Re: [v6ops] Updated draft-ietf-v6ops-rfc6555bis to version 01
JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Thu, 29 June 2017 07:52 UTC
Return-Path: <prvs=1353ba9eec=jordi.palet@consulintel.es>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7C2A12EAAA for <v6ops@ietfa.amsl.com>; Thu, 29 Jun 2017 00:52:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es; domainkeys=pass (1024-bit key) header.from=jordi.palet@consulintel.es header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EvGaGvhBFyfb for <v6ops@ietfa.amsl.com>; Thu, 29 Jun 2017 00:52:23 -0700 (PDT)
Received: from mail.consulintel.es (mail.consulintel.es [217.126.185.215]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7304512EA52 for <v6ops@ietf.org>; Thu, 29 Jun 2017 00:52:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1498722741; x=1499327541; q=dns/txt; h=DomainKey-Signature: Received:User-Agent:Date:Subject:From:To:Message-ID:Thread-Topic: References:In-Reply-To:Mime-version:Content-type: Content-transfer-encoding:Reply-To; bh=r3fziOKvqMJOX0eQ16KF/ps8z o3APjD0TJJwfn8pOYo=; b=VlJ+Sv9A4vFkymM6vFKMKacJucVG/n7GvrHYdQh26 5fPbNL8HNYg8NkLyTB+CW9JBE3tDX7jHyQ/0W0gDmQTntQ0V5y02vrcJ6yevfPrk z/E/ywKfGsvxqKzjK6A0yM7HLsQkxBueqd0r7mmhAXT1LQKk0I1hqpdh0kMHtl/O T8=
DomainKey-Signature: a=rsa-sha1; s=MDaemon; d=consulintel.es; c=simple; q=dns; h=from:message-id; b=e1GpKXiohWi2N7ePke/OUQaRC8wf7gS+9gysgblYcahg+Iysh2yEaM2UOYz8 fxucu+617TWZRNVduI1fsfnGHJMT2A+eeugViOt0d96Eyw/yX2/LvTrRs WohvXUC24+ZaCa3WSsUccIEfF/3MA7f0USW9UsRi6+R4RIpEKUTWvY=;
X-MDAV-Processed: mail.consulintel.es, Thu, 29 Jun 2017 09:52:21 +0200
X-Spam-Processed: mail.consulintel.es, Thu, 29 Jun 2017 09:52:20 +0200
Received: from [10.10.10.99] by mail.consulintel.es (MDaemon PRO v11.0.3) with ESMTP id md50005461309.msg for <v6ops@ietf.org>; Thu, 29 Jun 2017 09:52:19 +0200
X-MDOP-RefID: re=0.000,fgs=0 (_st=1 _vt=0 _iwf=0)
X-Authenticated-Sender: jordi.palet@consulintel.es
X-HashCash: 1:20:170629:md50005461309::ADHLK0I399ugjSTz:000003Hg
X-Return-Path: prvs=1353ba9eec=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: v6ops@ietf.org
User-Agent: Microsoft-MacOutlook/f.21.0.170409
Date: Thu, 29 Jun 2017 09:52:14 +0200
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: IPv6 Ops WG <v6ops@ietf.org>
Message-ID: <17C48B38-9EE2-4C17-AE6D-4DFAE1A700B5@consulintel.es>
Thread-Topic: [v6ops] Updated draft-ietf-v6ops-rfc6555bis to version 01
References: <149670589074.3841.10812713591494006570@ietfa.amsl.com> <C22244D7-ABF6-430B-8155-8D4C1C1382DF@apple.com> <FA0D06E7-47F9-4029-81D4-2D96BFDD5576@consulintel.es> <65F3C8F4-6533-4C15-83F9-64AFC0EFFA79@apple.com> <4AC6726C-142E-48E5-95CF-2C3AD3331441@consulintel.es> <63B9D8C9-159F-4026-9CF8-75ABB1EF7885@apple.com>
In-Reply-To: <63B9D8C9-159F-4026-9CF8-75ABB1EF7885@apple.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Reply-To: jordi.palet@consulintel.es
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/fOJ_Y81_xJAXoKSK2DcC9qmjLcQ>
Subject: Re: [v6ops] Updated draft-ietf-v6ops-rfc6555bis to version 01
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jun 2017 07:52:26 -0000
On Jun 28, 2017, at 01:18, JORDI PALET MARTINEZ <jordi.palet@consulintel.es> wrote:
I don't think the document needs to mandate making constants configurable. Modern operating systems receive periodic software updates that can change the values as we work our way towards deprecating Happy Eyeballs. Average smartphone users shouldn't be bothered with this (if you can't configure it you can't misconfigure it).
[Jordi] I understand that, however, having parameter in the OS, it means other apps can change that if they need it, even before there is an OS update. There are many users that don’t update the OS, so this is not a good way to ensure a correct future behaviour. Remember recent wannacry, etc., because outdates OS?
[DS] I don't believe the benefit of increasing HE timers outweighs the risk of misconfiguration.
The section is titled "Summary of Configurable Values" which means OS implementers can choose to make these configurable. Some implementers will not.
[Jordi-2] Do you think it makes sense to let the implementors to not make them configurable? Because if that’s the case then a strong recommendation to make it configurable in section 8, should work ;-)
As we discussed in Chicago, end users should never be made aware of IPv6 network failures as they are not their burden or responsibility to fix. Network operators shouldn't expect their users to be the first ones to notice something's broken. In effect HE will be deprecated when ISPs stop routing IPv4.
[Jordi] Yes, and not. This is the intend of HE, but if HE only sort outs part of the possible issues, then one way or the other, the user notice it … so this is related with the suggestion for PMTUD failures to be also sorted out by HE …
Regarding PMTUD, I'm not sure what you're suggesting. HE doesn't currently help with the issue so we marked it out of scope. Are you suggesting a remedy?
[Jordi] Exactly, what I’m suggesting is to improve a bit more HE and be able to verify the PMTUD filtering, so if IPv6 is faster than IPv4, but then PMTUD is filtered, then HE can also “take” the decision to use IPv4. This way we got what you wanted: User not aware of IPv6 failures! I don’t get then the “warning” to the ISP, but we can find a different way for that problem of course …
[DS] Solving PMTUD issues is currently done inside the TCP stack not HE, I'm not certain of the value of adding complexity to HE for this.
[Jordi-2] Here is the point. I now increase a bit the HE complexity, but we are taking a big opportunity of a successfully widely implemented mechanisms to do something very good with an update. If instead of that we choose to write a *new* mechanism specific for detecting the PMTUD problem, it will take much longer to become widely implemented, and I think we are in the IETF to solve the problems in a way that is more convenient and better for the community, right?
Regarding section 7.1, old socket APIs are out of scope as HE is implemented above or alongside sockets. Applications using sockets directly will not get any of these benefits.
[Jordi] I understand that, and I’m somehow ignorant about how OS do this internally, so just wondering if we can take also the opportunity to also allow them to use HE.
[DS] That isn't possible with current architectures, but either way we're moving away from sockets so I don't think there's much value in solving this issue:
https://tools.ietf.org/html/draft-trammell-taps-post-sockets
[Jordi-2] got it, thanks!
[Jordi] Final comment. Do you think we can further extend HE in order to provide a way to warn the ISP that HE is forcing IPv4, because IPv6 performance is low? I think we can find several ways to do that, may be a common dns name such as he-fail.isp.com <http://he-fail.isp.com> or something similar, that IF the ISP want to implement, gets info about those failures, but the ISP is free to implement it or not. This is useful for those ISPs that really do a good job monitoring their networks, of course, but I think is a perfect opportunity from HE instead of something different.
[DS] That sounds reasonable to me, I think it deserves its own draft though (and will require a serious discussion about user privacy implications).
[Jordi-2] Same argument as above for the PMTUD. I think is feasible to make it in the same document and take the opportunity of the success. I understand that it may mean that the move to last call may take a couple of additional cycles. It is not my intent to delay this at all, but instead, to make whatever is better for the community. A couple of months of delay is worth instead of waiting years for an alternative protocol to be implemented widely. I’m sure you understand my point. This is my suggestion. I guess you will be in Prague. Let’s work (probably other people is interested in that) in a couple of alternatives about how to do this from now to the meeting. Then we can met face to face on Sunday in Prague and we can advance it as much as possible, and we could ask in the v6ops session a poll about this with already “something” in draft (may be presenting) a couple of choices. I’m happy to draft something in the next couple of days. I understand what you mean about the privacy implications, however: 1) The ISPs are already mandated by law to log the data of the customers 2) We don’t need to send the ISP the address of the host, the WAN address is enough probably (just a quick idea).
Thanks,
David Schinazi
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.
- [v6ops] I-D Action: draft-ietf-v6ops-rfc6555bis-0… internet-drafts
- [v6ops] Updated draft-ietf-v6ops-rfc6555bis to ve… David Schinazi
- Re: [v6ops] Updated draft-ietf-v6ops-rfc6555bis t… JORDI PALET MARTINEZ
- Re: [v6ops] Updated draft-ietf-v6ops-rfc6555bis t… David Schinazi
- Re: [v6ops] Updated draft-ietf-v6ops-rfc6555bis t… JORDI PALET MARTINEZ
- [v6ops] Supporting IPv6-only Networks with NAT64 … stephan.lagerholm@yahoo.com
- Re: [v6ops] Supporting IPv6-only Networks with NA… David Schinazi
- Re: [v6ops] Supporting IPv6-only Networks with NA… stephan.lagerholm@yahoo.com
- Re: [v6ops] Updated draft-ietf-v6ops-rfc6555bis t… David Schinazi
- Re: [v6ops] Supporting IPv6-only Networks with NA… David Schinazi
- Re: [v6ops] Supporting IPv6-only Networks with NA… Mark Andrews
- Re: [v6ops] Supporting IPv6-only Networks with NA… stephan.lagerholm@yahoo.com
- Re: [v6ops] Supporting IPv6-only Networks with NA… David Schinazi
- Re: [v6ops] Supporting IPv6-only Networks with NA… Mikael Abrahamsson
- Re: [v6ops] Supporting IPv6-only Networks with NA… stephan.lagerholm@yahoo.com
- Re: [v6ops] Supporting IPv6-only Networks with NA… stephan.lagerholm@yahoo.com
- Re: [v6ops] Supporting IPv6-only Networks with NA… Mark Andrews
- Re: [v6ops] Supporting IPv6-only Networks with NA… stephan.lagerholm@yahoo.com
- Re: [v6ops] Supporting IPv6-only Networks with NA… Erik Kline
- Re: [v6ops] Supporting IPv6-only Networks with NA… Mark Andrews
- Re: [v6ops] Supporting IPv6-only Networks with NA… Fred Baker
- Re: [v6ops] Supporting IPv6-only Networks with NA… mohamed.boucadair
- Re: [v6ops] Supporting IPv6-only Networks with NA… Mark Andrews
- Re: [v6ops] Supporting IPv6-only Networks with NA… Rajiv Asati (rajiva)
- Re: [v6ops] Supporting IPv6-only Networks with NA… mohamed.boucadair
- Re: [v6ops] Supporting IPv6-only Networks with NA… Fred Baker
- Re: [v6ops] Supporting IPv6-only Networks with NA… Fred Baker
- Re: [v6ops] Supporting IPv6-only Networks with NA… Mark Andrews
- Re: [v6ops] Updated draft-ietf-v6ops-rfc6555bis t… JORDI PALET MARTINEZ