IETF Logo Mail Archive

Re: [v6ops] Updated draft-ietf-v6ops-rfc6555bis to version 01

David Schinazi <dschinazi@apple.com> Wed, 28 June 2017 02:43 UTC

Return-Path: <dschinazi@apple.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21D54126CC4 for <v6ops@ietfa.amsl.com>; Tue, 27 Jun 2017 19:43:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ez3ZRtR6EWyu for <v6ops@ietfa.amsl.com>; Tue, 27 Jun 2017 19:43:55 -0700 (PDT)
Received: from mail-in25.apple.com (mail-out25.apple.com [17.171.2.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5ED8712717E for <v6ops@ietf.org>; Tue, 27 Jun 2017 19:43:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1498617834; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-reply-to:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=i2a2hpFUoUxtQiiPFUJi4RCKjK762g3o1nQKxG+L3E4=; b=A6NoK9vyiiQnBNxYNQK4A+7yMJ/DdNvjJDHBnX52dt+uxvMfhVEf7yXVSvP7fQ8S bCLdn58MWAv/0LAqPieHZKDUGHdRUHi1oYq872ovnzj9xiVMatHrzEFDerfWCZzr BhIs8qIpORikHwMOylFurfSVxKi1EdcFB1KR5lkjlEsIZxkZkBK/0J2QDrYeN2hj XaU/Is6GGuV0LC6k81ab1OVr7E7LtlBHkN1kT6Zn72pxLeF1mLg2h00Svc3Jx+61 9qmqtWKnIhp2abuEgloF3e/tQiIH56SS7SS+aR+Y4x2cfqrD4eXtu00xIXcq2cKR SEoiCZAC/96KrdLXifNCnQ==;
Received: from relay8.apple.com (relay8.apple.com [17.128.113.102]) (using TLS with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail-in25.apple.com (Apple Secure Mail Relay) with SMTP id F3.A2.05744.AE713595; Tue, 27 Jun 2017 19:43:54 -0700 (PDT)
X-AuditID: 11ab0219-dacb19c000001670-69-595317ead134
Received: from kencur (kencur.apple.com [17.151.62.38]) by relay8.apple.com (Apple SCV relay) with SMTP id 42.B6.05704.9E713595; Tue, 27 Jun 2017 19:43:54 -0700 (PDT)
MIME-version: 1.0
Content-type: multipart/alternative; boundary="Boundary_(ID_D7nD5xDN6AARe33Z1/zsfw)"
Received: from [100.122.139.66] (116.sub-70-213-23.myvzw.com [70.213.23.116]) by kencur.apple.com (Oracle Communications Messaging Server 8.0.1.2.20170210 64bit (built Feb 10 2017)) with ESMTPSA id <0OS800KSRKX4MY30@kencur.apple.com>; Tue, 27 Jun 2017 19:43:53 -0700 (PDT)
Sender: dschinazi@apple.com
From: David Schinazi <dschinazi@apple.com>
X-Mailer: iPhone Mail (14G40)
In-reply-to: <FA0D06E7-47F9-4029-81D4-2D96BFDD5576@consulintel.es>
Date: Tue, 27 Jun 2017 19:43:52 -0700
Cc: IPv6 Ops WG <v6ops@ietf.org>
Message-id: <65F3C8F4-6533-4C15-83F9-64AFC0EFFA79@apple.com>
References: <149670589074.3841.10812713591494006570@ietfa.amsl.com> <C22244D7-ABF6-430B-8155-8D4C1C1382DF@apple.com> <FA0D06E7-47F9-4029-81D4-2D96BFDD5576@consulintel.es>
To: jordi.palet@consulintel.es
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrELMWRmVeSWpSXmKPExsUi2FCYpvtKPDjSoOeJisXf45+ZLU4f28vs wOSxbn+Ax5IlP5kCmKK4bFJSczLLUov07RK4Mi7tbWEumHmbsWLS+z72BsbXuxi7GDk4JARM JLr/J3cxcnIICaxlkjh6nBHEBgnv3dnB3sXIBRRfwSjx7OJ3dpAEr4CgxI/J91hAbGaBMIk5 L9awQhTNYJJo6dsEViQsIC3RdeEuK4TtJvF3w0omkGVsAloSB9YYQeyVlfi4UgqkglPASWLX 0lNgFSwCqhKTl0ZCTFeQaHvXzgix1Ubi99c1TBCb1jFKLJ95kwkkISIgJ3F3RSsjSEJC4ACb xNmDZ5gmMArNQnLqLCSnzgLawSygLjFlSi5EWFviybsLrBC2msTC34uYkMUXMLKtYhTOTczM 0c3MMzLVSywoyEnVS87P3cQIioTVTJI7GL++NjzEKMDBqMTDu0IkOFKINbGsuDL3EKM0B4uS OO/UOYGRQgLpiSWp2ampBalF8UWlOanFhxiZODilGhj3Nh9LefVbkf3FFaaJ7BtrbRgqFdh2 K0p+iT+1PojVdpe3+60DVR0Xp/uJ/5ZdItrRWN/BUajiL6O4XN71rLfQTvUJ+x90fJDiXPr4 1crm3vTL/jY7We9Ub+Uq184LZ9trL+CaWBZ09r3PIYvVMq/Du85OD+x5kBR38rrKvthJul9P 99ffV1FiKc5INNRiLipOBADj6F1nZQIAAA==
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrLIsWRmVeSWpSXmKPExsUiON1OTfeVeHCkQVsTp8Xf45+ZLU4f28vs wOSxbn+Ax5IlP5kCmKK4bFJSczLLUov07RK4Mi7tbWEumHmbsWLS+z72BsbXuxi7GDk5JARM JPbu7GDvYuTiEBJYwSjx7OJ3dpAEr4CgxI/J91hAbGaBMIk5L9awQhTNYJJo6dsEViQsIC3R deEuK4TtJvF3w0qmLkYODjYBLYkDa4xATAkBWYmPK6VAKjgFnCR2LT0FVsEioCoxeWkkxHQF ibZ37YwQW20kfn9dwwSxaR2jxPKZN5lAEiICchJ3V7QyTmDkn4XkullIrpsFNJZZQF1iypRc iLC2xJN3F1ghbDWJhb8XMSGLL2BkW8UoUJSak1hpoZdYUJCTqpecn7uJERS6DYVpOxibllsd YhTgYFTi4V0hEhwpxJpYVlyZe4hRgoNZSYSXZXNQpBBvSmJlVWpRfnxRaU5q8SHGiYxAj01k lhJNzgdGVl5JvKGJiYGJsbGZsbG5iTkthZXEeWV6gC4SSE8sSc1OTS1ILYI5iomDU6qBcdqD L7e31Bob3MoTD+a3ePfNViNv7c+fB/2euJs0WjTONEzZdJ/pxJbLMkvkF944bJIQp+jV/bZW b7pN9s/Ptfc5i9K+M0cfco08vW3FvkmS8+Y8LJHTc1UtmifyYtHyLbyFTc7ebreSvCJ1fM9I xpXoLW0/uHxL08v2tPuf65RvB3jNj5jXrcRSnJFoqMVcVJwIAAZI1yLQAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/VmtSbh8xtEI60G1LxTuWxQGK6G0>
Subject: Re: [v6ops] Updated draft-ietf-v6ops-rfc6555bis to version 01
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Jun 2017 02:43:59 -0000

Hi Jordi,

Thanks for the review! I applied your clarifications to our working copy.

I don't think the document needs to mandate making constants configurable. Modern operating systems receive periodic software updates that can change the values as we work our way towards deprecating Happy Eyeballs. Average smartphone users shouldn't be bothered with this (if you can't configure it you can't misconfigure it).

As we discussed in Chicago, end users should never be made aware of IPv6 network failures as they are not their burden or responsibility to fix. Network operators shouldn't expect their users to be the first ones to notice something's broken. In effect HE will be deprecated when ISPs stop routing IPv4.

Regarding PMTUD, I'm not sure what you're suggesting. HE doesn't currently help with the issue so we marked it out of scope. Are you suggesting a remedy?

Regarding section 7.1, old socket APIs are out of scope as HE is implemented above or alongside sockets. Applications using sockets directly will not get any of these benefits.

Thanks,
David Schinazi


> On Jun 18, 2017, at 03:57, JORDI PALET MARTINEZ <jordi.palet@consulintel.es> wrote:
> 
> Hi David,
> 
> Very good job! Some comments.
> 
> Implementations MUST NOT wait for both families of answers to return
>   before attempting connection establishment.  If one query fails to
>   return, or takes significantly longer to return, waiting for the
>   second address family can significantly delay the connection
>   establishment of the first one.  Therefore, the client MUST treat DNS
>   resolution as asynchronous.  Note that if the platform does not offer
>   an asynchronous DNS API, this behavior can be simulated by making two
>   separate synchronous queries on different threads, one per address
>   family.  If the AAAA query returns first, the first IPv6 connection
>   attempt MUST be immediately started.  If the A query returns first,
>   the client SHOULD wait for a short time for the AAAA response.  This
>   delay will be referred to as the "Resolution Delay".  The RECOMMENDED
>   value for the Resolution Delay is 50 milliseconds.
> 
> [Jordi] I’m not sure to fully understand this text, as somehow seems to me contradictory. “waiting for the second address family can significantly delay the connection”, but then you mention 50 milliseconds as recommended. I think it will be nice to clarify it. Also, I think the Resolution Delay should be a parameter, somehow configurable in the OS or apps. This would also facilitate “deprecating” the use of HE (by increasing the delay to an exaggerated value), without necessarily removing the code neither breaking apps that rely on it, when we decide that IPv6 is widely spread so any IPv6 failures should be noticed by end-users in order to pass the message to the ISP, etc.
> 
> (note that this is not
>   referring to the sending of AAAA or A queries, but rather the address
>   of the DNS server itself)
> 
> [Jordi] To make it clear, maybe you want to say something such as “… but rather the protocol used for the DNS transport”
> 
> This delay is referred
>   to as the "Connection Attempt Delay".  One recommended value for this
>   delay is 250 milliseconds.
> 
> [Jordi] Similar comments about the “Connection Attempt Delay” as earlier: should be a parameter, somehow configurable in the OS or apps. This would also facilitate “deprecating” the use of HE (by increasing the delay to an exaggerated value), without necessarily removing the code neither breaking apps that rely on it, when we decide that IPv6 is widely spread so any IPv6 failures should be noticed by end-users in order to pass the message to the ISP, etc.
> 
> 464XLAT has the advantage of
>   not requiring changes to user space software, however it requires
>   per-packet translation and does not encourage client application …
> 
> [Jordi] I think this text will make it more accurate:
> “464XLAT has the advantage of
>   not requiring changes to user space software, however it requires
>   per-packet translation in case the application is using IPv4 literals (or similar situations as older socket APIs) and does not encourage client application …
> 
> [Jordi] One question here. Should section 7.1 also consider not just literals but old socket APIs?
> 
> 7.2 Host Names with Broken AAAA Records
> 
> [Jordi] I think you could add in this section (or a new section), the case for broken PMTUD. We have today many situations were on purpose or as a consequence of bad implementation of load-balancing, ECMP, etc. You can try it with any web site from 1&1 (for example diskmakerx.com) … just force a reduction on your MTU I you will find that the website is not only non-accessible with IPv6, but also doesn’t work with IPv4, because actual HE implementations aren’t able to detect this problem. I think it will be possible and of course, it will mean removing or having a different text for “9.1.  Path Maximum Transmission Unit Discovery”. I agree that because the nature of HE, active only at the initial stage, we need to somehow extend the HE algorithm to test that, but I think this is the perfect opportunity to make it, because HE is successfully implemented everywhere, so I guess it will be successfully updated. Making it a “different” RFC/protocol, may not have the same impact.
> 
> [Jordi] Of course, I think is a major ISP/date center issue, but they aren’t resolving it (tried for two years in this specific case), but there are many others, worldwide, and if we believe HE is the right solution for “ISPs not doing correctly their job”, then we should also support this “failure”. Again, using parameters, to make sure that when IPv6 is more globally spread we can “deprecate” HE and make sure to pass the ball again to those “bad guys in the sense that they don’t do a good job, or don’t make sure that they test correctly their deployments from the perspective of all kind of users”.
> 
> 8.  Summary of Configurable Values
> 
> [Jordi] Looking at this section, you’re saying somehow what I was expressing earlier, so maybe we can make it clearer and is the right place to include a must to have all those parameters as OS configurable ones (by apps, users, network management, etc.).
> 
> 
> 
> Regards,
> Jordi
> 
> 
> -----Mensaje original-----
> De: v6ops <v6ops-bounces@ietf.org> en nombre de David Schinazi <dschinazi@apple.com>
> Responder a: <dschinazi@apple.com>
> Fecha: martes, 6 de junio de 2017, 2:10
> Para: IPv6 Ops WG <v6ops@ietf.org>
> Asunto: [v6ops] Updated draft-ietf-v6ops-rfc6555bis to version 01
> 
>    Hi v6ops,
>    We have updated draft-ietf-v6ops-rfc6555bis to version 01.
>    https://tools.ietf.org/html/draft-ietf-v6ops-rfc6555bis-01
> 
>    This version incorporates feedback we received on the previous version,
>    and adds a new section on "Supporting IPv6-only Networks with NAT64 and DNS64"
>    as these technologies require changes in the Happy Eyeballs stack
>    on devices that do not support 464XLAT.
> 
>    Please let us know what you think!
> 
>    Thanks,
>    David Schinazi
> 
> 
> 
>    A New Internet-Draft is available from the on-line Internet-Drafts directories.
>    This draft is a work item of the IPv6 Operations of the IETF.
> 
>            Title           : Happy Eyeballs Version 2: Better Connectivity Using Concurrency
>            Authors         : David Schinazi
>                              Tommy Pauly
>        Filename        : draft-ietf-v6ops-rfc6555bis-01.txt
>        Pages           : 13
>        Date            : 2017-06-05
> 
>    Abstract:
>       Many communication protocols operated over the modern Internet use
>       host names.  These often resolve to multiple IP addresses, each of
>       which may have different performance and connectivity
>       characteristics.  Since specific addresses or address families (IPv4
>       or IPv6) may be blocked, broken, or sub-optimal on a network, clients
>       that attempt multiple connections in parallel have a higher chance of
>       establishing a connection sooner.  This document specifies
>       requirements for algorithms that reduce this user-visible delay and
>       provides an example algorithm.
> 
> 
>    The IETF datatracker status page for this draft is:
>    https://datatracker.ietf.org/doc/draft-ietf-v6ops-rfc6555bis/
> 
>    There are also htmlized versions available at:
>    https://tools.ietf.org/html/draft-ietf-v6ops-rfc6555bis-01
>    https://datatracker.ietf.org/doc/html/draft-ietf-v6ops-rfc6555bis-01
> 
>    A diff from the previous version is available at:
>    https://www.ietf.org/rfcdiff?url2=draft-ietf-v6ops-rfc6555bis-01
> 
> 
> 
> 
> 
> 
>    _______________________________________________
>    v6ops mailing list
>    v6ops@ietf.org
>    https://www.ietf.org/mailman/listinfo/v6ops
> 
> 
> 
> 
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.consulintel.es
> The IPv6 Company
> 
> This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.
> 
> 
> 
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email