IETF Logo Mail Archive

Re: [v6ops] cpe-slaac-renum: Proposed text for prefix lifetimes

Fernando Gont <fgont@si6networks.com> Wed, 08 April 2020 15:12 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 661DF3A0B64 for <v6ops@ietfa.amsl.com>; Wed, 8 Apr 2020 08:12:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gc2IqdsJ3b5V for <v6ops@ietfa.amsl.com>; Wed, 8 Apr 2020 08:12:33 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C0C8C3A0B59 for <v6ops@ietf.org>; Wed, 8 Apr 2020 08:12:33 -0700 (PDT)
Received: from [192.168.0.10] (unknown [181.45.84.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 61D77803F8; Wed, 8 Apr 2020 17:12:31 +0200 (CEST)
To: "Bernie Volz (volz)" <volz@cisco.com>, IPv6 Operations <v6ops@ietf.org>
References: <77a84b82-716d-e754-9317-8876af5e49db@si6networks.com> <BN7PR11MB25476F9CFCF4967FF15CF466CFC00@BN7PR11MB2547.namprd11.prod.outlook.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <ee804685-51ca-cab4-8040-0a8fd494285f@si6networks.com>
Date: Wed, 08 Apr 2020 12:12:21 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <BN7PR11MB25476F9CFCF4967FF15CF466CFC00@BN7PR11MB2547.namprd11.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/2WyqrH__CKpplPG9dVfSwxcn9Kw>
Subject: Re: [v6ops] cpe-slaac-renum: Proposed text for prefix lifetimes
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2020 15:12:36 -0000

On 8/4/20 11:57, Bernie Volz (volz) wrote:
[...]
> 1. One reason to cap the lifetime(s) in the CPE for RAs is that while the SP could adjust the lifetimes, that has a direct impact on the amount of DHCPv6 traffic as reducing the preferred lifetime will cause the renewals to occur more frequently. That is one reason why SPs do not use short preferred lifetimes. (Some SPs have many millions of CPEs.)

Agreed. Maybe one might add a sentence about this?



> 2. I do wonder whether leaving the valid lifetime alone is better than playing with both lifetimes. For most applications that don't require long lived addresses, it achieves the desired effect. For those that want long lived addresses, it allows for that (if case of outages longer than the capped valid lifetime) -- and if the application decides to try for a new address, it will use one in a new prefix if one was advertised.

Reality is that, once you have an outage of over 15', all your TCP 
sessions will be aborted, anyway. So having long valid lifetimes will 
not buy you anything in that respect.

In that sense, you'd be well enough with a Valid Lifetime of 2 * Router 
Lifetime.

The reason why we left the Valid Lifetime to a rather long value (1 day) 
is mainly for the case where you want to use such prefix for local 
communications.

However, strictly speaking, you should be using link-locals for that 
(but I realize there are issues associated with the fact that they 
require an interface to be specified along with the address) or, better, 
you should be using ULAs.

I guess, if one wanted a finer-grained recommendation, one might unfold 
the recommendation for GUAs vs. ULAs. With GUAs, you want more timely 
information. With ULAs, you don't really care that much, because it's 
local addressing (isolated from your ISP).


Going back to your orignal comment: if you don't do garbage collection 
(i.e. reasonable Valid Lifetime) on your prefixes/addresses, then that 
means you wouldn't be able to communicate with the new "owner"/user of 
the prefix -- because you consider that prefix to be local/on-link.
I'm not saying that I think there's a lot of chances that you might 
need/want to communicate with the new user of the prefix. But if for 
some reason (plain bad luck? :-) ) you needed, then you couldn't.

(that's why you don't want one-month valid lifetimes for PIOs)

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email