IETF Logo Mail Archive

Re: [IPv6] Second Working Group Last Call for <draft-ietf-6man-rfc6724-update>

Mark Smith <markzzzsmith@gmail.com> Thu, 11 April 2024 17:56 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B251CC151090 for <ipv6@ietfa.amsl.com>; Thu, 11 Apr 2024 10:56:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.596
X-Spam-Level:
X-Spam-Status: No, score=-0.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.998, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LJUXJUenw84B for <ipv6@ietfa.amsl.com>; Thu, 11 Apr 2024 10:56:05 -0700 (PDT)
Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCFB6C14CEFF for <ipv6@ietf.org>; Thu, 11 Apr 2024 10:56:05 -0700 (PDT)
Received: by mail-ej1-x633.google.com with SMTP id a640c23a62f3a-a51f9ad7684so3521466b.2 for <ipv6@ietf.org>; Thu, 11 Apr 2024 10:56:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712858163; x=1713462963; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=NKMOUIBQ+Vne/CggXvHpzHAaaHSb97Ow77o2Xsr1IBw=; b=SjTZmDKKuZh6hC1FljF9IuH0Ch/pskNq4kmjW1YphuO75vuHn0T5yOTU9a6LQdkyhI puFIMH+u4yCchuyk1RK7oNuOKcMTis/pilOkAphRy8BbB0sgYHyDsbpRlpW9/uRtPK1i +5cm2OGzF6NVJ7MGCaa1WjJkYc0+KlFYfxaljW4vxZq93vqMvniAIM8gKzMwHl+SAhpb 1/Q4C+Jp2vFRBISB+S21cX7VoCIfz3YCLL9/3u9JSTtcdiYoot7rp1fASt8XVVrAqjep 5c+ZFFJDWqmJfB9RBjZ19fak9UUjPl7ofLwwbsJYzCCy+Gs1bRkJ9LVNoHSsBtILYn7u Ohyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712858163; x=1713462963; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=NKMOUIBQ+Vne/CggXvHpzHAaaHSb97Ow77o2Xsr1IBw=; b=TXjxz2KKgxwmIy55NGMMZirNd+6o/w3mppfOvTLb3xuiL+l8/Ws4NFDzzGBbHm11Pb GEaFdBXSdv3uosCEJPp2HMTzS+B/N39tP+QknCEk6Od4+tAZ+JXbQRtuHZkwnFVaG786 2lomu2P5YNNl3adHF+bXVw7G7HuHwCyXdm/omFooSrvl7M29IuDyQCh4tF01yulZT4fu OecK/klhtt3FxDJkl9vlwC00NmqzTbr5BENyyg1O5azXIARMWm3KaLL+rs2oNBAaSvJu CV9oiG0I/1VlBTzLF8Q29+0fjV72yuxKIZZdWW2K5AZ7wqDq5Pe1a8vXN5QD4ST3/KPM iacA==
X-Forwarded-Encrypted: i=1; AJvYcCUteRNpD88lP4VyX7d8YKYsNtMVFRim6YC5VgubOvLHOF0vRk973MR/D/+kptakHXIhw8sEv1ZbiZDDqdpG
X-Gm-Message-State: AOJu0Yzd/A2JRTjIoviSnvoDuSM72d+P92JSSIojPOsWJk5c8zEmPTg7 4ijv09STWqjkjtnO2orcQex/wHm/chsxXkMchZOxODD4gP+5vLr4wRZV6nR3Z0Nd+pUPo3aEj5f HbdPx91E7LrahidJ3d2hyErFlYLU=
X-Google-Smtp-Source: AGHT+IFEmvUmWeUYD/21JPmI52+q2bi5LT2N+8rhAYhm3HsRfVA/w/455nmYcpcj2hf7zyAcE5oFWID3tTaHVqtciEM=
X-Received: by 2002:a50:cd54:0:b0:56c:d35:1775 with SMTP id d20-20020a50cd54000000b0056c0d351775mr502018edj.35.1712858163348; Thu, 11 Apr 2024 10:56:03 -0700 (PDT)
MIME-Version: 1.0
References: <6A5E5F35-B35F-4358-8EE1-3BD82329141E@jisc.ac.uk> <6FBC1B5A-BF28-4B05-B2B2-A60DA4707755@gmail.com> <CAPt1N1m-Ye8vfOVnsPesFshLMV5QuVoxWqM=HVZiJ37zaBg6AA@mail.gmail.com> <CAKD1Yr1NTvFj0zB0=+nnUKck7TBtwHFz2XoFkD1smx4yCuZohQ@mail.gmail.com> <CAJU8_nWyE5TqBTXB9wfSkn6refaqYNVN967YAtCp-0VMk-5qWQ@mail.gmail.com> <CAPt1N1mqszfafMMY=54ezpoRymoy=bBjeVnWzxj6A27smR1eig@mail.gmail.com> <CAJU8_nWDDfwWEoahU4dqTEh3_HCq2UfpkFjefnXohb+5DAbjew@mail.gmail.com> <CAPt1N1nTJ1sDEQrn1iNUbvreu5bt0BweWgX7iOw6fmPgNBvUqw@mail.gmail.com> <CAJU8_nWsg=eGxu59akfB0+pOTJ-TYud-a_wGhtgnpp1RizVhrw@mail.gmail.com> <CAPt1N1nbTuSH4GGrimFAxe3YqTLbhiTX5KVjYsw+JRjoadzzrw@mail.gmail.com> <CAJU8_nU-+PcARtdLZ4cTOP_TQX5FQXPfALfs5MsivP84tFihPQ@mail.gmail.com> <CAPt1N1=+u4ggXy0FYP1QcdFtyUHFJxsYZ7EFxY19XULy1pNCMQ@mail.gmail.com> <CAJU8_nXLY36ff_CKdaZ6_HJ+KXY2izUCSntEPJb=6v23juZ6cQ@mail.gmail.com>
In-Reply-To: <CAJU8_nXLY36ff_CKdaZ6_HJ+KXY2izUCSntEPJb=6v23juZ6cQ@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Fri, 12 Apr 2024 03:55:50 +1000
Message-ID: <CAO42Z2yZOa_FETdJX4jaqAb+FpkEZSQhBU-uzkReofKZekndfQ@mail.gmail.com>
To: Kyle Rose <krose=40krose.org@dmarc.ietf.org>
Cc: Ted Lemon <mellon@fugue.com>, Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org>, Bob Hinden <bob.hinden@gmail.com>, IPv6 List <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000608ace0615d5de27"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/u_h7W1h07xUU9x01l5-9wdkoyVA>
Subject: Re: [IPv6] Second Working Group Last Call for <draft-ietf-6man-rfc6724-update>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2024 17:56:09 -0000

On Fri, 12 Apr 2024, 00:45 Kyle Rose, <krose=40krose.org@dmarc.ietf.org>
wrote:

> On Thu, Apr 11, 2024 at 10:31 AM Ted Lemon <mellon@fugue.com> wrote:
>
>> I don't disagree with you about this. It doesn't match my mental model
>> either. However, this just isn't relevant to this discussion—neither you
>> nor I have control of all DNS zones on the Internet, and that's probably a
>> good thing. So if we want to see better behavior when zone operators
>> violate our expectations, the only knob we have to turn is to improve host
>> implementations.
>>
>
> We're arguing about this because I'm opposed to any change that encourages
> operators to deploy what you and I agree is a misconfiguration.
>
> Right now with glibc, and under the proposed precedences, publishing ULA
> to global DNS would cause visible problems that service providers would
> then have an incentive to fix. Mandating known-local not only reduces this
> incentive, it actually encourages broader intentional deployment of this
> misconfiguration. That is the outcome I want to avoid. There is a long tail
> of existing devices attached to the network that will not ever implement
> known-local, and they will become less functional over time if the
> incentive to fix this is reduced or removed.
>

Trouble is, without known-local, the default of GUA over ULA strongly
discourages ULA deployment in parallel with GUAs, unless you burden a human
with performing the first step of each and every DA selection via giving
all nodes internal and external DNS names.

That's not an acceptable solution for non-technical users, and not for some
technical ones like me who don't want the mental load of deciding each and
every time I connect to something whether I want the internal or external
address of a node.

Assume the user is internal more often than external, so assume ULA works
more often than it won't, so prefer ULA over GUA (similar to how
site-locals were preferred over GUAs).

If you're worried about long connection establishment timeouts for
unreachable DAs, well that is the actual problem, and the actual solution
is a select(), poll() or similar call to reduce the duration of the
establishment delay.

Clients will always have to be able to cope with DNS returning unreachable
DAs, because DNS is not synchronised with the network's IP address
reachability, which can change based on link or node failure, and where the
client is currently attached to the network.

Regards,
Mark.


> BUT... I mostly want something published with the new precedences. I
> already said at the very top of the thread that I'm in favor of publishing
> the document. If I'm in the rough on this known-local issue, so be it. It's
> still a good document and will improve ULA and so encourage more IPv6
> adoption within enterprises, despite my reservations about known-local.
>
> Clear?
>
> Kyle
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email