IETF Logo Mail Archive

Re: you have running code ... I-D Action: draft-ietf-6man-ipv6only-flag-03.txt

Lee Howard <lee@asgard.org> Sat, 03 November 2018 11:36 UTC

Return-Path: <lee@asgard.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17FBD1288BD for <ipv6@ietfa.amsl.com>; Sat, 3 Nov 2018 04:36:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EA505AA_AZwf for <ipv6@ietfa.amsl.com>; Sat, 3 Nov 2018 04:36:08 -0700 (PDT)
Received: from atl4mhob03.registeredsite.com (atl4mhob03.registeredsite.com [209.17.115.41]) by ietfa.amsl.com (Postfix) with ESMTP id B7081124BAA for <ipv6@ietf.org>; Sat, 3 Nov 2018 04:36:07 -0700 (PDT)
Received: from mailpod.hostingplatform.com (atl4qobmail01pod6.registeredsite.com [10.30.71.209]) by atl4mhob03.registeredsite.com (8.14.4/8.14.4) with ESMTP id wA3Ba3HQ019119 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for <ipv6@ietf.org>; Sat, 3 Nov 2018 07:36:03 -0400
Received: (qmail 17354 invoked by uid 0); 3 Nov 2018 11:36:03 -0000
X-TCPREMOTEIP: 14.143.0.166
X-Authenticated-UID: lee@asgard.org
Received: from unknown (HELO ?172.18.0.22?) (lee@asgard.org@14.143.0.166) by 0 with ESMTPA; 3 Nov 2018 11:36:03 -0000
Subject: Re: you have running code ... I-D Action: draft-ietf-6man-ipv6only-flag-03.txt
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, ipv6@ietf.org
References: <153973137181.9473.10666616544238076833@ietfa.amsl.com> <6264F7A1-59EB-467D-A576-E5F2F0DEE7DD@lists.zabbadoz.net> <CACWOCC-xL0PfkNHgCqhB28GE-jCWUUagQE4PukdpXK+YHgWpyg@mail.gmail.com> <97ba35ff-b4a7-314c-3010-297d06be645d@foobar.org> <01c2a55e-1888-3ebc-3252-11b9005b8272@gmail.com> <0abd7b4d-b0e0-b1bc-2468-678befbc7cac@asgard.org> <3e155df0-5799-8788-5fbe-767a7421828c@gmail.com>
From: Lee Howard <lee@asgard.org>
Message-ID: <18646396-e3f7-b9ad-3871-69868468859a@asgard.org>
Date: Sat, 03 Nov 2018 17:05:59 +0530
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <3e155df0-5799-8788-5fbe-767a7421828c@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/pkGU0W1rx8fA73hCNU06u3gCTEM>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Nov 2018 11:36:10 -0000

Sorry, I didn't trim because I think it's all context...

On 11/3/18 12:50 AM, Brian E Carpenter wrote:
> On 2018-11-02 19:09, Lee Howard wrote:
>> On 11/1/18 1:13 AM, Brian E Carpenter wrote:
>>> On 2018-10-31 22:24, Nick Hilliard wrote:
>>>> Job Snijders wrote on 30/10/2018 22:27:
>>>>> Can you (or others running FreeBSD EXPERIMENTAL) share reports on how
>>>>> this pans out in practise?
>>>> Looking at the code, it acts by blocking outbound ipv4 frames from being
>>>> transmitted on ethernet interfaces.  This would mean - for example -
>>>> that if there were a default route already configured on the receiving
>>>> device, any userland code attempting to use ipv4 services would block
>>>> until ARP times out for the default route (default 20 minutes on freebsd).
>>>>
>>>> The only part of the ipv6only discussion that was uncontroversial was
>>>> implementation of the kernel processing side of this flag - there's very
>>>> little to go wrong when toggling a single flag.
>>>>
>>>> The problem area is how to handle the interpretation of this flag in
>>>> userland and in the kernel, which is a much more difficult problem.
>>> It's a question, but I don't know why it's a problem. It isn't an interop
>>> problem, because each host is an independent actor in this. And we now have
>>> running code proof that legacy hosts aren't affected. So I'd say that from
>>> a protocol spec point of view, it's actually a non-issue.
>> Doesn't it mean that user space applications on a host that had/expected
>> IPv4 would fail?
> Well yes, but that is presumably the network administrator's intention,
> so I'm not sure I'd characterise it as am interop issue exactly, and it's
> not an interop issues *involving the RA message itself*.
>   
>> I think I described my interop concern:
>> https://mailarchive.ietf.org/arch/browse/ipv6/?qdr=m&so=frm
>>
>> IPv4-only hosts, and dual-stack hosts
>> that do not recognize the new
>>       flag, may continue to attempt IPv4 operations
>>
>> If some devices require IPv4 and others disable IPv4, you have lost
>> connectivity between systems on a local network. As written, this is not
>> considered a misconfiguration by the administrator who sets the flag.
> Indeed not. The admin will presumably be happy at this result.
> I don't think we disagree about the effect, just about whether
> it's desirable.
>
>>>> This also disregards the issue of whether the flag was either necessary
>>>> or a good idea to start with, and nearly 700 emails into this
>>>> discussion, the WG seems to be hopelessly divided on these issues.
>>> I'll leave that one to the WG chair who isn't a co-author. But I will
>>> say that in my mind the issue is whether the feature is one that will
>>> be valuable in 5, 10 or 20 years time rather than whether it's valuable
>>> today.
>> I've come into the camp that believes that in 10 or 20 years IPv4 will
>> be disabled by default. When people post to stackoverflow complaining
>> that their 10-20 year old devices are unreachable from their brand new
>> devices, the response will be, "The old stuff might be using the old
>> protocol, IPv4. Go into Control Panel, Networking, Protocols, select
>> IPv4, click enable."
>>
>> If that's likely, then this flag is only useful in the interim 5 years.
>> During that time, I would like to maximize connectivity.
>>
>> If a network administrator wants central control over IPv4/IPv6
>> enablement in hosts, there are better, more centralized tools for that.
>> As a principle, host behavior should be managed by host management
>> tools, and not by hints from a router.
> I'm not sure how that can work on a BYOD network. On a fully managed network,
> sure, we could "easily" invent a solution.

Taken all-in-all, then, the use case for this flag is a network where 
the administrator:

1. does not know what's on the network,

2. expects that there are some applications using IPv4,

3. understands that IPv4 will continue to work locally, 3b. except for 
dual-stack hosts that honor the flag,

4. understands that applications may have already negotiated IPv4 
connectivity,

5. desires to break communications for 3b and 4, and prevent IPv4 
Internet access.

It's not just that administrator accepts that 3b and 4 won't work, but 
as you said above, "The admin will presumably be happy with this result."


This seems to me a very narrow application.

Lee

>
>     Brian
>

v2.23.0 | Report a Bug | By Email