Re: [v6ops] DHCPv6/SLAAC Make Hosts Confusing-//RE: new draft: draft-liu-bonica-v6ops-dhcpv6-slaac-problem

Ray Hunter <v6ops@globis.net> Wed, 30 October 2013 09:39 UTC

Return-Path: <v6ops@globis.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E21611E81A1 for <v6ops@ietfa.amsl.com>; Wed, 30 Oct 2013 02:39:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lIGFvTxjyNOb for <v6ops@ietfa.amsl.com>; Wed, 30 Oct 2013 02:39:14 -0700 (PDT)
Received: from globis01.globis.net (RayH-1-pt.tunnel.tserv11.ams1.ipv6.he.net [IPv6:2001:470:1f14:62e::2]) by ietfa.amsl.com (Postfix) with ESMTP id EF25B11E8146 for <v6ops@ietf.org>; Wed, 30 Oct 2013 02:38:45 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by globis01.globis.net (Postfix) with ESMTP id 11E27870F99; Wed, 30 Oct 2013 10:38:14 +0100 (CET)
Received: from globis01.globis.net ([127.0.0.1]) by localhost (mail.globis.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A5kYS3LXRJNr; Wed, 30 Oct 2013 10:38:13 +0100 (CET)
Received: from Rays-iMac-2.local (unknown [192.168.0.3]) (Authenticated sender: Ray.Hunter@globis.net) by globis01.globis.net (Postfix) with ESMTPA id E053E8700B2; Wed, 30 Oct 2013 10:38:13 +0100 (CET)
Message-ID: <5270D384.7030400@globis.net>
Date: Wed, 30 Oct 2013 10:38:12 +0100
From: Ray Hunter <v6ops@globis.net>
User-Agent: Postbox 3.0.8 (Macintosh/20130427)
MIME-Version: 1.0
To: Nick Hilliard <nick@inex.ie>
References: <CE8E8EC3.59F3A%victor@jvknet.com> <06601039-CAFD-49B0-918B-A8ACD51B978D@fugue.com> <alpine.OSX.2.00.1310281905440.11422@ayourtch-mac> <CAKD1Yr0qLd7syFizEUMa6DM2a2LY6Rv5GSFyoQAs4Pir6gcNkA@mail.gmail.com> <1383036443.56704.YahooMailNeo@web142501.mail.bf1.yahoo.com> <alpine.OSX.2.00.1310291443480.31066@ayourtch-mac> <1383074208.73179.YahooMailNeo@web142505.mail.bf1.yahoo.com> <alpine.OSX.2.00.1310292030450.31066@ayourtch-mac> <CAKD1Yr1myWu7BUmcP3sJqPXFtRyGhy=Qqd2yMsYBFQjPce3GUA@mail.gmail.com> <alpine.OSX.2.00.1310292040510.31066@ayourtch-mac> <52702DC2.1080507@inex.ie>
In-Reply-To: <52702DC2.1080507@inex.ie>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: v6ops@ietf.org
Subject: Re: [v6ops] DHCPv6/SLAAC Make Hosts Confusing-//RE: new draft: draft-liu-bonica-v6ops-dhcpv6-slaac-problem
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Oct 2013 09:39:15 -0000

inline

Nick Hilliard wrote:
> On 29/10/2013 20:20, Andrew Yourtchenko wrote:
>> debate - maybe worth just folding it back into a pure factual "It was
>> decided that RA does routing, DHCPv6 does not, by the way RA does a slow
>> redundancy, which people do not like, therefore they think DHCPv6 should do
>> routing".
>
> WFM, and I very much like your draft so far, btw.
>
> Later on in the text, it says:
>
>>    However, the "single source of truth" nature of DHCPv6 prevents the
>>    successful operation in case of multiple servers on the segment
>>    supplying different information. RAs in this case may still work.
>>
>>    Some consider the inability to support this scenario crucial, and
>>    some think it is not useful. This creates contention between the
>>    proponents of those who want DHCPv6 deal with routing, and those who
>>    think RA is the single possible candidate for that.
>>
>>    The other aspect is that because RA ties in the routing and
>>    addressing information, one can say "RA shares the fate with
>>    routing". However, this distinction is merely because of the
>>    decision to explicitly keep DHCPv6 away from routing - so can not be
>>    considered a true property of the protocol.
>
> The premise that many people in the IETF seem to be working on is that the
> typical - or even a common - deployment case of ipv6 will involve multiple
> routers per lan segment.  I say this because every time the issue of DHCP
> providing a defgw comes up, one of the main arguments that's trotted out is
> that it will break the multiple-routers-per-lan-segment scenario.  The
> above 3 paragraphs also strongly hint at this as being the target deployment.
>
> Well maybe dhcpv6 doesn't do that, but the operational reality is that
> multiple gateways on the same lan is going to be the rare exception rather
> than the rule. The reason why I think this is because:
>
> 1. enterprises have an obtuse obsession for L2.  They'd pave the world with
> L2 and extend L2 from one end of the universe to the other if they could.
> Just look at the horror of vxlan (who are they kidding?  themselves?) as a
> perfect example of this insanity.  I don't know why this is but it's the
> way that lots of enterprise rolls, ranging from SME to largish networks.
> Outside truly large operations (i.e. 10s of thousands of users), I have
> never got the impression that enterprises got L3 routing.

I think you do Enterprise engineers a serious dis-service. Many
consciously choose for L2 interfaces (with HSRP/ VRRP) isolation LANs
between service providers precisely because L3 is more complex to debug
and engineer across an administrative boundary. Even agreeing on an IGP
can be tricky, never mind worrying about route flapping or
redistribution loops. Experience has shown that HSRP/VRRP + static
routes in a simple active/standby construction can deliver extremely
robust SLA KPI's.

Secondly, practical deployment of L3 routing protocols on end hosts was
a no-go in IPv4.

> 2. homenet: I don't understand the target audience for the entire homenet
> multiple network movement. Putting this another way: who is going to debug
> homenet multiple network stuff when it breaks, because as far as I can
> tell, that belongs in the realm of level 2 engineering escalation (i.e.
> $120/hr sort of thing).  It's a little far-fetched to expect gramps and
> grandma to set up and maintain and debug multiple networking segments.  A
> good chunk of the stuff going on in homenet is vastly more complicated than
> pretty much any home network is ever going to need.  Architecturally
> interesting, but srsly not realistic as a viable approach to home networking.

I think Homenet WG well-understands the challenges with deployment and
little-conf..


> 3. service providers - the single operational group on the internet that
> actually understands L3 / network segmentation and why it's important -
> will attempt avoid multiple gateways per network like the plague because it
> makes their deployment scenarios more complicated and provides no extra
> value.  For server / host farms, service providers like FHRP with tight
> timers because it gives control of onward connectivity.
>
> All of which doesn't leave very many more user-market segments.

I disagree entirely, and would characterise this as a rather
network-operator-centric view, rather than a host-centric view.

> Regarding RA for routing and DHCP for addressing, what people care about is
> connectivity.  What I need as an operator is a protocol (preferably a
> single protocol because that is simpler) which will enable my boxes to gain
> the connectivity they need.  Whether you call this routing or providing a
> default gateway, I don't much mind.
>
> Look, there's too much ideology going on here.  The IETF is being dazzled
> by the sight of multiple lan segments and multiple egress gateways without
> realising that these are the minority configuration.  All this effort is
> going into optimising ipv6 address / lan autoconfiguration for these
> unusual scenarios without heeding the sober reality that most people,
> service providers and enterprises are only ever going to want to have a
> single defgw per lan segment, and that by far the most common deployment
> scenario will be a single lan segment per organisation.


Erm. Have you missed the move to wireless?

My smartphone already has two radios and a physical interface, connected
to multiple providers.

How exactly do you then configure a "single defgw per lan segment"
(without draft-troan-homenet-sadr-01)

> I'm aware that this viewpoint will be regarded as retrograde, and that a
> bunch of people on this list will probably sit there, rolling their eyes
> and thinking: "yeah, and 640k was enough for everyone".
>
> Just bear in mind that added complexity is not necessarily a good thing.
> The support costs are high and the return on effort is dubious at best.
> IOW, the IETF is optimising a corner case.  This is not smart.
>
> Nick
>
>

-- 
Regards,
RayH