Re: [v6ops] Interesting problems with using IPv6

Andrew 👽 Yourtchenko <ayourtch@gmail.com> Wed, 10 September 2014 13:40 UTC

Return-Path: <ayourtch@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 102721A8033 for <v6ops@ietfa.amsl.com>; Wed, 10 Sep 2014 06:40:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Level:
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nf-52DuzVctQ for <v6ops@ietfa.amsl.com>; Wed, 10 Sep 2014 06:40:48 -0700 (PDT)
Received: from mail-ie0-x232.google.com (mail-ie0-x232.google.com [IPv6:2607:f8b0:4001:c03::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 556981A7022 for <v6ops@ietf.org>; Wed, 10 Sep 2014 06:40:48 -0700 (PDT)
Received: by mail-ie0-f178.google.com with SMTP id tp5so8526728ieb.9 for <v6ops@ietf.org>; Wed, 10 Sep 2014 06:40:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=Jh8wbmIpHLXYt1GfsnQrwAUw+kYHP2f38CZC/gnbYFA=; b=h0wWgbwpcNFKKwQGl/VvRrGXkySjD1CFF+ITB6VdmNG9w5kIkY9GcZAr6fmMlQUomd Xo66TiWyUZRgQx3snlpJG4z7Amkc8h8XyCqIuA65BMcmlfautpt0UCUCQDROJOt+qKdA OMFXd9bGJXkmrjOIhcImeUGVWb6MD1ysYpJ2amSMT5qV5oOLA7c/tM3wv0wEMmaU64KV AeBjYmN39IlBVlwlCsn2Ng1+5/F5viCWDl/50GHU6q4rkbgym5MjrJATjdWQMjvnSLDG 4wlFX1IOB8bberpoX6TcGpxt9v9OwcQ1YRA0UwUc6pCWvYBTHiLG/LL4wA2n7PSAN3wX o8dw==
MIME-Version: 1.0
X-Received: by 10.42.114.130 with SMTP id g2mr46097320icq.46.1410356447626; Wed, 10 Sep 2014 06:40:47 -0700 (PDT)
Received: by 10.107.137.39 with HTTP; Wed, 10 Sep 2014 06:40:47 -0700 (PDT)
In-Reply-To: <540F9BE0.5060403@si6networks.com>
References: <1410082125488.85722@surrey.ac.uk> <540CB702.3000605@gmail.com> <20140908183339.GB98785@ricotta.doit.wisc.edu> <540E26D9.3070907@gmail.com> <1410227735.13436.YahooMailNeo@web162204.mail.bf1.yahoo.com> <540ECB9E.9000102@foobar.org> <CAKD1Yr1_sCLHv=D3MeCe47Fa0dxXTXH5B+=wOKpvmEDFkJFiZw@mail.gmail.com> <75B6FA9F576969419E42BECB86CB1B89155AF364@xmb-rcd-x06.cisco.com> <20140909142226.GP15839@angus.ind.WPI.EDU> <CAPi140Nwzjh-f_kj9tWmcmcjqh55nUdyr6EjHbQySom+SvX_fQ@mail.gmail.com> <540F9BE0.5060403@si6networks.com>
Date: Wed, 10 Sep 2014 15:40:47 +0200
Message-ID: <CAPi140OitqK+YMZtQz3H1qkSQgpmX4U2P4qqu81VPaCXYXfycA@mail.gmail.com>
From: =?UTF-8?B?QW5kcmV3IPCfkb0gIFlvdXJ0Y2hlbmtv?= <ayourtch@gmail.com>
To: Fernando Gont <fgont@si6networks.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/l15DoudQ-N5aVy-s3Lr9lvh6lFk
Cc: v6ops@ietf.org
Subject: Re: [v6ops] Interesting problems with using IPv6
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Sep 2014 13:40:50 -0000

On 9/10/14, Fernando Gont <fgont@si6networks.com> wrote:
> On 09/09/2014 12:41 PM, Andrew 👽  Yourtchenko wrote:
>>
>> Of course, the amount of manual work this requires today means that
>> the A-bit is turned off and the DHCPv6 is being used. Which may be
>> perfectly okay - but if it is not, and we do assert that "An RA with
>> prefix having an A-bit set and default settings, should not cause the
>> 10x expansion to the resource requirements compared to Legacy IP",
>> seems like some sort of a correction in default stacks/apps behavior
>> with respect to temporary addresses could be useful.
>
> FWIW:
> <https://tools.ietf.org/id/draft-gont-6man-managing-privacy-extensions-01.txt>

Yes, we even discussed this draft with you at some point :-).

My opinion (while agreeing with the spirit of this draft, somewhat) is
still - it is too late.

All it would do today is split the hosts into two groups - who
understand this bit, and those who do not, adding more difficulty to
the life of network administrator, who, having turned the knob "no
temp address please" would expect one behavior, and get a mix of two
in the best case.

(This all puts aside any philosophical arguments of whether the
network should dictate the nodes whether they can use the temporary
"privacy" addresses or not: temporary addresses go against the
incentives of basically *any* sufficiently large network
administrator, so this bit would be almost universally on).

If the host OSes/apps want to be sensible with the usage of temporary
addresses, they can do so without any flag.

--a



>
> Thanks,
> --
> Fernando Gont
> SI6 Networks
> e-mail: fgont@si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>
>
>
>
>