IETF Logo Mail Archive

Re: [v6ops] Why should IP networks be different? [DHCP Option 108 Issue with Mac and iOS devices]

Ivan Pepelnjak <ipepelnjak@gmail.com> Wed, 03 January 2024 08:08 UTC

Return-Path: <ipepelnjak@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA080C14CF1A for <v6ops@ietfa.amsl.com>; Wed, 3 Jan 2024 00:08:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pks-RsrUT0uZ for <v6ops@ietfa.amsl.com>; Wed, 3 Jan 2024 00:08:16 -0800 (PST)
Received: from mail-wm1-x32d.google.com (mail-wm1-x32d.google.com [IPv6:2a00:1450:4864:20::32d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 375ACC14CF15 for <v6ops@ietf.org>; Wed, 3 Jan 2024 00:08:16 -0800 (PST)
Received: by mail-wm1-x32d.google.com with SMTP id 5b1f17b1804b1-40d88724fb9so26315525e9.3 for <v6ops@ietf.org>; Wed, 03 Jan 2024 00:08:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1704269294; x=1704874094; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=3Gj1Xp4kjhxJ9IfHTOL93/GXY4FSj8sBIzpAQG4ERkA=; b=VhMuYBi4hyqk2IrakMgr0gLW6OPum/r5GvoFS6lnbfkqKY2o8zr3N6i1hiUqcq7uzr JKClvDH3gtNxqvk0ITU3pc6wovpmIx79iw1H1Ek2Q/1AKYVvHTsv3d7t9/79NaUg7KN9 m/GkYEhcKZ+09ez341ur2i1P2cOPvhqYFR3Q1xV6bHW5tpbv3Fy6wXu5HuUUI5yNw1Tj kB8nUhrwRtEP/lSuK4MwQMjbntwTTVV8ZqK+XbYRUcBZsYqXHzTylyCfK4+2y3gzBPtd hTZG6C2w0AlSibuXFt+KGBb5g3IRChOG4m8YE7O8MdoFVHJQ+XxubDeeNMYqEWvXYX3C 4LFw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704269294; x=1704874094; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=3Gj1Xp4kjhxJ9IfHTOL93/GXY4FSj8sBIzpAQG4ERkA=; b=YAqBA7md9GzqNbtj1Hs4hEzL1dOhDlRjBBxy73QiIOl5ys42cpjWD0lYQLLkZN6mrm bucPKmxm7e0fi9v946xGvyWLRZzcAYL4mj3gaH+zsXwm06ce256QHnnF5sIMhxaM75BI 9EZ0oc87+e/pbzp1RBaQxYLgnRXlV6M2KHOwIGfnoYh3I585WDLY5HuPD6LdDVIBOOFo oJtxUSKOXTwPBynFPP7cd77mix+Nt8C0H7IW45d4v8l4UzjvtIwR86VJFkGP0v15pOj8 L2qizlLn/ILL62wUUcrRVJZi4r6gr6Sd9XY0KM9Qe84anYZ308i4UBR+A5xYnTyMSEd+ iL5Q==
X-Gm-Message-State: AOJu0YwxTSFZ0owdHMb8cB1wf/gyYfI0a/shwuAPQYma65/Dtbo5moyz TLDiS2cGCUB++aw3ctUuLz4xhe8LpdhaMA==
X-Google-Smtp-Source: AGHT+IEn2t/yJYWDVeI+XAySKv894dSEbg1q9FIfuySIT5TFTQfS3nlUvVg5gpqldze1gz9zRgYQ0A==
X-Received: by 2002:a05:600c:3115:b0:40d:8919:bebc with SMTP id g21-20020a05600c311500b0040d8919bebcmr2340104wmo.159.1704269294238; Wed, 03 Jan 2024 00:08:14 -0800 (PST)
Received: from smtpclient.apple (BSN-142-170-80.static.siol.net. [89.142.170.80]) by smtp.gmail.com with ESMTPSA id b12-20020adff90c000000b00337405c06a6sm6708977wrr.48.2024.01.03.00.08.13 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 03 Jan 2024 00:08:13 -0800 (PST)
From: Ivan Pepelnjak <ipepelnjak@gmail.com>
X-Google-Original-From: Ivan Pepelnjak <IPepelnjak@gmail.com>
Message-Id: <412C8477-4346-4053-834A-C5CFDEC271ED@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_4938747A-1EF4-4B29-A01B-9EF68AC7823B"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\))
Date: Wed, 03 Jan 2024 09:08:12 +0100
In-Reply-To: <CACMsEX_PgTJX-inSAaHpp-zXVZG3keEg3mSAXQN+dcdjUTHRZw@mail.gmail.com>
Cc: v6ops list <v6ops@ietf.org>
To: Nick Buraglio <buraglio@forwardingplane.net>
References: <8e5c38d1-b945-d727-12ad-2d32cb279c4f@gmail.com> <1A286541-4F15-40BE-BEBE-F339581E558F@delong.com> <CAPt1N1=+igiKPUwduqAGnGaS=pHAtUVFo4NdFRK2TK_j8d7=Cw@mail.gmail.com> <CACMsEX_PgTJX-inSAaHpp-zXVZG3keEg3mSAXQN+dcdjUTHRZw@mail.gmail.com>
X-Mailer: Apple Mail (2.3731.700.6)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/3NA1-jupvz8NjOw3xHOZxci7E1c>
Subject: Re: [v6ops] Why should IP networks be different? [DHCP Option 108 Issue with Mac and iOS devices]
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jan 2024 08:08:16 -0000

Thanks a million for the great summary Nick! While I agree with most of what you wrote, you got into a Catch-22 situation:

> Folks see a need for tracking a device to a user with IPv6. - I get
> this, I hear the same thing frequently. The commentary slides around
> from a simple need to associate a hardware address with a layer 3
> address to a full on mapping of user to device with a strong
> preference by some to simply mimic what IPv4 does up to and including
> state synchronization and redundancy of operations.
> Personally, I don't think it is realistic to assume that we should
> simply replicate something that exists already. We should aim for
> whatever it is to be better and to address any shortcomings. I am very
> excited about draft-ietf-dhc-addr-notification and prefix-per-device
> as a solution set for most of what is discussed here.

Let me point out that "prefix-per-device” is even worse (from the supporting infrastructure’s perspective) than a mechanism we already have (DHCPv6 IA_NA). Not only is the state tracked on the DHCPv6 server, but it also needs to be tracked on the first-hop router (a route for the delegated prefix), and potentially redistributed into the rest of the network. I’m obviously assuming the sane scenario, not devices that grab dozens of IPv6 addresses just because that was convenient to whoever didn’t want to write a bit of an orchestration code to support the in-device networking.

Maybe we should stop pretending that additional layers of abstraction will solve the problem, and address the elephant in the room — continuous denial of enterprise reality by a single OS vendor.

Note to everyone else (because I’m sure Nick gets that): please don’t tell me how devices with 8K of RAM and 8-bit CPUs running at 4 MHz cannot do DHCPv6. Everyone gets that, and nobody in their right might would connect those devices to the same network as everything else as they probably contain a gazillion other shortcuts (like burned-in admin passwords).

On a more positive note, wish you a happy IPv6-enabled 2024!
Ivan

v2.23.0 | Report a Bug | By Email