IETF Logo Mail Archive

Re: [IPv6] Adoption call for draft-bctb-6man-rfc6296-bis

Ole Troan <otroan@employees.org> Wed, 20 March 2024 06:35 UTC

Return-Path: <otroan@employees.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63317C18DBA6 for <ipv6@ietfa.amsl.com>; Tue, 19 Mar 2024 23:35:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=employees.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JVWLkfx1M9xl for <ipv6@ietfa.amsl.com>; Tue, 19 Mar 2024 23:35:32 -0700 (PDT)
Received: from proxmox01.kjsl.com (proxmox01.kjsl.com [204.87.183.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0312C14F6F2 for <ipv6@ietf.org>; Tue, 19 Mar 2024 23:35:32 -0700 (PDT)
Received: from proxmox01.kjsl.com (localhost.localdomain [127.0.0.1]) by proxmox01.kjsl.com (Proxmox) with ESMTP id 6A86CE1B01; Wed, 20 Mar 2024 06:35:32 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=employees.org; h=cc:cc:content-transfer-encoding:content-type:content-type :date:from:from:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=prox2023; bh=fw46YjJNgxH+aOSb 0p5umO2giwAveOeYldgjNEKyrw0=; b=RZBd0jypjworP9dWtnQvdN0yXkKEmMR+ VAgDr9/0J/VU+si1rua41SaeRCccCDAl/KpnRTw6Mlx3VOnUSUgpU+sb2MjQby3q v20E82DZ3UW/E80uaWqGQDpEMwIIwkX4sTgAj2rUc+Wga3nEpqKpUXewO6vtMowB VNxxmy0JzRd1JTMAm5xhJl5hI7BAaZbWwy2Ry/6/OvLW+v82ahvIgWm5pCuNid8e KHuxUnc28E6YgiiID/8JYr7dIhSEJVkqXKReI8U9ZQtfvs7f3n5HoqyGr3GkwTnF 5429rdCMYwTsqrPiv3miWu8inbPHfJpn2K7mgZ7/KLR8XCtBOcjnYA==
Received: from clarinet.employees.org (clarinet.employees.org [IPv6:2607:7c80:54:3::74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by proxmox01.kjsl.com (Proxmox) with ESMTPS id 464F9E1AFA; Wed, 20 Mar 2024 06:35:32 +0000 (UTC)
Received: from smtpclient.apple (ti0389q160-5480.bb.online.no [95.34.1.168]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by clarinet.employees.org (Postfix) with ESMTPSA id 8A7884E11ACC; Wed, 20 Mar 2024 06:35:31 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.500.171.1.1\))
From: Ole Troan <otroan@employees.org>
In-Reply-To: <CAPt1N1=5Er9bbdO1tYBZTkem7f2=YDEJgGB-zN8AFcL7z9+QAg@mail.gmail.com>
Date: Wed, 20 Mar 2024 07:35:19 +0100
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, 6man WG <ipv6@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <79A6B56E-FC2B-498A-A54D-D1301CE56B94@employees.org>
References: <CAPt1N1nUtBrh0dam7rCm-Tx4hGy4VJbH16c6r+bQTfV0EgaMBg@mail.gmail.com> <82FF5551-9665-4F1B-988D-125016F90E83@employees.org> <CAPt1N1=5Er9bbdO1tYBZTkem7f2=YDEJgGB-zN8AFcL7z9+QAg@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
X-Mailer: Apple Mail (2.3774.500.171.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/wNbtdLUxcO9rv2O3Xqf9LKDW1dE>
Subject: Re: [IPv6] Adoption call for draft-bctb-6man-rfc6296-bis
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2024 06:35:37 -0000

Ted,

Sorry Ted, I’m not going to let you off the hook this time.

Are you making a claim that the current specifications of MPMH, SAS/DAS and HE, transport protocols support robust multi-homing and that is deployable today?
If the answer to that is no, what is your solution?

And we aren’t talking about “rushing to deploy”. NPTv6 (and NAT66, NAPT66 for that matter) are widely deployed.
It’s a matter of whom should have change control. Do we want it in the IETF?

I noticed you also made the claim above that RFC6296 did not need an update. Handling of ICMPv6 error message proxying was missing, something I think is quite important to incorporate.

O.


> On 20 Mar 2024, at 06:08, Ted Lemon <mellon@fugue.com> wrote:
> 
> Ad hominem arguments ("ivory tower") don't get more convincing over time.
> 
> It's my understanding that a lot of work has been done on locator/identity splitting. There's an active working group that works on that, and Brian's SHIM6 work I think also addresses that use case, as does Mobile IPv6. Why does 6man need to delve into this space?
> 
> IPv6 deployment is not a universal benison. It may be frustrating to those of us who have been working on it all these years that it's not done yet, but a lot of good work has been done, and I think one of the biggest obstacles to deployment is actually just "we have always done it this way." Rushing to deploy with a partial solution that won't stand the test of time is something we've done a lot of. Do we really need to do it again?
> 
> On Wed, Mar 20, 2024 at 3:00 PM Ole Trøan <otroan@employees.org> wrote:
> Ted,
> 
> You seem to make the assumption that MPMH, SAS/DAS selection and multi-homing policy distribution can actually be made to work.
> 
> Across every application and every host stack in a network. Ivory tower?
> 
> We should not ignore the other use cases for identity/locator split. Abstracting services for example. (Although those are sometimes done at L4 or L7 as if that makes it better). 
> 
> I agree we should discuss solution based on merit. It has not been shown that your alternative proposal has merit (yet). There’s still hope perhaps, but we have hand-waved these solutions around for a few decades. Mostly to the detriment of IPv6 deployment unfortunately. 
> 
> O. 
> 
>> On 20 Mar 2024, at 04:28, Ted Lemon <mellon@fugue.com> wrote:
>> 
>> It will come as a shock to all, no doubt, but I read the document, and specifically those bits.
>> 
>> The problem is not that this document doesn't solve that problem. It's that it is not an unsolved problem: we do not need this document to solve that problem.
>> 
>> As Lorenzo pointed out, if you use ULAs for your internal servers, and also distribute whatever GUAs you get from the ISP through your network, you never need to renumber your infrastructure because your ISP changes your external GUA prefix. We don't even need to update source/dest address selection to deal with this: you just do not use addresses in the ISP-provided GUA in your configurations. So e.g. your internal DNS /only/ publishes the ULA, never the GUA. If you give your routing infrastructure routable addresses, the addresses you configure are from your ULA. Basically precisely what you would do if you were using NPTv6—the only thing you change is that you also propagate the ISP-provided prefix for external connectivity.
>> 
>> This should behave much better than NPTv6, because there isn't a weird transition point at the edges of your network where magic happens that is not seen internally.
>> 
>> 
>> On Wed, Mar 20, 2024 at 1:19 PM Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>> On 20-Mar-24 15:08, Ted Lemon wrote:
>> > I would appreciate it if we could discuss the merits and not the marketability of this proposal. When the IETF publishes a standards-track or informational document, we are indeed recommending the documented solution.
>> > 
>> > It’s fine for you to disagree with me, but as a general principle IETF consensus should be based on technical arguments, not marketing arguments. Of course we want whatever we recommend to be something the market would use, but we don’t need to solve a problem simply because the market would buy the solution to the problem. There should be an actual problem to solve that is not already solved by an existing standard. That’s not the case here.
>> 
>> Huh? While I don't think the applicability text in the draft is done yet, the "Address Independence" and  "NPTv6 Applicability" sections already describe use cases that are not otherwise satisfied.
>> 
>> RFC 8678 is worth reading at this point, and the draft should certainly reference it.
>> 
>>     Brian
>> 
>> > 
>> > Op wo 20 mrt 2024 om 11:04 schreef IPv6 <ipv6@jima.us <mailto:ipv6@jima.us>>
>> > 
>> >     Ted,
>> > 
>> >     I don't think standardization is necessarily the implicit (or explicit?) endorsement that you're suggesting it is.
>> > 
>> >     Some vendors already offer more or less the functionality in question; some network operators will implement this whether or not there's a Standards-track RFC outlining it (assuming they're not already). Not having an official-ish RFC just means they might do it more poorly.
>> > 
>> >     Or they'll just do N:1 NAT/PAT/"NAT overload."
>> > 
>> >     Or they'll just announce provider-independent space from every site (this would be a different kind of bad).
>> > 
>> >     Or they'll just continue to not adopt IPv6, because it can't do the things to which they're accustomed on IPv4.
>> > 
>> >     Technical purity aside, I'd rather have the least-bad option for the internet at large.
>> > 
>> >     - Jima
>> > 
>> >     ________________________________________
>> >     From: Ted Lemon <mellon@fugue.com <mailto:mellon@fugue.com>>
>> >     Sent: Tuesday, March 19, 2024 7:43 PM
>> >     To: IPv6 <ipv6@jima.us <mailto:ipv6@jima.us>>
>> >     Cc: Nick Buraglio <buraglio@forwardingplane.net <mailto:buraglio@forwardingplane.net>>; IPv6 List <ipv6@ietf.org <mailto:ipv6@ietf.org>>
>> >     Subject: Re: [IPv6] Adoption call for draft-bctb-6man-rfc6296-bis
>> > 
>> >     Is that a use case that the IETF would recommend in a standards-track document, though? This is my point: it's not wrong to document this. What I'm suggesting is that we shouldn't standardize it. We should not, e.g., have 7084-bis recommending it. Or anything else.
>> > 
>> >     On Wed, Mar 20, 2024 at 10:34 AM IPv6 <mailto:ipv6@jima.us <mailto:ipv6@jima.us>> wrote:
>> >     Lack of imagination (or maybe cursed knowledge) doesn't mean it only solves a single problem. ;-)
>> > 
>> >     It also solves something of an edge case where a leaf site is numbered off of a core site's static address space, but needs selective local internet break-out for bandwidth-intensive workloads (which aren't desired to be backhauled through the core site).
>> > 
>> >     (Sorry if it sounds niche; I didn't invent this construct. -_- )
>> > 
>> >     - Jima
>> >     ________________________________________
>> >     From: ipv6 <mailto:ipv6-bounces@ietf.org <mailto:ipv6-bounces@ietf.org>> on behalf of Ted Lemon <mailto:mellon@fugue.com <mailto:mellon@fugue.com>>
>> >     Sent: Tuesday, March 19, 2024 19:19
>> >     To: Nick Buraglio <mailto:buraglio@forwardingplane.net <mailto:buraglio@forwardingplane.net>>
>> >     Cc: IPv6 List <mailto:ipv6@ietf.org <mailto:ipv6@ietf.org>>
>> >     Subject: Re: [IPv6] Adoption call for draft-bctb-6man-rfc6296-bis
>> > 
>> >     On Tue, Mar 19, 2024 at 11:32 PM Nick Buraglio <mailto:mailto <mailto:mailto>:buraglio@forwardingplane.net <mailto:buraglio@forwardingplane.net>> wrote:
>> >     Agreed, happiness should not determine success. From what I have seen (which is admittedly limited) moving from experimental to a "higher level" RFC is typically accompanied by something like a deployment status document, e.g. the SRv6 deployment status doc here https://datatracker.ietf.org/doc/html/draft-matsushima-spring-srv6-deployment-status <https://datatracker.ietf.org/doc/html/draft-matsushima-spring-srv6-deployment-status>
>> > 
>> >     I think it's really important  to distinguish between "this draft solves a problem" and "this draft solves a problem that can't be solved already" and "this experiment has succeed and we can promote the document to informational or standards-track."
>> > 
>> >     I think we can all agree that this draft solves a problem. I think it solves exactly one problem: allowing sites to keep stable internal addressing in the face of renumbering by ISPs and/or changing ISPs.
>> > 
>> >     However, this problem can be addressed the way 7084 currently solves it: by numbering the internal network with a stable ULA and hosting services on addresses within that ULA rather than on a temporary GUA provided by the ISP.
>> > 
>> >     Problems NPTV6 does not solve:
>> > 
>> >     * MHMP (although it solves some aspects)
>> >     * Internal address privacy
>> > 
>> >     So I don't actually think this document does anything useful for the Internet community. I don't mind that there is a document that describes NPTv6, but I don't think it should be standards track or informational, and I don't think IETF documents should normatively reference it.
>> > 
>> >     Regarding experiments, at least from a scientific perspective, an experiment needs to have a control group. If we wanted to know whether NPTv6 solved the problem in an easier way than dual ULA/GUA, we would want to set up an experiment where some sites continued to use IPv4, some used NPTv6, and some used ULA/GUA. As far as I know, no such experiment has been done, and no such comparison has been documented.
>> > 
>> >     I think the presentation Paulo has just done is the most interesting, but what we are not seeing is an answer to the question "how's it going, what problems do you have, etc."
>> > 
>> > 
>> > --------------------------------------------------------------------
>> > IETF IPv6 working group mailing list
>> > ipv6@ietf.org
>> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> > --------------------------------------------------------------------
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email