Re: [v6ops] draft-xiao-v6ops-nd-deployment-guidelines

[Chongfeng Xie <xiechf@chinatelecom.cn>]

Hi，Xipeng,

I put forward some comments after reading your draft, but it does not mean that this draft should be  revised immediately. This draft is about deployment, my personal understanding is that it is mainly for network operator or enterprise who operator their own network.
 
Since ND process of first-hop is usually included in other mechanisms, such as the interaction between CPE and BNG, it is usually paid less attention in network deployment. The problems caused by ND at the edge of the network are often underestimated, actually they should be given attention. This draft puts forward the idea of host isolation for this problem, which is a supplementary enhancement to the existing IPv6 deployment, the subject is valuable.
 
For the illustration of issues of first-hop ND in section 2, it is recommended to be combined with the network scenarios of operators, such as mobile network, fixed network or data center network etc., and analyze of the ND problems in different scenarios, which may be more intuitive to operators.
 
In section 3, 
    -3.1 and 3.2 do not seem to have the same dimension as other parts. 3.1 and 3.2 is based on scenarios, while others focus on solutions. In addition, both 3.1 and 3.2 mention assigning an independent IPv6 address prefix to each host, but 3.3 also talks about “Unique IPv6 prefix per host”, it is ok to put this point is 3.3 from the perspective of solutions. Therefore, I propose to move 3.1 and 3.2 from this chapter to section 2, the remaining chapter focuses on the illustration of ND solutions.
   -SAVI is mentioned in 3.10, RA guard is used to prevent fake RA messages. SAVI is mainly used to prevent fake source IP address on the access side, not to solve the problem of ND, so it is recommended not to list it here.
 
4.5 describes deployment guidelines from the perspective of different schemes, I think it is better from the perspective of different deployment scenarios, for example, in the mobile network scenario, the section can give network operators guidelines how to choose different isolation methods and considerations. In addition, considering the importance of this part, it is suggested to take it as a separate chapter, such as Chapter 5.
 
Section 4.6 is about the impact of host isolation mechanism on other protocols. This part does not seem to be the same dimension as other parts of section 4, and it is suggested to be a separate chapter or put into other sections.

Best regards
Chongfeng




xiechf@chinatelecom.cn
 
From: Xipengxiao
Date: 2022-06-27 22:19
To: xiechf@chinatelecom.cn; fredbaker.ietf; list
Subject: RE: Re: [v6ops] draft-xiao-v6ops-nd-deployment-guidelines
Hi Dr. Xie,
 
Thanks for your review and comments on the draft.   Please see my reply in line.  
 
From: xiechf@chinatelecom.cn <xiechf@chinatelecom.cn> 
Sent: Monday, June 27, 2022 3:26 PM
To: Xipengxiao <xipengxiao@huawei.com>; fredbaker.ietf <fredbaker.ietf@gmail.com>; list <v6ops@ietf.org>
Subject: Re: Re: [v6ops] draft-xiao-v6ops-nd-deployment-guidelines
 
Hi， Xipeng,
 
In section 5, there is the following statement,
             
      "MBB and FBB will end at Step 1.a: isolating hosts in L2 and in subnet, with MBBv6 as the solution with SLAAC and FBBv6 as the solution with DHCPv6, respectively;"
 
I have two questions,
What are the fist-hop in MBB and FBB respectively? As far as I know, in FBB, the link from user terminal to the edge equipment, such as BNG, comprises two segments, the segment from user terminal to home gateway and the segment from home gateway to the BNG.  But In MBB, generally there is only one hop between user terminal and the edge of the network, such as PGW/UPF,  in some cases, the mobile user terminal may play a hotsport to provide access service to other termianls.  I think the illustration of the ND solution should be in combination with the network architecture.
 
XiPeng: first-hop is between the “host” and the “router”.  In MBBv6/FBBv6, the “router” is the PGW/BNG while the “host” is the UE/routed RG.  You are right that the laptop and the routed RG also form  a first-hop.  We consider it as the first-hop of the homenet.
 
2) The second question may be related to the first one, why MBBv6 uses SLAAC but FBBv6 use DHCPv6, for the  isolation hosts in L2 and in subnet? As far as I know, SLAAC has been widely used in FBB too, and it can allocate different prefixes for different users, so as to provide some kind of isolation.
 
XiPeng: you are right again. SLAAC can also be used in FBBv6, but many FBBv6 deployments use DHCP PD.   
 
Again, we are going to post a new version this week.  Please wait and review the new version.  Thanks.
 
XiPeng 
 


xiechf@chinatelecom.cn
 
From: Xipengxiao
Date: 2022-06-27 06:43
To: Fred Baker; v6ops list
Subject: Re: [v6ops] draft-xiao-v6ops-nd-deployment-guidelines
Hi folks,
 
We will post another new version this week.  Please wait for that.  Thank you.
 
XiPeng 
 
From: v6ops <v6ops-bounces@ietf.org> On Behalf Of Fred Baker
Sent: Sunday, June 26, 2022 8:00 PM
To: v6ops list <v6ops@ietf.org>
Subject: [v6ops] draft-xiao-v6ops-nd-deployment-guidelines
 
With this email, let me invite commentary on draft-xiao-v6ops-nd-deployment-guidelines. Please read the draft and raise any issues you might have with it.