[Snac] Re: Handling multiple AIL-interfaces in a single SNAC router
Ted Lemon <mellon@fugue.com> Tue, 14 April 2026 18:26 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: snac@mail2.ietf.org
Delivered-To: snac@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id C6EF8DC302A4 for <snac@mail2.ietf.org>; Tue, 14 Apr 2026 11:26:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1776191202; bh=qwI2asY3itFmnbfgB6zXOh4AXKOQFB1MOxSX3KrrCyE=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=UwJ2Nh3mxqlZ9nRWHkASi3+/jb/JhRHXoDxC04GeyFp1XJT3Pp8bt+EfRypcWmcFO KJIMEYjGTnZTJOd0JqDR+GpvvutW9d5fYrTNpE8u5zZ6OlAG4lH5akos2X4HPZ4Qkf iVqaaVks0mmlSSqGRFI5DjXHFR0cpOZZwtC2PI58=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.799
X-Spam-Level:
X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=fugue.com header.b="pR84BSPg"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="b2495FAa"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZNd9h579nUWH for <snac@mail2.ietf.org>; Tue, 14 Apr 2026 11:26:42 -0700 (PDT)
Received: from fhigh-b7-smtp.messagingengine.com (fhigh-b7-smtp.messagingengine.com [202.12.124.158]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 46E0FDC2FEC5 for <snac@ietf.org>; Tue, 14 Apr 2026 11:26:24 -0700 (PDT)
Received: from phl-compute-08.internal (phl-compute-08.internal [10.202.2.48]) by mailfhigh.stl.internal (Postfix) with ESMTP id 7EA0B7A0116; Tue, 14 Apr 2026 14:26:17 -0400 (EDT)
Received: from phl-frontend-04 ([10.202.2.163]) by phl-compute-08.internal (MEProxy); Tue, 14 Apr 2026 14:26:17 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue.com; h=cc :cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm3; t=1776191177; x=1776277577; bh=bcv1JyjYpN0FKKCU849Qw03wVPvQRNkkW/YfCZUkhIA=; b= pR84BSPgHqWoJrgNxQuy/enl8dTQRrJSHR4T5+ujYf3r0rdTFLAVpe8pCJb9LRxJ bJ5gr7q0A1NTi3axgK9lCowdqvbqwS6UrpoyWRayimIiC+0JmkjfAX5VvLoxXp4k ja4aOFppPAPQcz1CRG6AGVSqBiY+k6DXgS4LStVvw6BtG3o5cGYu8Or3Cm6D8Iro XkaK1R8aqSGzfNot3chxlHpbtGay2urPjnlGcc81jshc8LPVF8FwL8gyrdLpnC4v VqMNih+aQ0aDxLi0qJRz6QI9kW745INDcqiJJDTiiRYQEJO/WyoUDbnMLKhGH/Wx /sSx/uTTWpPA3U0qgGB8Ig==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1776191177; x= 1776277577; bh=bcv1JyjYpN0FKKCU849Qw03wVPvQRNkkW/YfCZUkhIA=; b=b 2495FAa38R3S1aKvBZYNqXzaqmX5um8WIz3Vn0ynRUU3dokHzV6BJ1nvsGU15fjB 4BfvTsiku+7NWysAcEwnujwW4oGt9+lySvNKn9lJBBvN0qZ8L9hV3BhBV+HxgoUY mQ3d7P+f/TFveMMZ86Gqts6m4KiJPAId6fsuR+yImKSQLppiLBbVFhDJtD4FE5fY rhpo18PmJK5vYrQ0tgOvBWytYptOR9CEnqZHj1vGqLDpVn8UfvH+6G0tgvcpW/p9 NHwjTLaZXmqcJzkoyMdJ07mHJb66IEwY8K7uQzrJ1x7gjpaIZjYg3gWvqre7yMM+ 22/fZRsDkkXs78hiBFSGA==
X-ME-Sender: <xms:yIbeafHv7IxeONSNUU84QqOzZUJafRsh3r4oE3j7mAAHyINzcLVAKQ> <xme:yIbeaQqbOK5Od7FZMOenoWSIsZ7Tvqkz4VEkQQzE1LA1W7AApIsMZJ_-hMIY4uHEV G3HktYuiXYgkJfBBD-U0oqgL2aazXeuzQ6TMFgUHjU_CEoPOE0m1rQ>
X-ME-Received: <xmr:yIbeaQSyMX6T-4dejaVF_XgofwmiSv-XgMZK8me7hknTkIC5nnKQA-v7vhG-dkfzKei0qeDsr7kTchZvnSCTqtwWf_wseciX2oL8iA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefhedrtddtgdegudekkecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjug hrpegtggfuhfgjffevgffkfhfvofesthhqmhdthhdtjeenucfhrhhomhepvfgvugcunfgv mhhonhcuoehmvghllhhonhesfhhughhuvgdrtghomheqnecuggftrfgrthhtvghrnheple elkeeludelgfegvdegfedvhfethfdtfffftefgjeektdettdetuddvgfefvdeinecuvehl uhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhgvlhhlohhnse hfuhhguhgvrdgtohhmpdhnsggprhgtphhtthhopeefpdhmohguvgepshhmthhpohhuthdp rhgtphhtthhopehmtghrodhivghtfhesshgrnhguvghlmhgrnhdrtggrpdhrtghpthhtoh epvghskhhordguihhjkhesihhothgtohhnshhulhhtrghntgihrdhnlhdprhgtphhtthho pehsnhgrtgesihgvthhfrdhorhhg
X-ME-Proxy: <xmx:yIbeaVNbmqZ5qLRdHRE1rFQrdjgomJIJlMW7Ki0YjEuAfQI5H39-cA> <xmx:yIbeabN8x_wc4HVgh8Xu8zHNXlS0op63IZNPyxZf85nqd6aCjzP15A> <xmx:yIbeadttx_KFzsSieuo94FdX-dL2qQbHTWIPAufe4Mx9aUGVuBRFBA> <xmx:yIbeadUD4iW4yUOmS-9r2uwSOZquORe4vhn6_4AnpPLLBeNAm_Pz7A> <xmx:yYbeaaRxswc9EndRrIXMZXEbKAKxud0K4OfjpUxL0j99wKliA9_JdrEM>
Feedback-ID: i1136489e:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 14 Apr 2026 14:26:16 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3884.100.10\))
From: Ted Lemon <mellon@fugue.com>
In-Reply-To: <10707.1776190647@obiwan.sandelman.ca>
Date: Tue, 14 Apr 2026 20:26:04 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <0996D724-943D-488A-ABC0-0D7848B4F099@fugue.com>
References: <ed392ae6-8127-451d-a25d-0f273c49e2b9@iotconsultancy.nl> <3140.1776107801@obiwan.sandelman.ca> <5872bff2-1b82-4f44-9656-544a91d6dc92@iotconsultancy.nl> <10707.1776190647@obiwan.sandelman.ca>
To: Michael Richardson <mcr+ietf@sandelman.ca>
X-Mailer: Apple Mail (2.3884.100.10)
Message-ID-Hash: ETGW4GSI4GVKRFCK6EVYKQVTQ7WKCI6D
X-Message-ID-Hash: ETGW4GSI4GVKRFCK6EVYKQVTQ7WKCI6D
X-MailFrom: mellon@fugue.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Esko Dijk <esko.dijk@iotconsultancy.nl>, "snac@ietf.org" <snac@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Snac] Re: Handling multiple AIL-interfaces in a single SNAC router
List-Id: "Mailing list for discussing problems relating to the automatic connection of stub networks to existing infrastructure networks. " <snac.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/snac/CpsQJnklGhUSrqufhshaC3qfGps>
List-Archive: <https://mailarchive.ietf.org/arch/browse/snac>
List-Help: <mailto:snac-request@ietf.org?subject=help>
List-Owner: <mailto:snac-owner@ietf.org>
List-Post: <mailto:snac@ietf.org>
List-Subscribe: <mailto:snac-join@ietf.org>
List-Unsubscribe: <mailto:snac-leave@ietf.org>
The SOHO case you refer to is precisely what snac-complicated is supposed to address, so definitely out of scope for snac-simple.
> On 14 Apr 2026, at 20:17, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>
>
> Esko Dijk <esko.dijk@iotconsultancy.nl> wrote:
>> On 4/13/26 21:16, Michael Richardson wrote:
>>>> router can have multiple AIL interfaces, hence connections to multiple
>>>> AILs. This is written in various places in the draft. Ted suggested
>>>
>>> Are/do these multiple AILs link up to a single ISP/Infrastructure router?
>>> Or different ones?
>
>> The common case will be the same CE router, connected to the same ISP: this
>> is a Wi-Fi plus Ethernet case.
>
> Unless this CE is one of mine, wouldn't the WiFi and Ethernet be bridged by
> the CE, so it's really all one AIL in that case?
>
>> Another, not so common case is when a user has connected the two interfaces
>> to different ISPs. For example, user has a Wi-Fi travel router used as an
>> "internet backup" for cases when the regular ISP (accessed preferably via
>> e.g. Ethernet) fails. Hotspot is turned on. Then, the SNAC router sees the
>> SSID appear, connects via Wi-Fi, and finds IPv4 and/or IPv6 internet
>> connectivity via that AIL. Its internet access now should be routed via the
>> Wi-Fi AIL while the discovery of IoT devices or printers etc. on the Ethernet
>> AIL should still continue.
>
> Okay, I accept this.
>
> I guess I'd think it was more sensible to plug the travel router into my LAN,
> where the existing CE would bridge it to the existing WiFi, bringing all my
> house back online. Of course, that results in dualing DHCPv4 servers, but
> IPv6 ought to work fine. The existing CE *ought* to withdraw it's GUA v6
> prefixes via a zero-lifetime RA when it sees it has no uplink.
> Of course, if it's the CE that fails, then the bridging won't work, OTH, there won't
> be dualing DHCPv4 servers.
>
> {I don't know if any actually do. For me, that would be undesired, as I'd
> lose local routing during the three-times weekly outages of PPPoE
> thanks to incumbent telco incompetence (aka enemy action IMHO. I'm not with
> incumbent telco, but they "own" the wires, and control the PPPoE PAD redirector)
> Mind you, I use a statically delegated v6-prefix rather than a PD
> one... because PD wasn't implemented when we started. I actually get a PD
> one too, but ignore it.}
>
>> In both cases, the SNAC router has 2 AILs active at the same time so it's not
>> an either-or situation.
>
> We did go through this (multiple-uplinks, multiple CE) extensively in HOMENET
> ages ago, and this certainly was a situation which a lot of people cared
> about. But, still not fully solved.
>
>>> So my Thread doorbell ("stub network client") that wants to *print* the
>>> picture it took, can look up printer.local, and this turns into multiple mDNS
>>> queries, one on each AIL?
>>> Is that what this means?
>
>> Yes, so the printer can be found on either AIL (e.g. Wi-Fi or Ethernet). And
>> on either IPv4 or IPv6.
>
> If the SNAC router is the only device connected to both AIL, is it doing
> enough DNS-SD and/or mDNS collision helping so that the two printer.local
> have found themselves unique names? Like, what if there are answers from
> both AIL?
> Or maybe this is all really irrelevant to SNAC?? (... as the doorbells should just
> use the printers in the nearby ICE van)
>
>>>> We may decide to either tackle these details, or update the draft to limit
>>>> the scope to a single AIL only.
>
>>> I think the scope should be limited. This is snac-simple, and I thought it
>>> was done. Maybe some thinking goes into snac-many-garlic (AIL = French for Garlic)
>>> such that if we go there, it doesn't break something else.
>
>> Simple as in 1 AIL sounds good here. In botanical French and older recipes,
>> apparently multiple ail is written as "aulx". (Les aulx.) Not so simple!
>
> aulx. . o O ( "C> COPY myletter.txt AUX:" ... Amiga could do same. )
>
>> Some considerations why 1 AIL may be a perfectly fine limitation:
>
>> - for the common case of Wi-Fi + Ethernet and same ISP, the CE router may be
>> already doing the bridging of the links or the proxying of mDNS between
>> links. So if the SNAC router only uses Ethernet for discovery, it will also
>> find a service/host on Wi-Fi.
>
> +100
>
>> - vendors may extend SNAC-simple with their own solution for multiple AILs
>> (as Ted commented on the Github issue), even when SNAC-simple doesn't
>> define that.
>
> okay.
> I also wonder about multi-tenant Small-Office IoT situations.
> Like, the hair dresser and talent agent occupy the front and back of a
> streetfront, but do not share Internet with the web designer/building owner
> who lives upstairs. But, they all should be able to adjust lighting, heat,
> and the like. Being reasonable friends, there are no authorization
> complexities. (No they don't share printers, there is no routing)
>
> So they get the highend SNAC-router that can plug into three AIL,
> perhaps via USB ethernets. That seems like a reasonable thing to me.
>
> From what I am understanding there is nothing that keeps the SNAC-router from
> offering it's generated ULA on more than one AIL. There are probably
> subtle complexities when one AIL has an infrastructure v6 prefix and another
> does not.
> And... first PD wins with hystersis to avoid frequent renumbers of the Stub
> Network? Does the delegated prefix from AIL-1 get RIO's onto the other AIL?
>
>> - for the case of Ethernet + "backup Wi-Fi" earlier in my mail, the discovery
>> only has to work on one AIL (Ethernet) not on the other because typically
>> there's nothing to discover there. (Think phone Wi-Fi hotspot with client
>> isolation.)
>
>> - two Ethernet "uplink" / AIL ports is very rare for a non-CE-router device
>
> +1
>
> I'm not hearing a huge argument for new text for snac-simple.
> It's been enough months since I've been immersed in the document, that I am
> having to go back to make sure I'm using the right terms.
>
> --
> Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting )
> Sandelman Software Works Inc, Ottawa and Worldwide
>
> ** My working hours and your working hours may be different. **
> ** Please do not feel obligated to reply outside your normal working hours **
>
>
>
>
> --
> Snac mailing list -- snac@ietf.org
> To unsubscribe send an email to snac-leave@ietf.org
- [Snac] Handling multiple AIL-interfaces in a sing… Esko Dijk
- [Snac] Re: Handling multiple AIL-interfaces in a … Michael Richardson
- [Snac] Re: Handling multiple AIL-interfaces in a … Esko Dijk
- [Snac] Re: Handling multiple AIL-interfaces in a … Ted Lemon
- [Snac] Re: Handling multiple AIL-interfaces in a … Esko Dijk
- [Snac] Re: Handling multiple AIL-interfaces in a … Esko Dijk
- [Snac] Re: Handling multiple AIL-interfaces in a … Michael Richardson
- [Snac] Re: Handling multiple AIL-interfaces in a … Michael Richardson
- [Snac] Re: Handling multiple AIL-interfaces in a … Ted Lemon
- [Snac] Re: Handling multiple AIL-interfaces in a … Esko Dijk
- [Snac] Re: Handling multiple AIL-interfaces in a … Ted Lemon