 4291 to
> permanently remove in all RFCs any mention of 64 bit boundary.
>
> So this change if I do the math is now 13 years past due.  Even if you
> gave a few years for host operating systems to adopt the new standard which
> I believe back then was fairly quickly the standard should have changed
> eliminating the 64 bit boundary.
>
> Think of all the problems “Day 17 years” this has caused and even now all
> of these threads.
>
> This is clearly an IETF standards issue and needs to be fixed.
>
> We can’t pass the blame to operators to dole out shorter prefixes or
> support PD.  The IETF really needs to take onus end fix the broken standard.
>
> Not going to happen for PDP as their are technical issue related to the
> Mobile Network Gateway to support PD.   I will try to dig up the exact
> reason but the network element is very different then a BNG broadband
> gateway which supports most all L3 features.
>
> As far as 3GPP operators they are following the well documented RIPE-690
> which only requires allocation of /64.  The main reason mobile operators
> are not making shorter prefix a standard is that is overkill from their
> perspective as you may have many mobile
>

No

handsets in a household and there  is no reason for everyone at a single
> location to have shorter prefixes per PDP.  When you are at honme you use
> your wired broadband and when are away from home on the road on 3GPP on PDP
> is when the segmentation comes into play to subdivide the /64 prefix to
> downstream devices but in a household is only needed to be provided by one
> of the devices.
> Bottom line is from a 3GPP provider standpoint it does not make sense to
> provide a shorter prefix and I don’t think that will ever change even with
> 5G PDP.
>

I am 3gpp network operator.  None of the above thinking has entered my
head.

I have never read any ripe docs, so you cant say i am beholden to them.

3gpp operators only provide /64 because that is all that the standards
allow for without dhcpv6. No other reason, please avoid creating narratives
to explain what is clearly documented in the standards.

https://tools.ietf.org/html/rfc6459#section-5.3



> Fixed 5G broadband which is a wired broadband replacement will follow
> RIPE-690 guidelines and will allocation much shorter prefixes as with
> network slicing and other capabilities with 5G offers the requirements
> exist for shorter prefixes.  Not so much for PDP.
>
>
>
I am rolling out 5G broadband using 64share, so your above is not correct,
at least for me.  Why? No dhcp servers in network.

Maybe you can tell us about how vz is deploying ipv6 here ?

https://www.google.com/amp/s/www.rcrwireless.com/20200612/5g/verizon-expanding-enhancing-5g-fixed-wireless-service/amp



>
>
> https://www.ripe.net/publications/docs/ripe-690#4-2-4--considerations-for-cellular-operators
>
> 4.2.4. Considerations for Cellular Operators
>
> There is a clear exception to the rule described above when assigning
> prefixes in a cellular network. In this case, a /64 will need to be
> provided for each PDP context for cellular phones, whereas for LTE
> modems/routers, i.e. in the case of broadband by means of cellular access,
> it will still be necessary to choose a /48 or /56 in accordance with the
> aforementioned considerations.
>
>
> RFC 3177 for a default /48 allocation which is obsoleted by 6177 which
> takes a step back and is now not making any recommendations and is putting
> the onus on operators to figure it out and do what they feel is best which
> would definitely not be one size fits all approach.
>
> Please read the summary section in RFC 6177 below
>
> 5 <https://tools.ietf.org/html/rfc6177#section-5>.  Summary
>
>    The exact choice of how much address space to assign end sites is an
>    issue for the operational community.  The recommendation in RFC 3177 <https://tools.ietf.org/html/rfc3177>
>    [RFC3177 <https://tools.ietf.org/html/rfc3177>] to assign /48s as a default is not a requirement of the
>    IPv6 architecture; anything of length /64 or shorter works from a
>    standards perspective.  However, there are important operational
>    considerations as well, some of which are important if users are to
>    share in the key benefit of IPv6: expanding the usable address space
>    of the Internet.  The IETF recommends that any policy on IPv6 address
>    assignment policy to end sites take into consideration the following:
>
>
> Thanks
>
> Gyan
>
>
> Sent from my iPhone
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email