IETF Logo Mail Archive

Re: [v6ops] Implementation Status of PREF64

Lorenzo Colitti <lorenzo@google.com> Fri, 01 October 2021 05:50 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27F273A0772 for <v6ops@ietfa.amsl.com>; Thu, 30 Sep 2021 22:50:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -18.097
X-Spam-Level:
X-Spam-Status: No, score=-18.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.499, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CIAPAUT9BNOy for <v6ops@ietfa.amsl.com>; Thu, 30 Sep 2021 22:50:38 -0700 (PDT)
Received: from mail-io1-xd34.google.com (mail-io1-xd34.google.com [IPv6:2607:f8b0:4864:20::d34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F26F3A0101 for <v6ops@ietf.org>; Thu, 30 Sep 2021 22:50:38 -0700 (PDT)
Received: by mail-io1-xd34.google.com with SMTP id i62so10385775ioa.6 for <v6ops@ietf.org>; Thu, 30 Sep 2021 22:50:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=PNulzM9bYPT5M0rwY6k+RJ3MqN7WPt51pCW0pwH9nAY=; b=LIkXZEO6UMNUyTiIMbBp+EiAvALD/PBXbcRfwA1qBTzGm1FWOh7Ukbvcd+jvpCxXP0 0A/9a7et6ni+/yeWlVbW3O5kO1Ss9BrsABhgRcUeJ7RFQGPO1j2r+tRcoLlPDllNLi0I 7gNDT1/15qzW5AdB8pgDLeNar9XCt/5CDK+N6ZMTZ6ttyadxYZ+TbnlVamfoSB0IyI19 Hvf3p2589aeJ05w7WMcc40qL5bIEcdyxKKLMkJ08Cx3waENklwVHkFi5h6E0i5eArNqD RgFmK52kpDxrqaiaHzaElIpYX46Q8dA4x3gwzPCjwW+/jpG+kTvcASHU5uO0yRNiXjRl Ob+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=PNulzM9bYPT5M0rwY6k+RJ3MqN7WPt51pCW0pwH9nAY=; b=mZf3pnqzCKGCifC+Ar89c7KbQeEZw1UJsMCf2KVfE0fSVApkdx0IoCpIhjFsWHWQG6 e4YQduj63LvuLxwSKAET7XguWKmeBcakfEn4Rw+0604HgW53A7G4dduEAOVt0msOCG/x 9kqDo6j4tPULmAQCKtLdn/ECGrBibzMTBBstbZFV7UtiLWdxaZmKT8HpjxYO+MrzjkhG JqohoLQE1L8dAIRaY4evRGroYpjANicgie67vvOMZUS3bbQAVMCzAqJGMp8GwwGD8kRf QnEk9TCZ0TV4a21ucutKGWx3jSucBCc99Nfu8QSc+wtztglfY54wp63pIh4NMz6BtyUM XsXQ==
X-Gm-Message-State: AOAM531gk8c7x7eyC42kGIMoeqYXAm32pw//i8p9Qg1bx8Ah3BWiX10d 1jdvdrbPhztHKume6kDPjIZdIozFhbcD/OmT6Ui8FRg1B1kBnA==
X-Google-Smtp-Source: ABdhPJyNb+l1lMEt9un2xbWXuP9siWIYcahFce2FGFaFD4ziRP4CMbIap87MFQzbqkIiB3YgNnHLZDtbIoXIUlsempc=
X-Received: by 2002:a05:6638:14d0:: with SMTP id l16mr8112543jak.142.1633067436824; Thu, 30 Sep 2021 22:50:36 -0700 (PDT)
MIME-Version: 1.0
References: <DDA36020-90CC-471B-83AD-3D98950F1164@delong.com> <CAO42Z2wdoSdJDOB2Zo0=ZK0ecOARRsdg2nbHZGSDOhryPbLfDw@mail.gmail.com> <F2BD0A42-E9AD-45DD-999A-638E73BE1177@delong.com> <CAKD1Yr2K3Gd3JD=NJFOoH6GYgs-8ACxRQB9-sKJ7cbF4_hxsow@mail.gmail.com> <0B533C71-5DB0-410D-A5A3-7E8FD559F214@delong.com> <CAKD1Yr3NoYfNT7+OVJoCCdgdif6AHHw29tNCPttS=-NuRZKv3w@mail.gmail.com> <5FAD5290-3616-4194-B783-D473DB38A89A@delong.com> <m1mVGC6-0000HSC@stereo.hq.phicoh.net> <D6620D7C-8FE8-4294-8014-AB18A230C9C7@delong.com> <m1mVItl-0000GuC@stereo.hq.phicoh.net> <YVN6/cA6Ob3vLJQH@Space.Net> <m1mVK32-0000HpC@stereo.hq.phicoh.net> <CAO42Z2zQys6o41+m1iX1Mm88M7CaUdQa1C+uuYqxz2STfcwt_Q@mail.gmail.com> <d2887464-19d7-da09-d6f6-51ddc0e9ca45@foobar.org> <CAO42Z2w=BVoy-EmkM+x=8bVJc8WAcwRyLrdpsOAxu-as3ed6ZQ@mail.gmail.com> <CAN-Dau0v5dS9esEfQk9w0deG-QLpQ6EH9JJBY4JVcUfstFENkQ@mail.gmail.com> <1e9444b30d964a5cb17ff419eca6cc35@huawei.com> <CAKD1Yr0T-7t-UHbsJBMLpTjKhPAV5uUQkux6oby89TVUue7PyA@mail.gmail.com> <CO1PR11MB4881D400EA4681F1505040D2D8AA9@CO1PR11MB4881.namprd11.prod.outlook.com> <CAKD1Yr3TmqFxjKuZ57wS7VuPOf6rJvOwnvnQdFrRLQ=DkZ+CCw@mail.gmail.com> <CO1PR11MB4881F411A4D5BEA7A8479726D8AA9@CO1PR11MB4881.namprd11.prod.outlook.com> <D8AEA194-293B-43E4-BCAE-33CD81FB7D8C@delong.com> <CAKD1Yr2Tug-PFV7wAh0s6-gw8W3LcLG7wC1fD7Lu_hMZQYKdtw@mail.gmail.com> <08D2885E-B824-48E8-9703-DCA98771FA37@delong.com> <CAKD1Yr2EVsY3tYUf56R0Q1+KVrowtqh-HgwXj5vxzy4wd-vkTg@mail.gmail.com> <1A6ED87B-666E-439C-852F-2E5C904C0515@delong.com> <CAKD1Yr23fY2DJDvB-9eVFRsxnBnZQ0kZuZfYUfRUHYW=_D=enA@mail.gmail.com> <CAN-Dau1z0q0R61x7iY+Wg_cFRU0jmqr+fR0y=bSXxj+K-n722w@mail.gmail.com>
In-Reply-To: <CAN-Dau1z0q0R61x7iY+Wg_cFRU0jmqr+fR0y=bSXxj+K-n722w@mail.gmail.com>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Fri, 01 Oct 2021 14:50:24 +0900
Message-ID: <CAKD1Yr1T_mXfxJGHOrBfqZfexm6GTrUqnFi57710pTroKQK6uQ@mail.gmail.com>
To: David Farmer <farmer=40umn.edu@dmarc.ietf.org>
Cc: Owen DeLong <owen@delong.com>, v6ops list <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000077da3705cd44242e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/dooibL27Xw2E97Z1PtEPr-hx32M>
Subject: Re: [v6ops] Implementation Status of PREF64
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Oct 2021 05:50:44 -0000

On Fri, Oct 1, 2021 at 2:15 PM David Farmer <farmer=40umn.edu@dmarc.ietf.org>
wrote:

> So, is there a compromise somewhere between 1 and 2^64 addresses to be
> had? Isn't it possible to request multiple addresses, that is to request
> multiple IA_NA options? Then if the server returns a number of addresses
> below a threshold, then refuse the addresses?
>

Well, let's find out. :-)

Let's see if we get enough consensus to work on an RFC that says that all
general-purpose DHCPv6 clients are entitled to receive N addresses; that
any network that does not provide that number of addresses is in violation
of the RFC; and that any client disabling the IPv4 stack if it does not get
at least N addresses is in full compliance with all IETF specifications
including RFC 8415.

Personally I will be very surprised if you get consensus on any N even on
this thread (let alone the WG or the IETF). The reason for that 1 is
unacceptable to some folks, but any time you go beyond 1, then lots of
infrastructure needs to be changed. And that's the rub here: IMO, when
folks say they want DHCPv6, it's not because they want security or access
control or tracking or whatever else. It's because they want to run their
networks *in the same way as they do in IPv4*. That means an IPAM that maps
one MAC to one IP and one DNS name, for example. If you're an enterprise,
that's a legitimate desire: why pay costs that you don't think are
necessary? The problem is that the enterprise does not pay the costs of
NAT; device manufacturers, app developers, and users do. It would be good
for users to stop having to pay those costs when we upgrade to IPv6. This
is where we're stuck I think.

Another reason for not having a hard number is that TCAM is expensive and
that any number that would provide enough flexibiilty in the long term
(e.g., one IPv6 address per app on the device) would likely be too
expensive today. That's obviously easily solved with DHCPv6 PD, but the
problem with DHCPv6 PD is that it's not IA_NA, and requires infrastructure
to be changed. Same problem as above.

Anyway, we can try this out as a thought experiment. I'll start: how about
N=64?

v2.23.0 | Report a Bug | By Email