Re: A common problem with SLAAC in "renumbering" scenarios

Mark Smith <markzzzsmith@gmail.com> Sun, 10 February 2019 23:58 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 924951295D8 for <ipv6@ietfa.amsl.com>; Sun, 10 Feb 2019 15:58:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.499
X-Spam-Level:
X-Spam-Status: No, score=-1.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FEm07DqjdKOv for <ipv6@ietfa.amsl.com>; Sun, 10 Feb 2019 15:58:54 -0800 (PST)
Received: from mail-ot1-x32d.google.com (mail-ot1-x32d.google.com [IPv6:2607:f8b0:4864:20::32d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C404912958B for <ipv6@ietf.org>; Sun, 10 Feb 2019 15:58:53 -0800 (PST)
Received: by mail-ot1-x32d.google.com with SMTP id i5so4184352oto.9 for <ipv6@ietf.org>; Sun, 10 Feb 2019 15:58:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cxd24yDgn7SZkQKvOj2k+BiTMCv2R6sakBTNKH29xyg=; b=Y0GxCXWoGsfwbT30+yZwQoCHtODtP47+6JNExDCKPmgYGNfB9anugbnwhsCBxJK+X6 WFSw4b06cvhMFYd5uj4ZkZrWhyhoARTW4u3RQLcYXG9w4Mlu4eQEZceU40m2Z7qRGzgo 3Utp3RZZH5ccN5pvr/6Pcfc4wJBchkzgXgKHN3P1qwyhtxgzWkjVKFNxOj+46mRfk3JG h9IvMB6Ft0ySR+ZVYc0ZhANprhx1WKRng324/P4mt5b+BWaHhJCtyeXx1MChyIndCJJC uqUgXctdvYfKclBuqw+QJE4qgk8IlwNcIyjetEL0foXUzlm2Gx+vOZz1uz1/aT4p5clM 2rfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=cxd24yDgn7SZkQKvOj2k+BiTMCv2R6sakBTNKH29xyg=; b=R8BP9iWDQsYKdLi7MarwylwnRJnzS0l69TFubp8exwrLpGprvzrUeTgUER00upMv9Y tqzbi3qlDarabvQgayWszebNzk5dXIoo9XpmuqglUOCyB9wDby8FthR2FUhXs3tUShy6 uQ7vwyI1//Ap2RSpHTbU+TbSk9oysyWjFNpsJExKQ9OYELp6U2P/8B2bs2Tw819D2FBG 5tdSPIg2Xe+S+ed0Io4283NJgsKI/f2azi7mx8a+JUStpSAIwqY9qm5ZCnkg3CEVTDAw /JWgFrQGRSzWyeggg6COBlS5rzyEF5a0xVECjOqzyl/pOSDuoVNBLTiA88iVg5cK1xdF x96g==
X-Gm-Message-State: AHQUAuagjxxcwIJ7brRN94HRQjixVHlUfQSGgB8cCiv2tvT8SQXidTFU 4PRrQT/7OxFD8YgWOqtI7khpZJxUUVKOVMU7XBk=
X-Google-Smtp-Source: AHgI3IbBBA6rs407PG1Hk4p38dhiyoSmMAo2vGDJnA6L3kyJvcU608SehpaRTxZ7oq/VjY9LJYRFJcVUvdrwHvOnU1k=
X-Received: by 2002:a9d:3d42:: with SMTP id a60mr24659184otc.285.1549843132768; Sun, 10 Feb 2019 15:58:52 -0800 (PST)
MIME-Version: 1.0
References: <60fabe4b-fd76-4b35-08d3-09adce43dd71@si6networks.com> <alpine.DEB.2.20.1901311236320.5601@uplift.swm.pp.se> <m1gpCcz-0000FlC@stereo.hq.phicoh.net> <ddd28787-8905-bafd-3546-2ceef436c8b0@si6networks.com> <m1gptWx-0000G3C@stereo.hq.phicoh.net> <69609C58-7205-4519-B17A-4FBC8AE2EA16@employees.org> <d40b41c3-ff1b-cab4-a8de-16692a78e8fd@go6.si> <D1E45CAD-08D0-43D4-90F7-C4DD44CB32C0@employees.org> <alpine.DEB.2.20.1902041330531.23912@uplift.swm.pp.se> <46B8DB92-DC81-4242-9780-0D00FB6BDB7A@employees.org> <1c7ebabb-d6f6-d877-d4aa-d6c0fc7d5c60@go6.si> <6278.1549471453@dooku.sandelman.ca>
In-Reply-To: <6278.1549471453@dooku.sandelman.ca>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Mon, 11 Feb 2019 10:58:26 +1100
Message-ID: <CAO42Z2xdKtLJV11KXELBKca6CWn=B6Avz6bO_94kFFXaKiZ-pQ@mail.gmail.com>
Subject: Re: A common problem with SLAAC in "renumbering" scenarios
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: Jan Zorz - Go6 <jan@go6.si>, 6man WG <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/ovIlIK79hRqratPi6zvG5E69NUA>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Feb 2019 23:58:56 -0000

On Thu, 7 Feb 2019 at 18:34, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>
>
> Jan Zorz - Go6 <jan@go6.si> wrote:
>     > However, I always advocated ISPs to put static IPv6 PDs in Radius (or
>     > whichever AAA mechanism they use), so that the same user always gets
>     > the same PD.
>
> ....
>
>     > My suggestion is to have separate dynamic /64 prefixes to number the
>     > WAN link (it works for multiple PPPoE sessions and also it gives IPv6
>     > access to a very simple PPPoE client that doesn't do a PD request, like
>     > end-host machine with Windows or something) and fixed PD that just the
>     > first PPPoE session is able to get. This usually covers most of the
>     > scenarios. For the corner cases then ISP needs to solve them case by
>     > case, but at least for majority of clients that's the solution.
>
> This creates two routes per customer.
> That's why I advocate to use the prefix exclude option if you can,
> or better, just don't number the WAN link.
>

There are some advantages to numbering the wan link with a GUA /64.

For troubleshooting, customers' can plug a PC directly into the
service to test it, isolating the CPE as a fault cause. This is a
little bit more important in BYO CPE markets than it would be in ISP
provided/managed CPE.

Although probably becoming less common, for a customer with a single
device, a CPE isn't necessary saving them money.

The decision on for the production residential IPv6 broadband
deployment I worked on back in 2010 was to do dynamic GUA /64s on the
PPPoE session/link, and a static/stable PD prefix provided via RADIUS.
So outside the BNG, there was only 1 PD route per customer.

> I've had customers complain that they can't have so many routes, and why is
> IPv6 not like IPv4, and I ask them how many ARP cache entries they have.
> At that point, they look confused for a moment, but most figure out that IPv4
> and IPv6 work exactly the same at that point.  They just didn't remember that
> IPv4 was hiding the same state in what they think of as layer 2.
>
> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
>  -= IPv6 IoT consulting =-
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------