IETF Logo Mail Archive

Re: [IPv6] Second Working Group Last Call for <draft-ietf-6man-rfc6724-update>

Brian E Carpenter <brian.e.carpenter@gmail.com> Thu, 11 April 2024 20:25 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE52AC14F713 for <ipv6@ietfa.amsl.com>; Thu, 11 Apr 2024 13:25:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GWbo5Tarf3Oa for <ipv6@ietfa.amsl.com>; Thu, 11 Apr 2024 13:25:17 -0700 (PDT)
Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3271C14F705 for <ipv6@ietf.org>; Thu, 11 Apr 2024 13:25:17 -0700 (PDT)
Received: by mail-pl1-x635.google.com with SMTP id d9443c01a7336-1e4266673bbso2299525ad.2 for <ipv6@ietf.org>; Thu, 11 Apr 2024 13:25:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712867117; x=1713471917; darn=ietf.org; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=ti3Wg2hZ00PFkB9xRfbFNDwhVu/bDGUMcWNTyOxGEn0=; b=W5WdnRCrxqKMkzx8NbVks2cIO7S3Yc3j5H8CuPSWAi3DWQHLlsBrtg3hvKEz3ife+M nCFYNT2Eoaj++JthDKtu2ZLAceECVXhnuRmscfyO8NkyoNgj1DYRxXHnSkZ0xYy70cvn uONM8TWZ2G59v1if/emIHcAce4fIGFKohv04IZS7YQVZ/Hha3IhaR/5ZzKFH+nC7MwQV TpYQhEhMzOZLMfrJH0vPq85TettTuWQKvJmrpdLKIh9zSHxaafUA/MZrNUemGn8DnhCz 9mTgwPtWKupyFAcZZ0xMATXyRrsSkz7MO4hKtD22+y8p6xIK57xOFgyM8fPBUyWdsyYN u4fw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712867117; x=1713471917; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ti3Wg2hZ00PFkB9xRfbFNDwhVu/bDGUMcWNTyOxGEn0=; b=ch8cFzOKlyRIFZ3eYrWJo27pz9VpVL/7gPIn/uhznB6Xyug5zt/74iZ5RXW/QFMciK 4EvEIdtie6JqOm0YiOjmO3UCi0LgUEWVntBqNVGmC5WsZOCP+BnDEuTgtRuvwvMyCedI oDEp+WEq+37BnaqRmiKNsrVbMOXqSVayGZOmldiNWJFAa+Cys6/hXg0o6p7MJDKcz5je FnNJFNlK0ybjFeixQ1V2B1Cy7OzwOSjY8HeXAJm8Ft2qdQXc/3HcAoteC/jdhxtDMIRs MjEZOqaEH9WnwqOoOcup+9Z616qUa5N2EaXnnzwOtNclDntD/c3znO2ALNJWUNFJGuQx JnEQ==
X-Forwarded-Encrypted: i=1; AJvYcCVVV8tPRQZvWnoyhzLh7u4lMgl/EcVBnhnCsHlcDOF/lwS1gR2UwyFmLj+gddc9/ct+JYXknwHZOy2/IumN
X-Gm-Message-State: AOJu0YyM2+/zkvCSl6jMQlcyjRoVwmhamSNIfxtBykNAd33jdav3xvKB lu1vgSjV5jPPwA64RhGpkThr/1QEenUwqoLoiWqkSk2TrtCdKs1B
X-Google-Smtp-Source: AGHT+IFGL2PYptqEp4e0DkXuYx/tfjImM3pl3CnNUrkyIYx2VdJ/phw8bi3lzQrzyWk4xWDncVefmA==
X-Received: by 2002:a17:903:120b:b0:1e3:c01d:fb0a with SMTP id l11-20020a170903120b00b001e3c01dfb0amr599667plh.39.1712867116977; Thu, 11 Apr 2024 13:25:16 -0700 (PDT)
Received: from ?IPV6:2404:4400:541d:a600:44b7:2c2e:2bc6:8707? ([2404:4400:541d:a600:44b7:2c2e:2bc6:8707]) by smtp.gmail.com with ESMTPSA id u9-20020a170902e80900b001e2a7fb9441sm1573669plg.51.2024.04.11.13.25.14 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 11 Apr 2024 13:25:16 -0700 (PDT)
Message-ID: <161eca7b-0e2b-4110-9bbd-7fe4740052a2@gmail.com>
Date: Fri, 12 Apr 2024 08:25:12 +1200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: David Farmer <farmer@umn.edu>, Ted Lemon <mellon@fugue.com>
Cc: Bob Hinden <bob.hinden@gmail.com>, Lorenzo Colitti <lorenzo@google.com>, IPv6 List <ipv6@ietf.org>
References: <6A5E5F35-B35F-4358-8EE1-3BD82329141E@jisc.ac.uk> <6FBC1B5A-BF28-4B05-B2B2-A60DA4707755@gmail.com> <CAPt1N1m-Ye8vfOVnsPesFshLMV5QuVoxWqM=HVZiJ37zaBg6AA@mail.gmail.com> <CAKD1Yr1NTvFj0zB0=+nnUKck7TBtwHFz2XoFkD1smx4yCuZohQ@mail.gmail.com> <CAJU8_nWyE5TqBTXB9wfSkn6refaqYNVN967YAtCp-0VMk-5qWQ@mail.gmail.com> <CAPt1N1mqszfafMMY=54ezpoRymoy=bBjeVnWzxj6A27smR1eig@mail.gmail.com> <CAJU8_nWDDfwWEoahU4dqTEh3_HCq2UfpkFjefnXohb+5DAbjew@mail.gmail.com> <CAPt1N1nTJ1sDEQrn1iNUbvreu5bt0BweWgX7iOw6fmPgNBvUqw@mail.gmail.com> <CAJU8_nWsg=eGxu59akfB0+pOTJ-TYud-a_wGhtgnpp1RizVhrw@mail.gmail.com> <CAPt1N1nbTuSH4GGrimFAxe3YqTLbhiTX5KVjYsw+JRjoadzzrw@mail.gmail.com> <CAN-Dau36qjfT5YCPWAhko-RKjj3Cqeo-r9csM0fOadcdehvhBQ@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
In-Reply-To: <CAN-Dau36qjfT5YCPWAhko-RKjj3Cqeo-r9csM0fOadcdehvhBQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/vgs9Eh24EZFKlLwepHbhCT2Bdpg>
Subject: Re: [IPv6] Second Working Group Last Call for <draft-ietf-6man-rfc6724-update>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2024 20:25:21 -0000

On 12-Apr-24 06:27, David Farmer wrote:
> 
> On Thu, Apr 11, 2024 at 8:29 AM Ted Lemon <mellon@fugue.com <mailto:mellon@fugue.com>> wrote:
> 
>     On Thu, Apr 11, 2024 at 8:51 AM Kyle Rose <krose@krose.org <mailto:krose@krose.org>> wrote:
> 
>         On Thu, Apr 11, 2024 at 8:41 AM Ted Lemon <mellon@fugue.com <mailto:mellon@fugue.com>> wrote:
> 
>             But this is counterfactual. Rght now if you publish a ULA in the global DNS, it will not cause a delay because no host with IPv6 connectivity will try to connect to it. We only run into a problem if we decide to prefer all ULAs over all IPv4 addresses. That /will/ in fact cause delays.
> 
> 
>         Because something is misconfigured. Right now, that misconfiguration is hidden, and becomes visible only when IPv4 connectivity is broken for whatever reason. Fix the glitch, which is the ULA in global DNS.
> 
> 
>     Kyle, I don't know if you can see this from where you're sitting, but you are making a religious argument here. It is not a misconfiguration to put a ULA in the DNS right now in the sense that it causes a problem. It's a misconfiguration because it doesn't match your mental model of How Things Should Be.
> 
>     I don't entirely disagree with you about this—I don't think that we ought to put ULAs in the global DNS. But I don't actually have a solid argument against Lorenzo's position—I just don't happen to agree with it.
> 
> 
> I disagree with both of you. The distinction between local and global DNS only exists in the human mind. It doesn't exist in the DNS protocol or on the wire, except for the relatively recent availability of the .local zone.  And even with .local, there is no way to distinguish between different instances of .local.

With mDNS, resolving printer.local comes back with a zone as well as an IPV6 address. It's different from normal DNS resolution, where all you get back is the AAAA. I do know that not all code on Linux deals with this correctly (https://github.com/becarpenter/misc/tree/main/zelect#linux-a-tale-of-woe). I don't know what happens if you try to have two instances of printer.local on two different interfaces.

BTW, .internal is now defined (by ICANN, since the IETF didn't have the guts, apparently). That isn't a perfect solution, but it is an opportunity to do a better job of split horizon DNS. The challenge here is that not everybody agrees that split horizon DNS is a good idea, and not everybody agrees that ULAs in DNS are a bad idea, so we have weak language in RFC4193 and no well-defined approach to split horizon.

What I suggested yesterday still seems like the best way out for the current draft:

>>> All implementations MUST support inserting known-local prefixes.
>>> This feature MUST be configurable on or off.
>>> This feature SHOULD be configured on by default.

    Brian


> You don't know if a .local query is for or if the response is from your instance or my instance of .local. Except for the .local zone, there is no way to know if a query is intended to be global or local or if a response is global or local. The protocol on the wire is identical, and any distinction is a fiction of the human mind.
> 
> Furthermore, ULAs are global in scope, and if implemented correctly, they are effectively unique globally. The only real question is whether they are reachable or not, and preferring known-local ULAs and not other ULAs speaks directly to the reachability question. Whether or not the ULAs belong in the DNS or not, and how the DNS is configured, is irrelevant. The real question is only if they are reachable or not, and again, known-local ULAs resolve this question.
> 
> Thanks
> 
> 
> 
> -- 
> ===============================================
> David Farmer Email:farmer@umn.edu <mailto:Email%3Afarmer@umn.edu>
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE        Phone: 612-626-0815
> Minneapolis, MN 55414-3029   Cell: 612-812-9952
> ===============================================
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email