IETF Logo Mail Archive

Re: [v6ops] draft-troan-v6ops-extending-network-reqs

"Delong.com" <owen@delong.com> Tue, 10 October 2023 23:58 UTC

Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D620CC14CE31 for <v6ops@ietfa.amsl.com>; Tue, 10 Oct 2023 16:58:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=delong.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3bZtjPv-z3XN for <v6ops@ietfa.amsl.com>; Tue, 10 Oct 2023 16:58:13 -0700 (PDT)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id 22F8CC14CE29 for <v6ops@ietf.org>; Tue, 10 Oct 2023 16:58:11 -0700 (PDT)
Received: from smtpclient.apple (75-10-5-143.lightspeed.sntcca.sbcglobal.net [75.10.5.143]) (authenticated bits=0) by owen.delong.com (8.17.1/8.15.2) with ESMTPSA id 39ANvvxc3249969 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Oct 2023 23:57:57 GMT
DKIM-Filter: OpenDKIM Filter v2.11.0 owen.delong.com 39ANvvxc3249969
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delong.com; s=mail; t=1696982278; bh=cb6b4mZavcUWyrB5lusaMm119IOKabkb5L5ogPqMDkk=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=JDZ6W0cx3AuNjRg7juoir6RKzb3zvdkCkmgkJqxtXCvb21vMIe7u5IKa1lMyevge7 yAMjyBqWK+0cypn1mDRrnv0McbN7NvuCA4MhcySVFuitvXcA54H0A1pVXpndeTN2eZ YqfbdYRbdQVUa7kxJLi7LUhyOTfz8qmMSGfmD7gE=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
From: "Delong.com" <owen@delong.com>
In-Reply-To: <38943642-82ab-64cf-12d3-51066fb5fc44@gmail.com>
Date: Tue, 10 Oct 2023 16:57:46 -0700
Cc: Ole Troan <otroan@employees.org>, Lorenzo Colitti <lorenzo@google.com>, "v6ops@ietf.org list" <v6ops@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <6E609BA6-894B-43D7-87F5-5B90763834A7@delong.com>
References: <E22E8DF1-2CDD-4937-B887-9D4C240313B6@employees.org> <CAKD1Yr1icNF=5j2sebUJFyGV=Mjuh=scLPJ05rL9Mjp_8oFcaA@mail.gmail.com> <2AAD988F-9F6C-414A-9905-024638BEF018@employees.org> <38943642-82ab-64cf-12d3-51066fb5fc44@gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
X-Mailer: Apple Mail (2.3731.600.7)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (owen.delong.com [192.159.10.2]); Tue, 10 Oct 2023 23:57:58 +0000 (UTC)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/BwO4epfsBXclhCSPZX2P_p25Pec>
Subject: Re: [v6ops] draft-troan-v6ops-extending-network-reqs
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Oct 2023 23:58:17 -0000

Yes please, ideally with a comment to the effect that “Any of the mechanisms which do not provide complete end-to-end address transparency and connectivity should be considered sub-standard and implemented only in circumstances where no better alternative exists.”

Owen


> On Oct 10, 2023, at 13:45, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
> 
> Ole,
> 
> To avoid a polemic here, maybe the draft should draw a clear line between solutions that do preserve e2e addresses and those that don't, with a note that the latter bring with them some or all of the documented issues with NAT. The topic is nicely described at https://www.rfc-editor.org/rfc/rfc6296.html#section-5 and of course in RFC 2993.
> 
> Regards
>   Brian Carpenter
> 
> On 10-Oct-23 19:00, Ole Troan wrote:
>>> The draft completely ignores IPv6's ability to provide global end-to-end connectivity.
>> The document tries to describe how an extending node can achieve (some level) of connectivity “no matter what”. The intention is to provide an ordered list of mechanisms. Where of course NAPT66 is quite close to the bottom.
>>> 
>>> It does not cite it as a goal or, AFACIT, even mention it at all. This is a major problem I think. As an example, this line of thinking leads to the statement that the only mechanism that is guaranteed to work is NAPT66 because it's self-similar, and provides infinite extension. I wouldn't agree that it "works". Yes, it provides infinite extension. But it only provides infinite extension of partial connectivity. There's no advantage to doing that. We might as well provide the extended devices only with IPv4 connectivity. At least IPv4 stacks and applications are used to having to work around NAT, unlike IPv6 applications.
>> IPv6 applications also need to deal with NAT. That unfortunately happened with NAT64. And there are other use cases in IPv6 where some sort of identifier / locator split is required.
>> For some use cases NAPT66 is an acceptable tradeoff. It’s an operational choice.
>> It certainly gives good enough connectivity to set up a tunnel which a more transparent service can be provided over.
>>> I don't think we should publish anything about mechanisms that don't provide end-to-end connectivity, except maybe to discourage their use. They are great from a network operator perspective, but very painful for application developers.
>> I’d much rather we described it so we have some hope of deterministic behaviour from extending hosts.
>>> The draft tries to separate the mechanisms to extend the network from the mechanisms used to assign addresses. But I suspect that once we factor in the need (or even just the desire) to factor in end-to-end connectivity, those two can no longer be separated. For example: does DHCPv6 prefix delegation provide end to end connectivity? There is no way to answer that without knowing how addresses are assigned downstream. Delegating a /126 to a device that wants to share connectivity with two other devices does. Delegating it to a device that wants to share connectivity with 8 devices doesn't.
>>> 
>> Yes, we may not quite have found the right way of representing the various dimensions.
>> Which mechanism is used upstream is to independent of which mechanism is used to assign addresses, and also independent of how the networks is further extended.
>> That said, if we take a DHCPv6 PD network. There are some benefits of flat delegation. In that each level of extension asks for the individual links it needs numbered from a central DHCPv6 server, instead of a hierarchal delegation. When the flat model “stops”, some of these other mechanisms will have to come into play though.
>> Cheers,
>> Ole
>> _______________________________________________
>> v6ops mailing list
>> v6ops@ietf.org
>> https://www.ietf.org/mailman/listinfo/v6ops
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops

v2.43.4 | Report a Bug | By Email | System Status