IETF Logo Mail Archive

Re: [v6ops] Fwd: New Version Notification for draft-linkova-v6ops-ipmaclimi-00.txt

Brian E Carpenter <brian.e.carpenter@gmail.com> Sun, 13 November 2022 19:33 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 079CEC14CE32 for <v6ops@ietfa.amsl.com>; Sun, 13 Nov 2022 11:33:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ixinnyvRBzXd for <v6ops@ietfa.amsl.com>; Sun, 13 Nov 2022 11:33:04 -0800 (PST)
Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4AC0FC14CE26 for <v6ops@ietf.org>; Sun, 13 Nov 2022 11:33:04 -0800 (PST)
Received: by mail-pf1-x42c.google.com with SMTP id g62so9199626pfb.10 for <v6ops@ietf.org>; Sun, 13 Nov 2022 11:33:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=ZiruvKGWoipyfoqUL91fmg0n1H56ZW3RuvC+a1x21nU=; b=N5lVspmkfUzbXNO86PVXfU9MZD+PT+8mCqz17+esdw8g4d2SvMAdvHwLKA1yyRoyl+ HthwoK1oa8ZGulhZFM7zLUtP03oX3ztr4Mdh3xWxGHreLoCjjD0vEpz6XKW4RlWaNFq4 hAX+e73vnOgDRFLWAptt/Aa8A7szPevotbXUGAbcHANq56UP64EcUNSFc7qi/C0PTIx/ H5Nb3Y9Fud4tQQIJ6yH3BJzmiUhFhV1riCJ7yWdxuKdTgwJzCir3TE1ZvoSvp/6M3BG8 u+j3/g1nKAODc8CWLu4tNm8A83zBX1qM+6Ebrbh7DvRqAqwtxR0KB64A57uoBiY1v7kH wcSg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ZiruvKGWoipyfoqUL91fmg0n1H56ZW3RuvC+a1x21nU=; b=OuVWzGnNvHd5PTG4aahWCWj6KBtLV2kQ3W46SC/wNwMvYbFdvEegB0RKHhKL9EqNQh /WbCKlPbYFHMymTBvxsF4U17+9vfP/XoNsBI9y24EpqnJ/x71Uhxh4QPSNQdM32KjRjm 9Q6hs6fARMg5qbybIHqbylVUgj0m+Nu/zyFbNtQeUvOFKzkEVObuoby3NgXKHfWTcQ58 kZVWzGTSN8l5O/XdNs8OPZgbLMmjUORxH8XHH5FvWeQJqVspB18PSjfuMUadhQ/mwbcz F4Z6hmHdSIjbqOfm+sggXqFnwWkb9eer0KjDC34khygckKOTngkItZNv8gHO6FqwzTOc 9Qng==
X-Gm-Message-State: ANoB5pnNlbR+IsV2i/Cq14AVNthBeljZcuyadYYtaZOIqdse0xM4INih 5GO0a2nmOcoGKDsm1f1s5TyLnYNITcDxjA==
X-Google-Smtp-Source: AA0mqf43uAAWumuqZRva/SsVZqB0IM2xzZ8eQeLnG+C2mWATv+8wAzM7ppkcNL2f1NfHcwr0A1AWGA==
X-Received: by 2002:a63:f24c:0:b0:46b:42fe:67b3 with SMTP id d12-20020a63f24c000000b0046b42fe67b3mr9397360pgk.66.1668367983394; Sun, 13 Nov 2022 11:33:03 -0800 (PST)
Received: from ?IPV6:2406:e003:1124:9301:672e:17ee:b374:8a9b? ([2406:e003:1124:9301:672e:17ee:b374:8a9b]) by smtp.gmail.com with ESMTPSA id w13-20020a627b0d000000b0056ee49d6e95sm5025649pfc.86.2022.11.13.11.32.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 13 Nov 2022 11:33:01 -0800 (PST)
Message-ID: <1de216ef-994e-c62e-3e03-e8637fe9f879@gmail.com>
Date: Mon, 14 Nov 2022 08:32:56 +1300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
Content-Language: en-US
To: Vasilenko Eduard <vasilenko.eduard=40huawei.com@dmarc.ietf.org>, Andrey Kostin <ankost@podolsk.ru>, V6 Ops List <v6ops@ietf.org>
References: <CAFU7BAQmSqaZhrQ0YH-1ryp2DfZH6z5B1icR=Wc_W=sdBExuEA@mail.gmail.com> <EE3F6D3C-EC05-4B23-917D-46BA7E49BC61@employees.org> <CAFU7BAQAo7p8MQOK9+CF3OEhOYp=vpUvX_4u9DadXaqQ7ada6w@mail.gmail.com> <0d5cef0d9d914f86adf0f67a05de3001@huawei.com> <5dd6205b058f15a77fe939f06a0db99c@podolsk.ru> <5648a94d446443f783be1978e3c11271@huawei.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
In-Reply-To: <5648a94d446443f783be1978e3c11271@huawei.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/lN4k_AGU6NLgA6KoA4a0ukKCIk4>
Subject: Re: [v6ops] Fwd: New Version Notification for draft-linkova-v6ops-ipmaclimi-00.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Nov 2022 19:33:08 -0000

On 14-Nov-22 06:44, Vasilenko Eduard wrote:
> If the network has limits Then hosts should adapt to the limits (not vice versa).
> It is needed to know the limits to adapt. DHCP could inform about the limit, but SLAAC could not.

It could. There is a Reserved2 field in a PIO that could be redefined
to indicate a maximum number of addresses allowed per host under a
given prefix.

    Brian

> 
> The number of virtual things per hardware instance would be always restricted.
> If the best AP would support 200 IP per MAC then it is still possible to run containers and stretch even that.
> 
> DHCP could impose different limits per different links. Hence, if APs' different segment has different restrictions then DHCP would impose different limits.
> If the particular link has APs with different restrictions then indeed DHCP should be configured to limit on the smallest.
> Ed/
> -----Original Message-----
> From: Andrey Kostin [mailto:ankost@podolsk.ru]
> Sent: Friday, November 11, 2022 9:15 PM
> To: V6 Ops List <v6ops@ietf.org>
> Cc: Jen Linkova <furry13@gmail.com>; Ole Troan <otroan@employees.org>; Vasilenko Eduard <vasilenko.eduard@huawei.com>
> Subject: Re: [v6ops] Fwd: New Version Notification for draft-linkova-v6ops-ipmaclimi-00.txt
> 
> Vasilenko Eduard писал(а) 2022-11-08 13:58:
>> N+1 allocation should fail.
>> But the network and host should be aware of it (in sync).
>>
>>> Or do we want NAT66?
>> No. DHCP in this case.
> 
> What if the underlying access network has access points from multiple vendors and they have different limits that are lower than allowed by DHCP?
> 
> The problem Jen is trying to point out is not an addressing problem and not related either to SLAAC, DHCP or static assignment. Looks like some comments pronounce SLAAC guilty in described issue and try to use this statements to push DHCP vs SLAAC dispute. This is not the case. This is an operational problem caused by lack of common practice and agreement between vendors. And that is exactly what Jen is trying to solve. She is requesting to make underlying networks equipment's behavior deterministic and provide troubleshooting capabilities by creating log messages.
> 
> Regarding limits, in some networks big number of IPs per host can be absolutely appropriate and necessary, in others there may be stricter limits and this is also a real use case. We all understand that everything is a resource and cost some money. Let's allow network owners decide what's reasonable for them and what's not. Like Bill Gates said that 640K of RAM will be always enough. Although now we are used to have a lot more memory in our computers and servers, but it's still expensive and each admin can choose how much he/she can afford.
> So, in situations where host wants more addresses then allowed, some mechanism should exist to make this limit less painful and predictive.
> DHCP is one way for it, but it can't prevent creation of multiple link-local or ULA addresses and it can hit ND cache limit even for addresses legally assigned via DHCP. So it can't be considered as a solution.
> For replacement technique for me it looks simpler just to rely on ND cache expiration timers in the same way how it works for MAC tables.
> Some vendors can develop more sophisticated features similar to MAC security to differentiate their products from the base level. Eventually a user who tries to use more addresses than allowed should realize that there is a limit and shut down some interfaces/VMs/containers/etc to obey network rules.
> 
> Kind regards,
> Andrey
> 
>> Ed/
>> -----Original Message-----
>> From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Jen Linkova
>> Sent: Tuesday, November 8, 2022 9:55 PM
>> To: Ole Troan <otroan@employees.org>
>> Cc: V6 Ops List <v6ops@ietf.org>
>> Subject: Re: [v6ops] Fwd: New Version Notification for
>> draft-linkova-v6ops-ipmaclimi-00.txt
>>
>> On Wed, Nov 9, 2022 at 1:12 AM Ole Troan <otroan@employees.org> wrote:
>>>> Fact #1: my devices need to have 7-10 IPv6 addresses.
>>>
>>> In the network you operate, that may be a fact.
>>> In other networks other rules.
>>>
>>> A requirement like that would be perfectly fine in an RFQ. Less so in
>>> an RFC.
>>
>> What I'm struggling to understand from this thread is: what's the
>> device supposed to do if it needs N addresses and the network only
>> agrees to provide N-1?
>> Shall the application fail? How is it better than the situation we
>> have now?
>> Or do we want NAT66?
>>
>>
>> --
>> SY, Jen Linkova aka Furry
>>
> 
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email