Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177-bis-00.txt
"Mudric, Dusan (Dusan)" <dmudric@avaya.com> Mon, 27 August 2018 18:23 UTC
Return-Path: <dmudric@avaya.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37B2A12785F; Mon, 27 Aug 2018 11:23:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8VMEAa5x2Yiz; Mon, 27 Aug 2018 11:23:36 -0700 (PDT)
Received: from p-us1-iereast-outbound.us1.avaya.com (p-us1-iereast-outbound.us1.avaya.com [135.11.29.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E7DA12426A; Mon, 27 Aug 2018 11:23:31 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A2GSAgACQYRb/yYyC4daDgsBAQEBAQEBAQEBAQEHAQEBAQGCeiYvZW0SKAqDaJQ4gg2DPYUXjWaBKzsLIwkChD4CF4MTITcVAQIBAQEBAQECAgJpHAyCaC8BAQQHAwwvCQIDAQEBAQEBAU8CD0cBARgBAQEBAgESEREzBwYFBQcEAgEIDQQEAQEBAgIGIAICAh8RFQgIAgQBDQUIEweDAIFpAw0IAQ6aJYlvgS4aAocTDYMsBYELhzCBGxeBQj4mbEaCTIJWRQQYgQs+gn8xgiYCh20IAZMLKwkChjF3hTVygjWBP4cbAw+FXYsdY4dJgVcjgVJwFTuCaYYBihg6bwEBgRSKLwGBEAsBAQ
X-IPAS-Result: A2GSAgACQYRb/yYyC4daDgsBAQEBAQEBAQEBAQEHAQEBAQGCeiYvZW0SKAqDaJQ4gg2DPYUXjWaBKzsLIwkChD4CF4MTITcVAQIBAQEBAQECAgJpHAyCaC8BAQQHAwwvCQIDAQEBAQEBAU8CD0cBARgBAQEBAgESEREzBwYFBQcEAgEIDQQEAQEBAgIGIAICAh8RFQgIAgQBDQUIEweDAIFpAw0IAQ6aJYlvgS4aAocTDYMsBYELhzCBGxeBQj4mbEaCTIJWRQQYgQs+gn8xgiYCh20IAZMLKwkChjF3hTVygjWBP4cbAw+FXYsdY4dJgVcjgVJwFTuCaYYBihg6bwEBgRSKLwGBEAsBAQ
X-IronPort-AV: E=Sophos;i="5.53,296,1531800000"; d="scan'208";a="301435038"
Received: from unknown (HELO p-us1-erheast-smtpauth.us1.avaya.com) ([135.11.50.38]) by p-us1-iereast-outbound.us1.avaya.com with ESMTP; 27 Aug 2018 14:23:29 -0400
X-OutboundMail_SMTP: 1
Received: from unknown (HELO AZ-US1EXHC01.global.avaya.com) ([135.11.85.12]) by p-us1-erheast-out.us1.avaya.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 27 Aug 2018 14:23:29 -0400
Received: from AZ-US1EXMB03.global.avaya.com ([fe80::a5d3:ad50:5be9:1922]) by AZ-US1EXHC01.global.avaya.com ([135.11.85.12]) with mapi id 14.03.0382.000; Mon, 27 Aug 2018 14:23:29 -0400
From: "Mudric, Dusan (Dusan)" <dmudric@avaya.com>
To: Lea Roberts <lea.roberts@stanford.edu>, Brian E Carpenter <brian.e.carpenter@gmail.com>, JORDI PALET MARTINEZ <jordi.palet=40consulintel.es@dmarc.ietf.org>
CC: "draft-palet-v6ops-rfc6177-bis@ietf.org" <draft-palet-v6ops-rfc6177-bis@ietf.org>, IPv6 Operations <v6ops@ietf.org>
Thread-Topic: [v6ops] I-D Action: draft-palet-v6ops-rfc6177-bis-00.txt
Thread-Index: AQHUFwS5hR0dlGIaRECFIUzwEPML5KSW+0GAgAAwrwCAPQk0kA==
Date: Mon, 27 Aug 2018 18:23:28 +0000
Message-ID: <9142206A0C5BF24CB22755C8EC422E459CB44344@AZ-US1EXMB03.global.avaya.com>
References: <153017691583.14743.17000446834856511528@ietfa.amsl.com> <78a36a81-3bb3-9d47-aa06-8da8f7594677@gmail.com> <C040E02F-7BEC-4FF9-8585-BE380B6859DE@consulintel.es> <alpine.DEB.2.02.1807191054090.7979@networking.stanford.edu>
In-Reply-To: <alpine.DEB.2.02.1807191054090.7979@networking.stanford.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.11.85.49]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/EYS61I0ie6-DccUe4qZiYO2x7wQ>
Subject: Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177-bis-00.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Aug 2018 18:23:38 -0000
Section 4. " b. An end-user should be able to receive any prefix length up to /48 simply by asking." Can this be defined in a way to make sure that new applications and devices will always work at end sites without a need for asking ISPs for extra address space? Otherwise, the end-user might not get what he/she asks for, without paying for the "higher grade" service. Can the definition impose up to /48 LAP when needed at end sites? For example, can an application request a home router to request an ISP for /48 prefix and, when requested, ISP must grant it? Regards, Dusan Mudric. > -----Original Message----- > From: v6ops <v6ops-bounces@ietf.org> On Behalf Of Lea Roberts > Sent: Thursday, July 19, 2018 2:08 PM > To: Brian E Carpenter <brian.e.carpenter@gmail.com>; JORDI PALET > MARTINEZ <jordi.palet=40consulintel.es@dmarc.ietf.org> > Cc: draft-palet-v6ops-rfc6177-bis@ietf.org; IPv6 Operations > <v6ops@ietf.org> > Subject: Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177-bis-00.txt > > hi Brian and Jordi - > > excellent comments and I agree also. > > thank you!! > /Lea > > On Thu, 19 Jul 2018, JORDI PALET MARTINEZ wrote: > > > Hi Brian, > > > > > > > > Thanks a lot for commenting and sorry the late answer ... too busy last > weeks. > > > > > > > > Comments in-line below (subjected to my co-author agreement), basically, > agree with all your inputs, except a couple of points. > > > > > > > > Thanks! > > > > > > > > Regards, > > > > Jordi > > > > > > > > > > > > > > > > -----Mensaje original----- > > > > De: v6ops <v6ops-bounces@ietf.org> en nombre de Brian E Carpenter > <brian.e.carpenter@gmail.com> > > > > Organizaci?n: University of Auckland > > > > Fecha: domingo, 8 de julio de 2018, 17:43 > > > > Para: <draft-palet-v6ops-rfc6177-bis@ietf.org>, IPv6 Operations > <v6ops@ietf.org> > > > > Asunto: Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177-bis-00.txt > > > > > > > > Hi, > > > > > > > > Thanks for this draft. > > > > > > > > > Abstract > > > > > > > > This needs to be shorter. Three paragraphs is too much. > > > > > > > > For the next version, I've reduced 50% the length of the 1st paragraph. 3rd > paragraph, I recall is mandatory (IDNits). > > > > > > > > > > > > > ... policy should reflect that assignment of a single subnet is > > > > > no longer appropriate unless the recipient explicitly agrees to the > > > > > limitations implied by such an assignment. > > > > > > > > I *strongly* suggest deleting the "unless" clause. It leaves a > > > > loophole, and it could easily be hidden in shrink-wrap terms > > > > and conditions so that a subscriber would agree without even > > > > knowing about it. Reduce this simply to: > > > > > > > > ... policy should reflect that assignment of a single subnet is > > > > never appropriate. > > > > > > > > Agreed and done. > > > > > > > > > > > > > 1. Introduction > > > > .... > > > > > 1. It is extremely discouraged that /128s be given out. While there > > > > > may be some cases where assigning only a single address may be > > > > > justified, a site, by definition, implies multiple subnets and > > > > > multiple devices. > > > > > > > > I find this a bit weak. Try: > > > > > > > > 1. It is extremely discouraged that /128s be given out. While there > > > > may be some applications where assigning only a single address may > be > > > > tolerated, a site, by definition, implies multiple subnets and > > > > multiple devices. Also, a /128 prevents any form of privacy-based > > > > addressing. > > > > > > > > Agreed! > > > > > > > > > 4. This revision has been created to more clearly assert the > > > > > requirement to ensure that address assignments to end-sites > > > > > provide a sufficiently big number of subnets (/64 on classic > > > > > networks) to each end-site, taking under consideration the end- > > > > > site's future expected needs, new deployment expectations and > new > > > > > protocol requirements, among others. Once all these are > > > > > considered, it seems unlikely that a single subnet (/64) or even > > > > > a small number of them should be assigned, unless very clearly > > > > > justified and agreed to by the end-site. > > > > > > > > The "unless" clause is dangerous because of shrink-wrap terms and > > > > conditions. I suggest deleting it. > > > > > > > > Agreed! > > > > > > > > > 2. Considerations Regarding the Prefix Length > > > > .... > > > > > This consideration should be noticed, across this document, in the > > > > > sense that end-sites usually have subnets that use, by default, > > > > > SLAAC, and consequently, the LAP is mandatorily a /64. Other > > > > > technologies, may have a different LAP, which must be used > > > > > accordingly. > > > > > > > > I suggest s/Other/Future/ since /64 prevails everywhere today. > > > > > > > > Agreed! > > > > > > > > > 3. On /48 Assignments to End-Sites > > > > .... > > > > > An important > > > > > goal in IPv6 is to significantly change the default and minimal end > > > > > site assignment, from "a single address" to "multiple networks" and > > > > > to ensure that end-sites can easily obtain address space. > > > > > > > > I suggest adding something like this: > > > > > > > > As the operational costs of carrier-grade NAT and address+port sharing > > > > have shown, availability of multiple addresses and prefixes to end sites > > > > that need them will be a considerable saving to their ISPs. > > > > > > > > Agreed! > > > > > > > > > It might be tempting to give home sites a single /64, since that is > > > > > already significantly more address space compared with today's IPv4 > > > > > practice. However, this precludes the expectation that even home > > > > > sites will grow to support multiple subnets going forward. Hence, it > > > > > > > > s/expectation/certainty/ > > > > > > > > Agreed! > > > > > > > > .... > > > > > A key goal of the recommendations in [RFC3177] is to > > > > > ensure that upon renumbering, one does not have to deal with > > > > > renumbering into a smaller subnet size. > > > > > > > > Perhaps add: > > > > > > > > In particular this would apply to any site that switches to > > > > an ISP that provides a longer prefix. > > > > > > > > Agreed! > > > > > > > > > It should be noted that similar arguments apply to the management of > > > > > zone files in the DNS. In particular, managing the reverse > > > > > (ip6.arpa) tree is simplified when all links are numbered using the > > > > > same subnet ids > > > > > > > > s/numbered/renumbered/ > > > > > > > > Agreed! > > > > > > > > .... > > > > > years, and we don't recover back the /48's, we will be able to use > > > > > IPv6 addressing space for over 100.000 years. > > > > > > > > Perhaps add: > > > > > > > > This document does not advocate careless use of address space, but > > > > there is objectively no reason to be restrictve. > > > > > > > > Agreed! > > > > > > > > .... > > > > > Today typically, a home has already a considerable number of possible > > > > > subnets (a common CE has 4 LAN ports, 2 WiFi radios which support > > > > > several SSIDs each one, VoIP subnet, IPTV subnet, additional VLANs) > > > > > and if downstream routers are used, there is a need for further > > > > > subnets. This means that in a short term, assigning a /60 (16 > > > > > subnets), it is already a really bad decision, as it may enforce IPv6 > > > > > NAT between the main CE and downstream routers. > > > > > > > > I suggest deleting "as it may enforce IPv6 NAT between the main CE and > > > > downstream routers". Firstly it puts NAT into the reader's mind. Secondly, > > > > it isn't the only solution - IIDs shorter than 64 could also be implemented. > > > > > > > > Agreed! > > > > > > > > > 4. Impact on IPv6 Standards > > > > > > > > I propose to simply delete this section. > > > > > > > > Firstly, RFC3056 is deprecated so it's irrelevant today. > > > > Secondly, the argument about ULAs (RFC4193) doesn't hold up. > > > > ULAs are like any other /48 prefix - if you are forced to > > > > renumber into a longer prefix, you lose some subnet bits. > > > > That is already covered in the middle of section 3 (the > > > > "key goal" sentence quoted above). > > > > > > > > > > > > I recall we deprecated the 6to4 anycast, but not 6to4, in fact 6to4 to 6to4 > traffic is still useful for peer to peer. > > > > > > > > > 6. Security Considerations > > > > > > > > > > This document has no known security implications. > > > > > > > > Really? More prefix space offers more potential for scanning > > > > attacks. More prefix space also allows the use of slightly > > > > randomized prefixes and/or prefix-per host. > > > > > > > > Also of course, a /128 would prevent any form of privacy-based > > > > addressing. > > > > > > > > I've introduced new text on those points. > > > > > > > > > 8. Acknowledgements > > > > > > > > > > The authors of this document will like to acknowledge the authors of > > > > > previous versions (Thomas Narten and Geoff Huston) > > > > > > > > RFC3177 was signed by the whole IAB and IESG seated in 2001, and its > > > > Acknowledgements read: > > > > > > > > >> This document originated from the IETF IPv6 directorate, with much > > > > >> input from the IAB and IESG. The original text forming the basis of > > > > >> this document was contributed by Fred Baker and Brian Carpenter. > > > > >> Allison Mankin and Thomas Narten merged the original contributions > > > > >> into a single document, and Alain Durand edited the document > through > > > > >> its final stages. > > > > > > > > Agreed! > > > > > > > > Regards > > > > Brian > > > > > > > > _______________________________________________ > > > > v6ops mailing list > > > > v6ops@ietf.org > > > > https://urldefense.proofpoint.com/v2/url?u=https- > 3A__www.ietf.org_mailman_listinfo_v6ops&d=DwIDaQ&c=BFpWQw8bsuKp > l1SgiZH64Q&r=UT3Bk9cbLeaJxhf3iCrhIoUWB8YLZU23029sMQGQ2kY&m=- > 5rgYq_nYMbSH2HXHnHFCFi2KDYzOClhSiLn0au8Wu0&s=iEq1tUDbeQL4f3SLM > f1-xihjJYT0KAAN_BWTl9-779c&e= > > > > > > > > > > > > > > ********************************************** > > IPv4 is over > > Are you ready for the new Internet ? > > https://urldefense.proofpoint.com/v2/url?u=http- > 3A__www.consulintel.es&d=DwIDaQ&c=BFpWQw8bsuKpl1SgiZH64Q&r=UT3 > Bk9cbLeaJxhf3iCrhIoUWB8YLZU23029sMQGQ2kY&m=- > 5rgYq_nYMbSH2HXHnHFCFi2KDYzOClhSiLn0au8Wu0&s=GMRLdItF8yKbUdE9 > NuXE-U48uk7OHNuEijym9jhE--s&e= > > The IPv6 Company > > > > This electronic message contains information which may be privileged or > confidential. The information is intended to be for the exclusive use of the > individual(s) named above and further non-explicilty authorized disclosure, > copying, distribution or use of the contents of this information, even if > partially, including attached files, is strictly prohibited and will be considered a > criminal offense. If you are not the intended recipient be aware that any > disclosure, copying, distribution or use of the contents of this information, > even if partially, including attached files, is strictly prohibited, will be > considered a criminal offense, so you must reply to the original sender to > inform about this communication and delete it. > > > > > > > > _______________________________________________ > > v6ops mailing list > > v6ops@ietf.org > > https://urldefense.proofpoint.com/v2/url?u=https- > 3A__www.ietf.org_mailman_listinfo_v6ops&d=DwIDaQ&c=BFpWQw8bsuKp > l1SgiZH64Q&r=UT3Bk9cbLeaJxhf3iCrhIoUWB8YLZU23029sMQGQ2kY&m=- > 5rgYq_nYMbSH2HXHnHFCFi2KDYzOClhSiLn0au8Wu0&s=iEq1tUDbeQL4f3SLM > f1-xihjJYT0KAAN_BWTl9-779c&e=
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… JORDI PALET MARTINEZ
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Lea Roberts
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Mudric, Dusan (Dusan)
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Mudric, Dusan (Dusan)
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… David Farmer
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Mudric, Dusan (Dusan)
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Fred Baker
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… David Farmer
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… STARK, BARBARA H
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Mudric, Dusan (Dusan)
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Owen DeLong
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… JORDI PALET MARTINEZ
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… JORDI PALET MARTINEZ
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Mudric, Dusan (Dusan)
- Re: [v6ops] I-D Action: draft-palet-v6ops-rfc6177… Brian E Carpenter