Re: [v6ops] Erik Kline's Discuss on draft-ietf-v6ops-cpe-slaac-renum-05: (with DISCUSS and COMMENT)

Fernando Gont <fgont@si6networks.com> Thu, 28 January 2021 02:10 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6F533A1107; Wed, 27 Jan 2021 18:10:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kkMbSfvgoW4C; Wed, 27 Jan 2021 18:10:30 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D236E3A1103; Wed, 27 Jan 2021 18:10:28 -0800 (PST)
Received: from [IPv6:2800:810:464:2b9:69a9:e23f:a699:f848] (unknown [IPv6:2800:810:464:2b9:69a9:e23f:a699:f848]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 705E9280474; Thu, 28 Jan 2021 02:10:24 +0000 (UTC)
To: Erik Kline <ek.ietf@gmail.com>, The IESG <iesg@ietf.org>
Cc: draft-ietf-v6ops-cpe-slaac-renum@ietf.org, v6ops-chairs@ietf.org, v6ops@ietf.org, Owen DeLong <owen@delong.com>
References: <160334506239.20395.15102292380884503313@ietfa.amsl.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <2c297a30-73e3-1a36-0add-5e1204c9ff32@si6networks.com>
Date: Wed, 27 Jan 2021 23:10:09 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <160334506239.20395.15102292380884503313@ietfa.amsl.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/d5rU-50aTvzoddLV6mb9foNbmao>
Subject: Re: [v6ops] Erik Kline's Discuss on draft-ietf-v6ops-cpe-slaac-renum-05: (with DISCUSS and COMMENT)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jan 2021 02:10:33 -0000

Hi, Erik,

In-line...

On 22/10/20 02:37, Erik Kline via Datatracker wrote:
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> [ section 3.2 ]
> 
> * I absolutely agree in principle at these other lifetimes should be updated
>    to the shorter of the two applicable lifetimes, but I'm worried that this
>    text is not sufficiently precise.  Specifically, this recommendation only
>    applies to options that depend in any way on the change in the delegated
>    prefix, yes?  Perhaps just this qualifier is sufficient?

How about tweaking the first paragraph of Section 3.2 as:

   CE Routers SHOULD override the default lifetime values of Neighbor 
Discovery options that depend in any way on the change delegated prefix, 
and employ shorter lifetime values to improve the robustness to 
renumbering events, while complying with the requirements from Section 
2.1 of this document and the recommendations in [RFC7772].

?

I wonder if we should s/delegated prefix/prefix employed for automatic 
address configuration/ . i.e., you don't want e.g. a default pio valid 
lifetime of 1 month, even if you have e.g. configured the prefix 
manually. Otherwise, if the CPE crashes and is replaced with a different 
box, the associated information will lying around forever.



>    For example, none of these comparative lifetime recommendations apply to
>    a stable ULA for a router that meets requirements ULA-[1..5] and chooses
>    to advertise a ULA /48 RIO and maybe even a ULA DNS server, I think.
> 
>    That being said, should this document also be saying that the ULA-derived
>    options SHOULD prefer the ND_{P,V}_LIMIT lifetime values, in case a reboot
>    causes a new ULA to be generated (i.e. the one supposedly in stable storage
>    is lost or otherwise unrecoverable)?

Indeed. FWIW, I've moved the discussion of this topic to a separate 
email (which I posted in the subthread where you discssed this with Ted).




> 
> [ section 3.1 ]
 >
> * With respect to the second bullet: the lifetimes need to be dynamically
>    *updateable*, not necessarily updated if, for example, the ND_{P,V}_LIMIT
>    values are always lower than the remaining PD lifetimes.  In this situation,
>    the requirement is still that the lifetimes can be updated, but to the
>    casual observer of the steady state the RA contents might appear static
>    (e.g., while the PD'd prefix is continuously renewed).
> 
>    Maybe there's no text required here, but I didn't want a reader to be left
>    with the impression that no two RAs could be identical

How about adding, at the end of the bullet:

In scenarios where the  valid-lifetime and the preferred-lifetime of the 
prefix leased via DHCPv6 on the WAN-side are always lower than 
ND_VALID_LIMIT and ND_PREFERRED_LIMIT, respectively, the lifetime values 
advertised on the LAN-side will see no changes during the lifetime of 
said prefix.

....or the like?



> [[ nits ]]
> 
> [ section 3.3 ]
> 
> * In the 2nd bullet's 2nd bullet (this might be easier if these lists were
>    numbered),

Change both lists (innet an outter) to numbered lists?


> it might be good to clarify that "the *deprecated* prefix can
>    simply be advertised..."

Done.

Thanks!

Regards,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492