Re: [v6ops] ULA and IPv4 - draft-liu-v6ops-ula-usage-analysis

Christopher Palmer <Christopher.Palmer@microsoft.com> Tue, 05 November 2013 03:10 UTC

Return-Path: <Christopher.Palmer@microsoft.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C401921E809F for <v6ops@ietfa.amsl.com>; Mon, 4 Nov 2013 19:10:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.298
X-Spam-Level:
X-Spam-Status: No, score=-3.298 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_13=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TDewZ25RYAva for <v6ops@ietfa.amsl.com>; Mon, 4 Nov 2013 19:10:51 -0800 (PST)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1lp0158.outbound.protection.outlook.com [207.46.163.158]) by ietfa.amsl.com (Postfix) with ESMTP id C55FB11E80F8 for <v6ops@ietf.org>; Mon, 4 Nov 2013 19:10:47 -0800 (PST)
Received: from BN1PR03MB171.namprd03.prod.outlook.com (10.255.200.150) by BN1PR03MB171.namprd03.prod.outlook.com (10.255.200.150) with Microsoft SMTP Server (TLS) id 15.0.785.10; Tue, 5 Nov 2013 03:10:46 +0000
Received: from BN1PR03MB171.namprd03.prod.outlook.com ([169.254.11.115]) by BN1PR03MB171.namprd03.prod.outlook.com ([169.254.11.44]) with mapi id 15.00.0785.001; Tue, 5 Nov 2013 03:10:46 +0000
From: Christopher Palmer <Christopher.Palmer@microsoft.com>
To: Tim Chown <tjc@ecs.soton.ac.uk>, "v6ops@ietf.org" <v6ops@ietf.org>
Thread-Topic: [v6ops] ULA and IPv4 - draft-liu-v6ops-ula-usage-analysis
Thread-Index: Ac7Z0GgDwAaANnZ8RHGaVb7M0I7XYwAAov4AAAAfT7A=
Date: Tue, 5 Nov 2013 03:10:45 +0000
Message-ID: <fbfd317f606e47fb8666f45cfe8ce7df@BN1PR03MB171.namprd03.prod.outlook.com>
References: <a2dc12c28a1d4eb28e7da36c959e2e9b@BN1PR03MB171.namprd03.prod.outlook.com> <F5022E7E-5969-4961-8C1F-03A8FD6C8069@ecs.soton.ac.uk> <EMEW3|c7700e679335ec63fa8cc5ca34b52656pA42wx03tjc|ecs.soton.ac.uk|F5022E7E-5969-4961-8C1F-03A8FD6C8069@ecs.soton.ac.uk>
In-Reply-To: <EMEW3|c7700e679335ec63fa8cc5ca34b52656pA42wx03tjc|ecs.soton.ac.uk|F5022E7E-5969-4961-8C1F-03A8FD6C8069@ecs.soton.ac.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:67c:370:160:7cd1:2b3:3a66:1b31]
x-forefront-prvs: 0021920B5A
x-forefront-antispam-report: SFV:NSPM; SFS:(377454003)(189002)(199002)(24454002)(76786001)(76796001)(76576001)(77096001)(56816003)(4396001)(47736001)(47976001)(54356001)(81342001)(15202345003)(49866001)(50986001)(87266001)(74316001)(51856001)(69226001)(53806001)(46102001)(33646001)(83072001)(19300405004)(74876001)(31966008)(79102001)(59766001)(47446002)(77982001)(74662001)(74502001)(65816001)(85306002)(83322001)(15975445006)(81686001)(19580405001)(81816001)(19580395003)(81542001)(76482001)(80976001)(74706001)(74366001)(56776001)(16236675002)(80022001)(63696002)(54316002)(2656002)(3826001)(24736002); DIR:OUT; SFP:; SCL:1; SRVR:BN1PR03MB171; H:BN1PR03MB171.namprd03.prod.outlook.com; CLIP:2001:67c:370:160:7cd1:2b3:3a66:1b31; FPR:; RD:InfoNoRecords; MX:1; A:1; LANG:en;
Content-Type: multipart/alternative; boundary="_000_fbfd317f606e47fb8666f45cfe8ce7dfBN1PR03MB171namprd03pro_"
MIME-Version: 1.0
X-OriginatorOrg: DuplicateDomain-a84fc36a-4ed7-4e57-ab1c-3e967bcbad48.microsoft.com
Subject: Re: [v6ops] ULA and IPv4 - draft-liu-v6ops-ula-usage-analysis
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Nov 2013 03:10:56 -0000

The majority of in-the-wild hosts are running 3484, so as an operational document I think it's reasonable to discuss the issue as it exists with those machines.

Even with 6724 - hosts configured as described in 3.3 may still attempt a ULA -> Native IPv6 connection. That connection will just not be preferred over IPv4 -> IPv4.

I'd argue that's still non-ideal. If the enterprise hosts in question do not have access to the IPv6 Internet, they should not be configured with a default route - thus they would *never* attempt connectivity.

Overprovisioning effective IPv6 connectivity is a painful topic.
From: v6ops-bounces@ietf.org [mailto:v6ops-bounces@ietf.org] On Behalf Of Tim Chown
Sent: Monday, November 4, 2013 6:59 PM
To: v6ops@ietf.org
Subject: Re: [v6ops] ULA and IPv4 - draft-liu-v6ops-ula-usage-analysis

The 3484's in that chunk of text should be 6724's.

Tim

On 5 Nov 2013, at 02:50, Christopher Palmer <Christopher.Palmer@microsoft.com<mailto:Christopher.Palmer@microsoft.com>> wrote:


Section 3.3 of the draft:


"  As described in section 2.2.2 of [RFC5220]<http://tools.ietf.org/html/rfc5220#section-2.2.2>.2>, when an enterprise has

   IPv4 Internet connectivity but does not yet have IPv6 Internet

   connectivity, then the enterprise chose ULA for site-local IPv6

   connectivity. Each employee host will have both an IPv4 global or

   private address and a ULA. Here, when this host tries to connect to

   an outside node that has registered both A and AAAA records in the



   DNS, the host will choose AAAA as the destination address and the ULA

   for the source address according to the IPv6 preference of the

   default address selection policy [RFC3484<http://tools.ietf.org/html/rfc3484>]4>]. This will clearly result
   in a connection failure."

This is only true if the ULA is configured on a host that also has a default route The enterprise can avoid any issues by simply configuring a scoped route on hosts (say, only for the ULA prefix). If a network does not provide connectivity to the IPv6 Internet, it should not advertise ::/0.

I think it's useful to discuss that configuration route, which is possible today with a vast majority of hosts and just works.

Modifying the prefix policy table is not suitable at scale. And the DNS preference logic alluded to in section 3.3 is highly ambiguous.
_______________________________________________
v6ops mailing list
v6ops@ietf.org<mailto:v6ops@ietf.org>
https://www.ietf.org/mailman/listinfo/v6ops