IETF Logo Mail Archive

Re: [v6ops] Implementation Status of PREF64

Owen DeLong <owen@delong.com> Wed, 29 September 2021 01:49 UTC

Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 673BE3A19FB for <v6ops@ietfa.amsl.com>; Tue, 28 Sep 2021 18:49:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=delong.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lGlsLU5C9CoR for <v6ops@ietfa.amsl.com>; Tue, 28 Sep 2021 18:49:15 -0700 (PDT)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id C8F793A19FA for <v6ops@ietf.org>; Tue, 28 Sep 2021 18:49:15 -0700 (PDT)
Received: from smtpclient.apple ([IPv6:2607:fb90:a63f:7ae4:b4a8:d5b9:e50d:fe12]) (authenticated bits=0) by owen.delong.com (8.16.1/8.15.2) with ESMTPSA id 18T1n4Cn1863464 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 28 Sep 2021 18:49:14 -0700
DKIM-Filter: OpenDKIM Filter v2.11.0 owen.delong.com 18T1n4Cn1863464
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delong.com; s=mail; t=1632880154; bh=1wf7W+gvFg5bd2vbmD3sKEHY7QLFL9fZvQ01Ruca/eE=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=5PLtIYJAVnBgARPqLZ9N0cVUO6EGfo3aj7Gh/Ab30VG7wO35OPwX7mFvu2T6Yy21Q KNyK04GNGEXGInyCx4BlVu2MTGSw1n8sxX7G0GudP7AdGXKVwAHDxroRlBlnKlit6y Lfi0WUTI1dgLu95inu5u03kzMpa3g8B+QF+GN57o=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
From: Owen DeLong <owen@delong.com>
In-Reply-To: <m1mVItl-0000GuC@stereo.hq.phicoh.net>
Date: Tue, 28 Sep 2021 18:49:04 -0700
Cc: v6ops@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <21FB3E04-D007-4940-9B1A-C7EA97DE40D6@delong.com>
References: <CAN-Dau2in52xSUkqKEXu=2AAiR4O_jLhna7hY-hshYDORfGtcQ@mail.gmail.com> <CAMGpriWFp4JPtqDK5tEj1RkS-SzEfvscfUUnxgK+o6qP2pusRA@mail.gmail.com> <6E95834D-12B3-447B-8326-8EDE9DC6FFB1@delong.com> <CAO42Z2zA-4cK489nxKsWUN8vvU0eAiz-jS0e-_eWPg+OmP8wLw@mail.gmail.com> <DDA36020-90CC-471B-83AD-3D98950F1164@delong.com> <CAO42Z2wdoSdJDOB2Zo0=ZK0ecOARRsdg2nbHZGSDOhryPbLfDw@mail.gmail.com> <F2BD0A42-E9AD-45DD-999A-638E73BE1177@delong.com> <CAKD1Yr2K3Gd3JD=NJFOoH6GYgs-8ACxRQB9-sKJ7cbF4_hxsow@mail.gmail.com> <0B533C71-5DB0-410D-A5A3-7E8FD559F214@delong.com> <CAKD1Yr3NoYfNT7+OVJoCCdgdif6AHHw29tNCPttS=-NuRZKv3w@mail.gmail.com> <5FAD5290-3616-4194-B783-D473DB38A89A@delong.com> <m1mVGC6-0000HSC@stereo.hq.phicoh.net> <D6620D7C-8FE8-4294-8014-AB18A230C9C7@delong.com> <m1mVItl-0000GuC@stereo.hq.phicoh.net>
To: Philip Homburg <pch-v6ops-10@u-1.phicoh.com>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (owen.delong.com [IPv6:2620:0:930:0:0:0:200:2]); Tue, 28 Sep 2021 18:49:14 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/3g6QK-5ZeQfSY8Ov_2ui6xeuTZo>
Subject: Re: [v6ops] Implementation Status of PREF64
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Sep 2021 01:49:22 -0000


> On Sep 28, 2021, at 12:36 PM, Philip Homburg <pch-v6ops-10@u-1.phicoh.com> wrote:
> 
>> With SLAAC, you can begin advertising an additional prefix right
>> now.
>> 
>> You cant get rid of the old one so fast, you have to wait for the
>> timers to expire.
> 
> Indeed I was sloppy. In addition to adding a prefix right now, you can 
> also deprecate the old prefix without waiting for timers to expire.

Sort of… You can end the preferred lifetime right away and shorten the valid
lifetime significantly.

> The net effect is that new flows use the new prefix right away, but the old
> prefix can be used for 2 hours longer. So timers are limited to 2 hours.

Yes, you can shorten the valid timer to 2 hours, but it’s 2 hours from the last
time you advertised the prefix in an RA.

> If I remember correctly, there was a draft in 6man that tried to change that
> for dealing with flash renumbering. But other parts of the draft got too
> complex and the draft seems to have stalled.

It’s also a wonderful attack surface if you can forge an RA that will shut
down a network.

>> Yes, but actually, this is more effective, also as the DHCP
>> reconfigure will also be able to deprecate the previous address
>> immediately if needed.
> 
> True. Though I don't want to bet on every IoT device implementing reconfigure.

Fair enough, I wouldn’t want to, either. OTOH, I am much more willing to accept
IoT devices sticking around on the old prefix for a bit longer than most other
things.

> In any case, for a very large part of internet traffic it is important that
> new flows use the new address. Many applications agressively kill flows that
> don't seem to make progress so there no real need to wait for the old
> addresses to disappear.

Yes, that’s a common workaround for the poor real world relationship to some
aspects of the specification.

Nonetheless, there are environments where SLAAC is great and environments where
DHCPv6 is a better choice at least in the opinion of those that make the decisions
for those environments.

Lack of Android DHCPv6 support is stalling IPv6 deployment in some of those cases.

Owen

v2.23.0 | Report a Bug | By Email