Re: [v6ops] Focused discussion: draft-ietf-v6ops-unique-ipv6-prefix-per-host
Tore Anderson <tore@fud.no> Mon, 04 January 2016 12:41 UTC
Return-Path: <tore@fud.no>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAF8B1A885C for <v6ops@ietfa.amsl.com>; Mon, 4 Jan 2016 04:41:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.79
X-Spam-Level:
X-Spam-Status: No, score=0.79 tagged_above=-999 required=5 tests=[BAYES_50=0.8, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GF9F-BFPtW6F for <v6ops@ietfa.amsl.com>; Mon, 4 Jan 2016 04:41:40 -0800 (PST)
Received: from greed.fud.no (greed.fud.no [IPv6:2a02:c0:1001:100::145]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E06421A885B for <v6ops@ietf.org>; Mon, 4 Jan 2016 04:41:39 -0800 (PST)
Received: from [2a02:c0:2:1:1194:17:0:1029] (port=40024 helo=echo.ms.redpill-linpro.com) by greed.fud.no with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <tore@fud.no>) id 1aG4S7-000503-QM; Mon, 04 Jan 2016 13:41:35 +0100
Date: Mon, 04 Jan 2016 13:41:35 +0100
From: Tore Anderson <tore@fud.no>
To: fred@cisco.com
Message-ID: <20160104134135.1f1b3711@echo.ms.redpill-linpro.com>
In-Reply-To: <201601031900.u03J0LMe009763@irp-lnx1.cisco.com>
References: <201601031900.u03J0LMe009763@irp-lnx1.cisco.com>
X-Mailer: Claws Mail 3.13.1 (GTK+ 2.24.29; x86_64-redhat-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/O_g9eFNfBxz1Q-Otkug1CVDLnI4>
Cc: v6ops@ietf.org
Subject: Re: [v6ops] Focused discussion: draft-ietf-v6ops-unique-ipv6-prefix-per-host
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Jan 2016 12:41:42 -0000
* fred@cisco.com > And now for something a little different. I'd like to invite focused > discussion of draft-ietf-v6ops-unique-ipv6-prefix-per-host, which we > adopted at IETF 94 FWIW, I sent some feedback to the list on the 28th of October, which wasn't answered* or incorporated in the new revision of the draft as far as I can tell. I'll therefore repeat them below. * Except for point #2 regarding the draft improperly suggesting that when IA_PD is available the M-flag should be set to 1. This did cause some discussion on whether or not RA flags have any relation to IA_PD availability to begin with, but I don't think there was any disagreement about my initial point about tying IA_PD with the M-flag specifically not being appropriate. Easiest way to fix this in the draft is IMHO just to remove «, this flag may be set to 1 in the future if/when DHCPv6 prefix this flag may be set to 1 in the future if/when DHCPv6 prefix)». (Just noticed this will also get rid of an unmatched parenthesis.) Tore ------ 1) Section 4.2 mentions that DAD is used, but it is not clear to me how this will work for LLAs. If two UEs (potentially attached to different APs) are using the same link-local address, how will they see each others DAD messages? Proxy-ND on the WLAN-GW? Or if the WLAN-GW does not relay DAD messages across the split BUM horizon, how will it deal with the possiblity of two unique UEs both using the same LLA? I'm guessing that in a large-scale deployment, the chances of two UEs having statically configured, e.g., fe80::1 is quite likely. 2) Regarding the following text in Section 4.2: > o M-flag = 0 (UE/subscriber address is not managed through DHCPv6), > this flag may be set to 1 in the future if/when DHCPv6 prefix > delegation support over Wi-Fi is desired) As I understand it (and I do stress that), the M-flag indicates whether or not *addresses* are available via DHCPv6 (RFC 4861 s4.2). Prefixes (IA_PD) is something different. Therefore, assuming that availability of IA_PD is signalled using RA flags to begin with, then it is "other configuration" and thus signalled with the O-flag, not the M-flag. I know of at least one wireline ISP that has such a deployment, i.e., they support DHCPv6 IA_PD but not IA_NA/IA_TA, and they signal this using M=0 + O=1. 3) The draft describes tunneling traffic in a stateless manner. I take that to mean that the APs and WLAN-GW will be incapable of performing reassembly at tunnel egress (and by extension that they won't fragment GRE packets on ingress either). That in turn means that you either 1) need to allow for jumbo frames in the transport network between the WLAN-GW and the APs, or 2) provide UEs with a reduced MTU (which implies the RA MTU option should be used and possibly also TCP-MSS clamping at the WLAN-GW). Since this is an operational guidance document I believe this is something that should be discussed. 4) Is UE roaming between APs/BSSIDs supported, and if so how does this work? As I understand it, the WLAN-GW will have 1 GRE interface per AP, so if a UE roams from one AP to another, its MAC address and all of its associated IPv6 addresses will (from the WLAN-GW's POV) move from one GRE interface to another, which would in turn require the WLAN-GW to somehow notice this and move the associated /64 and any NDP entries from the previous GRE interface to the current one. Right? If so, some discussion on how that happens would be appreciated (or at least a statement that "secret vendor sauce is assumed to be applied here" if that is indeed the case). 5) This is just a thought, but regarding the operational consideration in section 5 regarding supporting privacy addresses: Would it be possible for the WLAN-GW to simply send all traffic destined for the UE's dedicated /64 to the UE's MAC address without maintaining ND entries for each address in use? This way, a single UE could use gazillions of IPv6 addresses without risking resource exhaustion in the WLAN-GW. OTOH, maybe that would cause problems for UEs that are providing tethering to downstream hosts using layer-2 bridging? 6) Some editorial nits I noticed (although I wasn't specifically looking for them): Missing «.» at the end of page 7, s/Lawfull/Lawful/ on page 12.
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- [v6ops] Focused discussion: draft-ietf-v6ops-uniq… fred
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Lorenzo Colitti
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Lorenzo Colitti
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Tore Anderson
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Brzozowski, John
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Brzozowski, John
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Tom Herbert
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Mark Smith
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… David Farmer
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Brzozowski, John
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Brzozowski, John
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Brzozowski, John
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Fred Baker (fred)
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… David Farmer
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… joel jaeggli
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… David Farmer
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Eric Vyncke (evyncke)
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… David Farmer
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… David Farmer
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… David Farmer
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Eric Vyncke (evyncke)
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… Templin, Fred L
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… VAN DE VELDE, Gunter (Gunter)
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… VAN DE VELDE, Gunter (Gunter)
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… VAN DE VELDE, Gunter (Nokia - BE)
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… VAN DE VELDE, Gunter (Nokia - BE)
- Re: [v6ops] Focused discussion: draft-ietf-v6ops-… VAN DE VELDE, Gunter (Nokia - BE)