IETF Logo Mail Archive

Re: [IPv6] Suggestion for multi homed clients without NAT/NPT

"Philipp S. Tiesel" <philipp@tiesel.net> Sat, 07 January 2023 17:20 UTC

Return-Path: <philipp@tiesel.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60F82C14E513 for <ipv6@ietfa.amsl.com>; Sat, 7 Jan 2023 09:20:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nQsqe1_7m2X7 for <ipv6@ietfa.amsl.com>; Sat, 7 Jan 2023 09:20:20 -0800 (PST)
Received: from einhorn-mail-out.in-berlin.de (einhorn.in-berlin.de [192.109.42.8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 124F3C14E511 for <ipv6@ietf.org>; Sat, 7 Jan 2023 09:20:18 -0800 (PST)
X-Envelope-From: philipp@tiesel.net
Received: from x-berg.in-berlin.de (x-change.in-berlin.de [217.197.86.40]) by einhorn.in-berlin.de with ESMTPS id 307HK2cQ3554410 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Sat, 7 Jan 2023 18:20:02 +0100
Received: from [2a0a:4580:1018:451:244b:f9ad:9759:5f81] (helo=smtpclient.apple) by x-berg.in-berlin.de with esmtpsa (TLS1.2) tls TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <philipp@tiesel.net>) id 1pECrR-0002bm-Vx; Sat, 07 Jan 2023 18:20:02 +0100
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.300.101.1.3\))
From: "Philipp S. Tiesel" <philipp@tiesel.net>
In-Reply-To: <293b396ce317460bb8e111581257c3db@huawei.com>
Date: Sat, 07 Jan 2023 18:19:51 +0100
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, 6man <ipv6@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <11113DF4-8D92-4B11-ACA9-F8DFBE311511@tiesel.net>
References: <b3742e2b-6472-9eb4-bee2-507fa8cdf4c6@posteo.de> <05ed3426-7731-baef-44a1-6fc50ce69a5b@gmail.com> <9586.1672523456@localhost> <14437462-8E95-4554-A4A4-A83E08382439@tiesel.net> <9192.1672934804@localhost> <94476ea4e8894e60b6c7d43d4ddde616@huawei.com> <2E1C1D16-9CE0-4A82-AF8F-B5F51397BFB7@tiesel.net> <293b396ce317460bb8e111581257c3db@huawei.com>
To: Vasilenko Eduard <vasilenko.eduard@huawei.com>
X-Mailer: Apple Mail (2.3731.300.101.1.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/lq_9ipvWvuGrSNSpqKX34qv8Qs4>
Subject: Re: [IPv6] Suggestion for multi homed clients without NAT/NPT
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Jan 2023 17:20:24 -0000


> On 7. Jan 2023, at 11:54, Vasilenko Eduard <vasilenko.eduard@huawei.com> wrote:
> 
> The application could use:
> 1) bind() to choose the source address first then it should have a complex logic comparable to RFC 6724 or use human intelligence (for a manual source address appointment). It is typically used by servers.
> 2) getaddrinfo() that would choose the next hop first (construct the packet later). It is typically used by clients

No, getaddrinfo() has no means to choose the first hop or communicate that choice back.
Which mechanism do you assume is used to pass that the first-hop choice?  

What could be implemented for 2) is some sort of getaddrinfo2() that also returns a src 
address along with each dst candidate. 
When doing that, this src address choice also has to obey RFC6724.
As next step, we use RFC 8028 to choose the first hop and src-dst-routing to reach the right uplink (the one that fits the src).

Be aware: I want to do src-dst-routing as defined in https://datatracker.ietf.org/doc/draft-ietf-rtgwg-dst-src-routing/, not any kind of header based client chosen src-routing! 

> RFC 8028 stated in the abstract that it assumes source address choice first. If you read it carefully, you would see that it follows this assumption throughout the whole text. RFC 8028 is just not relevant to the second case (when the next hop is chosen first).
> RFC 8028 is important because it fixes the case for bind().
> 
> But the second case (getaddrinfo()) is the more popular in the wild.
> The exercise to fix MHMP is primarily related to the attempt to fix RFC 6724/getaddrinfo() and maybe ND itself (RFC 4861). 

I really prefer to realise both cases the same way, otherwise the slightest inconsistency in routing / ND breaks everything.

> In general, RFC 6724 is redundant because it is a "local decision".
> I hear already that "vendor X already abandoned getaddrinfo()/RFC 6724 - they use their proprietary logic - lets everybody do the same".
> It is effectively a mild request to deprecate RFC 6724.
> Well, it is possible. I am not sure that it is the right way in such a complex matter (to cut the number of people discussing it).

It is not as these implementations still obey RFC6724 – they just combine the functionality of getaddrinfo (with a per-pvd/default-route and happy eyeballs. 

AVE!
  Philipp

> 
> Eduard
> -----Original Message-----
> From: Philipp S. Tiesel [mailto:philipp@tiesel.net] 
> Sent: Friday, January 6, 2023 7:45 PM
> To: Vasilenko Eduard <vasilenko.eduard@huawei.com>
> Cc: Michael Richardson <mcr+ietf@sandelman.ca>; 6man <ipv6@ietf.org>
> Subject: Re: [IPv6] Suggestion for multi homed clients without NAT/NPT
> 
> Hi,
> 
>> On 6. Jan 2023, at 16:43, Vasilenko Eduard <vasilenko.eduard@huawei.com> wrote:
>> 
>> PvD has no value for 1)ND, 2)source routing, That may be needed in a 
>> multihoming environment.
> 
> We don’t need 2) when we follow RFC 8028 I am not sure why you need 1)
> 
>> But PvD has a value for 3) DNS,
>> If RDNSS is received from the same router in a situation where it may have a different context (different PIOs).
>> 
>> Strictly speaking, all 3 solutions are needed for a complete multihoming package.
> 
> Agreed!
> 
>> 
>> I am not aware of any PvD alternative on how to inform from the same router that "this DNS is for this PIO, but that DNS is for a different PIO".
>> 
>> PS: if the host is receiving different RDNSSes (with respective PIOs) from different routers then PvD is not needed.
>> 
>> Eduard
>> -----Original Message-----
>> From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Michael 
>> Richardson
>> Sent: Thursday, January 5, 2023 7:07 PM
>> To: Philipp S. Tiesel <philipp@tiesel.net>; 6man <ipv6@ietf.org>
>> Subject: Re: [IPv6] Suggestion for multi homed clients without NAT/NPT
>> 
>> 
>> Philipp S. Tiesel <philipp@tiesel.net> wrote:
>>> I did my Ph.D. on that topic and called it Happy Eyeballs on Steroids.
>> 
>>> Most results went into the TAPS WG… maybe have a look at
>>> - https://datatracker.ietf.org/doc/draft-ietf-taps-arch/
>>> - https://datatracker.ietf.org/doc/draft-ietf-taps-interface/
>>> - https://datatracker.ietf.org/doc/draft-ietf-taps-impl/
>> 
>> Very cool.  I will read them. I didn't know TAPS was doing this, and I suspect that few in 6man know either.  Maybe a 5 minute presentation is in order.
>> 
>> Philipp S. Tiesel <philipp@tiesel.net> wrote:
>>> I am convinced RFC 8028 would also be a great start for clients with 
>>> multiple default routes, e.g., enabling stuff like multi-path TCP to 
>>> work correctly, but it will not be sufficient for meaningful 
>>> multi-homing / source address selection.
>> 
>> Do your IDs explain why?
>> 
>>> In addition, to avoiding problems with CDNs, it is also  required to 
>>> separately keep track of DNS on a per-router/PvD basis and only use 
>>> the matching source addresses for new connections, so RDNSS should 
>>> also be treated analog to the source address in RFC 8028.
>> 
>> I'm surprised to hear this.  I'm not convinced that PvD are a good idea, I think that they represent IPv4 thinking, and I think that there are better ways to do this in IPv6.  So I'm curious to understand how they are connected.
>> 
>>> Having tried to manage traffic from within getaddrinfo() I can only 
>>> recommend to abandon that idea.
>>> A lengthly write-up why can be found here in Section 6 of this 
>>> expired
>>> draft:
>>> https://datatracker.ietf.org/doc/html/draft-tiesel-taps-socketintents
>>> -bsdsockets-02
>> 
>> Thank you. I agree that it can't be done properly in getaddrinfo().
>> 
>>> The only way forward I see is something like TAPS and Appel’s 
>>> implementation is already pretty close what it would needs to make 
>>> use of multi-homing here. They just need a litte more 
>>> aggressive/opportunistic happy eyeball candidate selection.
>> 
>> Is there a FAQ on how to play with this code?
>> 
>> 
>> --
>> Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
>>          Sandelman Software Works Inc, Ottawa and Worldwide
>> 
>> 
>> 
>> 
> 
> --
> Philipp S. Tiesel
> https://philipp.tiesel.net/
> 
> 
> 
> 

--  
Philipp S. Tiesel
https://philipp.tiesel.net/

v2.23.0 | Report a Bug | By Email