Re: [v6ops] Flash renumbering

[Vasilenko Eduard <vasilenko.eduard@huawei.com>]

Hi Fernando,
I do not believe that other cases are representative except many-box solution.
Because all other cases are: somebody forgotten to deprecate prefix in his software (including VM - just need to send at least one RA before prefix change).
It was better to push Industry to properly develop software to deprecate prefixes, then to compromise timers.

For the multi-box scenario:
30% is the probability that residential subs have IPv6 (in reality less, 30% is mainly attributed by mobile)
37% that his Carrier do dynamic DHCP-PD
5% that he has 2 boxes in the household (reminder: relationships between number of businesses to households is about 2% for majority of countries, number of branches for big Enterprise could be big (+), but many SMBs would be satisfied by typical CPE(-))
50% that he is not capable to create routed network inside (/64 from Carrier - now should be less such cases compare to 2017).
What we have? 0.3% from world-wide subscriber base? It is what I call "corner case".
Make sense to fix.

In response to "why IP camera needs bridged network" you have answered "to avoid NAT".
We are in IPv6 alias. Whatever you would do in IPv6 - you will avoid NAT. Hence, Routed network inside household is not a problem for IP camera. Right?

I do not know mDNS - may be it needs bridged network. It would be additional extremely small corner case (10^-5). Better to fix.

Eduard
-----Original Message-----
From: Fernando Gont [mailto:fgont@si6networks.com] 
Sent: 16 сентября 2020 г. 15:41
To: Vasilenko Eduard <vasilenko.eduard@huawei.com>; 6man@ietf.org; IPv6 Operations <v6ops@ietf.org>
Subject: Re: Flash renumbering

On 16/9/20 08:50, Vasilenko Eduard wrote:
> Hi Fernando, Good. You have confirmed my expectations. You did not 
> mention in any document that problem is possible only if switch is 
> separated from router. It is applicable only for many-box situation.

No.

As noted multiple scenarios where this problem may occur. Section 1 of
https://tools.ietf.org/html/draft-ietf-v6ops-slaac-renum-01 , contains a non-exhaustive list of some of the scenarios.

I've mentioned others in my previous email.

If you move VMs around, you may get the same thing.


[...]
> I still have 1 WiFi in my House that put in one corner of the 
> building. It is enough. 5Ghz is not much important for me when 
> everything high performance is connected by 1GE. But it does not 
> matter what I have - it is very special situation (like yours).

Can you please back your claims? My family has always lived in a residential area, where wifi signal having to traverse through multiple walls is the *rule*, not the exception.



> Majority of countries have urbanization for 70%-80%. We are talking
> about apartments, not houses.

Please let me know where you get your stats from.

And, are you seriously meaning that this group should only care about
IPv6 being robust in "apartment scenarios"?



> I did participate in a few tenders (on both sides) for B2B CPEs.
> Nobody likes "many box solution" (cost , maintenance, size, power).
> Vendors have Enterprise CPEs with enough L2 ports (up to 48). 2 box
> solution is not typical used even here.

It is quite common over here. And for a small office, you will most 
likely get the same CPE as a home user.



> v6ops have a reference to good excel (on google disk) in 2017 for
> details about 85 biggest Telco. Not all have disclosed prefix size.
> RIPE has started push to /48 too later: /48 - 3 /56 - 11 /60 - 1 /62
> - 1 /64 - 12 You are right here. It is exacerbate geeks problem.
> 
> Could you tell me why IP camera needs bridged (L2) network? Why
> router network is not suitable?

Because they cannot traverse multiple NATs.

Many applications will employ upnp to install port mappings in the CPE. 
But the CPE will not try to "relay" such mappings elsewhere.

Similarly, mDNS has typically only worked on a single network segment.
If you put a multiple cascading CPEs, you break that.


> If some daemon is not capable to deprecate PIO properly - it is more
> vendor problem than standard. The same for CPE. But yes, some
> robustness from ND is welcome here.

It is not. Because since the recommended default for the Valid Lifetime,
the daemon wasn't going to keep sending RAs for 7 days, and only start
announcing the new prefix after 7 days.

When doing things such as installing a simple range extender may lead to 
total brokenness, there's a robustness flaw being exposed. And you 
should address the flaw, rather trying to find every possible reason not 
to solve it. -- unless you make a case that the only people that should 
deply v6 are the one that live in apartments or wooden-wall houses, plus 
they use a single box to connect to the Internet, the ISP does static 
prefixes, etc., etc., etc.   And, still, you would have other possible 
scenarios, that are completely unrelated, such as moving VMs around.

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492