Re: [v6ops] Fwd: New Version Notification for draft-linkova-v6ops-ipmaclimi-00.txt
Nick Buraglio <buraglio@es.net> Mon, 14 November 2022 15:33 UTC
Return-Path: <buraglio@es.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03DFFC1526FC for <v6ops@ietfa.amsl.com>; Mon, 14 Nov 2022 07:33:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=es.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bhJwyz_0Lem2 for <v6ops@ietfa.amsl.com>; Mon, 14 Nov 2022 07:33:23 -0800 (PST)
Received: from mail-pj1-x102c.google.com (mail-pj1-x102c.google.com [IPv6:2607:f8b0:4864:20::102c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB422C14CE4B for <v6ops@ietf.org>; Mon, 14 Nov 2022 07:33:23 -0800 (PST)
Received: by mail-pj1-x102c.google.com with SMTP id d13-20020a17090a3b0d00b00213519dfe4aso11007996pjc.2 for <v6ops@ietf.org>; Mon, 14 Nov 2022 07:33:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=es.net; s=esnet-google; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=im8SS538QePwKGO+Y/80ZqB3fonxyORLorDpWTbDyPM=; b=j5qcCBjqfwgEvGD+nofVhmeTrxTCz+cN5bl1EDuS/PZRHyzEkMur1sPlnbWv22pw9J rFIwvfr1jKX24pPVIo9ND6oYBy+4BNosUHDzm42jFGty4XmiWUDW/j/aSoMiMh5cgb3v gAudf4aOi3f0eY6uzk6HQvj2j7scewrA1GwXQ3ZbTIePD4ZWQi5gJLmcCbw9q4FJCnnw wLDNO+/Yp7RJc3JZw93CCN6+UlaD1pd812oH3xtsJtPWl1429ZfxHqvJLxxhoW7D/ayB oa4o0Lij4ygAjWRUPrFNxssxYKH3tM8FETU0cdxvfm5f4Y+Sil8j36/S139hCVRj+2TO Dv8A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=im8SS538QePwKGO+Y/80ZqB3fonxyORLorDpWTbDyPM=; b=ai8H1WJxVT3KaCZqOOn0mCRKvc03Q4riuMhQpOfAPJvThTr+pizwXpYpE46fPsVun5 y09pfX3UhLUf+BIUPya8Wf3uXrGntwW9kK3UxjRSBKLEcvfTYG1daP8mLeGm428ctq3X pzDoyufUh4VSZEl6mORu6seHy/6on32K5A4YHSm+9dshzpQm7zcZFt7ZN1IN1O9BBfAu AEUMtABV968oBVF1uqmvJUVi/Q4pIuDTrwQBY7soYZjb62iKTDTJDRlw/WlcmAp3U0IN 795inXzepxmKvu6at7qmnTLv3pkyPSKlG7JRdRahLK9jcDe+z3DNkaDyaOh+4S66+LTj 1mzg==
X-Gm-Message-State: ANoB5pk7p8r0Fwjap4tU8SwhGiw1PtwGYn8mVztT93l9UT5Lm9qJGQzs ilclbQHkbpSpSRtBbwsm87Q/VWjO2IE0u9FI/kOaEZItxvaZdXe2wxL8rID3CXQ0px89/DL4PzY LbBOPmNWeoNzkPoefqHEiYq764KUnWpQYnFkMCAqrqGSSIPsc6iswGbcxLz2FoTkoCuazhrHSI3 m5mgoN4j4=
X-Google-Smtp-Source: AA0mqf7rmUX02YWAG1Ri5cHObwV26vdB+wIksAtm3um4+RlH8L0wGE2mAue+ddNzPo3omP1rIF0T0EVYjHwKuB4mjb0=
X-Received: by 2002:a17:90a:4a8a:b0:213:d66b:4973 with SMTP id f10-20020a17090a4a8a00b00213d66b4973mr14430257pjh.85.1668440002638; Mon, 14 Nov 2022 07:33:22 -0800 (PST)
MIME-Version: 1.0
References: <CAFU7BAQmSqaZhrQ0YH-1ryp2DfZH6z5B1icR=Wc_W=sdBExuEA@mail.gmail.com> <EE3F6D3C-EC05-4B23-917D-46BA7E49BC61@employees.org> <CAFU7BAQAo7p8MQOK9+CF3OEhOYp=vpUvX_4u9DadXaqQ7ada6w@mail.gmail.com> <0d5cef0d9d914f86adf0f67a05de3001@huawei.com> <5dd6205b058f15a77fe939f06a0db99c@podolsk.ru> <5648a94d446443f783be1978e3c11271@huawei.com> <1de216ef-994e-c62e-3e03-e8637fe9f879@gmail.com> <2fd756b1b0c74f19b8bddd92d11e02b5@huawei.com>
In-Reply-To: <2fd756b1b0c74f19b8bddd92d11e02b5@huawei.com>
Reply-To: buraglio@es.net
From: Nick Buraglio <buraglio@es.net>
Date: Mon, 14 Nov 2022 09:33:11 -0600
Message-ID: <CAM5+tA8dRRVkBsRL6Ynmrmh1Wqhj37XD99SkFX1Zntd_iE2uWg@mail.gmail.com>
To: Vasilenko Eduard <vasilenko.eduard=40huawei.com@dmarc.ietf.org>
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, Andrey Kostin <ankost@podolsk.ru>, V6 Ops List <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b042be05ed6ff55c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/Khw8gzWvNH7ayYjCdg--wZNUQOk>
Subject: Re: [v6ops] Fwd: New Version Notification for draft-linkova-v6ops-ipmaclimi-00.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2022 15:33:28 -0000
It should also be noted that dhcpv6-pd allocations need to have a route installed at the BRAS or other aggregation router (in my personal experience, that is) which is likely a non-issue, but will present a consideration for devices with small routing tables, especially in environments with significant numbers of clients. If each client receives a prefix, a route for each prefix needs to be instantiated which may result in tens of thousands of routes. Not a huge issue, but a potentially important resource detail. The idea of using a PIO to indicate a limit of addresses available does sound like an elegant solution. I do see some value in extending a prefix like a /64 for host use similar to rfc7278 where "LAN" is some bridge internal to a given host. This could be especially useful in containerized environments which are more and more prevalent as described by Jen in the use of container-like technology in ChromeOS and the extensive use of containers in DC environments. They almost feel like different problem spaces that exhibit similar symptoms. ---- nb ᐧ On Mon, Nov 14, 2022 at 1:14 AM Vasilenko Eduard <vasilenko.eduard= 40huawei.com@dmarc.ietf.org> wrote: > > There is a Reserved2 field in a PIO that could be redefined to indicate > a maximum number of addresses allowed per host under a given prefix. > > Hi Brian, > It would be a good solution. > Because local limits is better to announce from the local router. > Announce limits from the one centralized location (DHCP server) looks more > complex and error prone. > Eduard > -----Original Message----- > From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com] > Sent: Sunday, November 13, 2022 10:33 PM > To: Vasilenko Eduard <vasilenko.eduard@huawei.com>; Andrey Kostin < > ankost@podolsk.ru>; V6 Ops List <v6ops@ietf.org> > Subject: Re: [v6ops] Fwd: New Version Notification for > draft-linkova-v6ops-ipmaclimi-00.txt > > On 14-Nov-22 06:44, Vasilenko Eduard wrote: > > If the network has limits Then hosts should adapt to the limits (not > vice versa). > > It is needed to know the limits to adapt. DHCP could inform about the > limit, but SLAAC could not. > > It could. There is a Reserved2 field in a PIO that could be redefined to > indicate a maximum number of addresses allowed per host under a given > prefix. > > Brian > > > > > The number of virtual things per hardware instance would be always > restricted. > > If the best AP would support 200 IP per MAC then it is still possible to > run containers and stretch even that. > > > > DHCP could impose different limits per different links. Hence, if APs' > different segment has different restrictions then DHCP would impose > different limits. > > If the particular link has APs with different restrictions then indeed > DHCP should be configured to limit on the smallest. > > Ed/ > > -----Original Message----- > > From: Andrey Kostin [mailto:ankost@podolsk.ru] > > Sent: Friday, November 11, 2022 9:15 PM > > To: V6 Ops List <v6ops@ietf.org> > > Cc: Jen Linkova <furry13@gmail.com>; Ole Troan <otroan@employees.org>; > > Vasilenko Eduard <vasilenko.eduard@huawei.com> > > Subject: Re: [v6ops] Fwd: New Version Notification for > > draft-linkova-v6ops-ipmaclimi-00.txt > > > > Vasilenko Eduard писал(а) 2022-11-08 13:58: > >> N+1 allocation should fail. > >> But the network and host should be aware of it (in sync). > >> > >>> Or do we want NAT66? > >> No. DHCP in this case. > > > > What if the underlying access network has access points from multiple > vendors and they have different limits that are lower than allowed by DHCP? > > > > The problem Jen is trying to point out is not an addressing problem and > not related either to SLAAC, DHCP or static assignment. Looks like some > comments pronounce SLAAC guilty in described issue and try to use this > statements to push DHCP vs SLAAC dispute. This is not the case. This is an > operational problem caused by lack of common practice and agreement between > vendors. And that is exactly what Jen is trying to solve. She is requesting > to make underlying networks equipment's behavior deterministic and provide > troubleshooting capabilities by creating log messages. > > > > Regarding limits, in some networks big number of IPs per host can be > absolutely appropriate and necessary, in others there may be stricter > limits and this is also a real use case. We all understand that everything > is a resource and cost some money. Let's allow network owners decide what's > reasonable for them and what's not. Like Bill Gates said that 640K of RAM > will be always enough. Although now we are used to have a lot more memory > in our computers and servers, but it's still expensive and each admin can > choose how much he/she can afford. > > So, in situations where host wants more addresses then allowed, some > mechanism should exist to make this limit less painful and predictive. > > DHCP is one way for it, but it can't prevent creation of multiple > link-local or ULA addresses and it can hit ND cache limit even for > addresses legally assigned via DHCP. So it can't be considered as a > solution. > > For replacement technique for me it looks simpler just to rely on ND > cache expiration timers in the same way how it works for MAC tables. > > Some vendors can develop more sophisticated features similar to MAC > security to differentiate their products from the base level. Eventually a > user who tries to use more addresses than allowed should realize that there > is a limit and shut down some interfaces/VMs/containers/etc to obey network > rules. > > > > Kind regards, > > Andrey > > > >> Ed/ > >> -----Original Message----- > >> From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Jen Linkova > >> Sent: Tuesday, November 8, 2022 9:55 PM > >> To: Ole Troan <otroan@employees.org> > >> Cc: V6 Ops List <v6ops@ietf.org> > >> Subject: Re: [v6ops] Fwd: New Version Notification for > >> draft-linkova-v6ops-ipmaclimi-00.txt > >> > >> On Wed, Nov 9, 2022 at 1:12 AM Ole Troan <otroan@employees.org> wrote: > >>>> Fact #1: my devices need to have 7-10 IPv6 addresses. > >>> > >>> In the network you operate, that may be a fact. > >>> In other networks other rules. > >>> > >>> A requirement like that would be perfectly fine in an RFQ. Less so > >>> in an RFC. > >> > >> What I'm struggling to understand from this thread is: what's the > >> device supposed to do if it needs N addresses and the network only > >> agrees to provide N-1? > >> Shall the application fail? How is it better than the situation we > >> have now? > >> Or do we want NAT66? > >> > >> > >> -- > >> SY, Jen Linkova aka Furry > >> > > > > _______________________________________________ > > v6ops mailing list > > v6ops@ietf.org > > https://www.ietf.org/mailman/listinfo/v6ops > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops >
- [v6ops] Fwd: New Version Notification for draft-l… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Pascal Thubert (pthubert)
- Re: [v6ops] Fwd: New Version Notification for dra… Chongfeng Xie
- Re: [v6ops] Fwd: New Version Notification for dra… Ole Troan
- Re: [v6ops] Fwd: New Version Notification for dra… Vasilenko Eduard
- Re: [v6ops] Fwd: New Version Notification for dra… Vasilenko Eduard
- Re: [v6ops] Fwd: New Version Notification for dra… Vasilenko Eduard
- Re: [v6ops] Fwd: New Version Notification for dra… Joel Jaeggli
- Re: [v6ops] Fwd: New Version Notification for dra… Xipengxiao
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Mark Smith
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Ole Troan
- Re: [v6ops] Fwd: New Version Notification for dra… Alexandre Petrescu
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Ole Troan
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Xipengxiao
- Re: [v6ops] Fwd: New Version Notification for dra… Ole Troan
- Re: [v6ops] Fwd: New Version Notification for dra… Pascal Thubert (pthubert)
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Buraglio
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Vasilenko Eduard
- Re: [v6ops] Fwd: New Version Notification for dra… Vasilenko Eduard
- Re: [v6ops] Fwd: New Version Notification for dra… Ole Troan
- Re: [v6ops] Fwd: New Version Notification for dra… David Farmer
- Re: [v6ops] Fwd: New Version Notification for dra… Mark Smith
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Joel Jaeggli
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Gert Doering
- Re: [v6ops] Fwd: New Version Notification for dra… Lorenzo Colitti
- Re: [v6ops] Fwd: New Version Notification for dra… Lorenzo Colitti
- Re: [v6ops] Fwd: New Version Notification for dra… Pascal Thubert (pthubert)
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Lorenzo Colitti
- Re: [v6ops] New Version Notification for draft-li… Ivan Pepelnjak
- Re: [v6ops] Fwd: New Version Notification for dra… Joel Halpern
- Re: [v6ops] Fwd: New Version Notification for dra… Eric Levy- Abegnoli (elevyabe)
- Re: [v6ops] Fwd: New Version Notification for dra… Jen Linkova
- Re: [v6ops] Fwd: New Version Notification for dra… Pascal Thubert (pthubert)
- Re: [v6ops] Fwd: New Version Notification for dra… Eric Levy- Abegnoli (elevyabe)
- Re: [v6ops] Fwd: New Version Notification for dra… Andrey Kostin
- Re: [v6ops] Fwd: New Version Notification for dra… Chongfeng Xie
- Re: [v6ops] Fwd: New Version Notification for dra… Vasilenko Eduard
- Re: [v6ops] Fwd: New Version Notification for dra… Brian E Carpenter
- Re: [v6ops] Fwd: New Version Notification for dra… Vasilenko Eduard
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Buraglio
- Re: [v6ops] Fwd: New Version Notification for dra… Vasilenko Eduard