[v6ops] draft minutes first session thursday March 31 0900
Joel Jaeggli <joelja@bogus.com> Sun, 03 April 2011 23:08 UTC
Return-Path: <joelja@bogus.com>
X-Original-To: v6ops@core3.amsl.com
Delivered-To: v6ops@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0BBCB3A68C0 for <v6ops@core3.amsl.com>; Sun, 3 Apr 2011 16:08:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.763
X-Spam-Level:
X-Spam-Status: No, score=-101.763 tagged_above=-999 required=5 tests=[AWL=-0.364, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, J_CHICKENPOX_14=0.6, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 77du5kfABUHF for <v6ops@core3.amsl.com>; Sun, 3 Apr 2011 16:08:19 -0700 (PDT)
Received: from nagasaki.bogus.com (nagasaki.bogus.com [IPv6:2001:418:1::81]) by core3.amsl.com (Postfix) with ESMTP id 2F9753A6889 for <v6ops@ietf.org>; Sun, 3 Apr 2011 16:08:17 -0700 (PDT)
Received: from 23173jjaeggli.lan (c-98-234-216-143.hsd1.ca.comcast.net [98.234.216.143]) (authenticated bits=0) by nagasaki.bogus.com (8.14.4/8.14.4) with ESMTP id p33N9vis056241 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT) for <v6ops@ietf.org>; Sun, 3 Apr 2011 23:09:58 GMT (envelope-from joelja@bogus.com)
Message-ID: <4D98FE45.4050608@bogus.com>
Date: Sun, 03 Apr 2011 16:09:57 -0700
From: Joel Jaeggli <joelja@bogus.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.15) Gecko/20110303 Lightning/1.0b2 Thunderbird/3.1.9
MIME-Version: 1.0
To: IPv6 Ops WG <v6ops@ietf.org>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 8bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.2 (nagasaki.bogus.com [147.28.0.81]); Sun, 03 Apr 2011 23:09:59 +0000 (UTC)
Subject: [v6ops] draft minutes first session thursday March 31 0900
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Apr 2011 23:08:22 -0000
IPv6 Operations - IETF 80 Thursday 31 March, 9:00-11:30 0) Agenda bashing fred baker – presents comments on working group process We're bothered by the amount of time we have available to devote each presentation. Drafts will de considered not because they have made the deadlines but rather because that have archived traction on the mailing list. Chairs will engage in editorial discretion. Presentations without a draft behind them, will continue to be brought to the wg on the basis of relevance. Hum requested to demonstrate consensus around sentiment. More postive than negative volume. 1) Some experiences of common hosts' behavior in broken IPv6 networks http://tools.ietf.org/agenda/80/slides/v6ops-12.pdf Teemu Savolainen - presenting going to share experiences with host behavior Tim Chown - presents rogue ra interaction with happy eyeballs (2nd to last slide) Bad ipv6 behabior due to rogue RAs With no counter-measures, there would have been 250,000 of these rogue Ras. Mostly related to connection sharing. Sample period of 376 days. Dmitri Anipko - With the most recent proposal RFC 3484 bis, 6to4 would be deprioritized compared to IPv4, so if most rogue RAs are 6to4, no other solution may be needed? Simon Perreault – not that simple SwedeMike (jabber) - removing rogue RA is something any service provider should do, it's basic stuff. Don't let customers talk L2 to each other. 2) Happy Eyeballs Implementation Report http://tools.ietf.org/agenda/80/slides/v6ops-17.pdf Simon Perreault - presenting Implmentation of happyballs in draft in Erlang findings: global P mechanism in current drafti is broken P is dominated by single stack ipv4 solutions: only update P for dual stack hosts, update P asyncronously, do per destination P or do away with P findings: do away with useless delays solutions: spec says wait lookup collect but if lookup for ipvX returns no result, ipvY should start connecting immmediately. Janos Mohacsi (jabber)- questions to happy-eyeballs: what about DNS based round-round load-balancing? It is very widely used. Dan Wing – happy eyeballs works fine with dns load balancing. Andri Yurshenko – we do parallel attempts with different address families Jan ker - I don't disagree - why is dns spamming considered out of scope. think it's out of scope. Fred Baker – by the way, we do do api's Janos Mohacsi - Agree with Fred, We should work on API to help proper behaviour - like happy-eyeball. 3) Experimental Observations on Dual Stack Service Performance http://tools.ietf.org/agenda/80/slides/v6ops-1.pdf Geoff Huston - looking at the problem from the side of the server When you look at the world from that vantage point of how much does a server see, you see a huge amount of capability. You have new experiment every time it runs. V6-only test is using ipv6 lteral e.g. no dns full blown tcpdump along with typical server logs Dual stack failures are interesting (e.g. Hosts that deal fine with v6 or v4 only resources but not dual stack) The internet is remarking heterogeneous not homogenious, apnic site users about 5% will prefer v6 on a more popular site it's more like .02%. V6only is 4% why are there 20x more folks that could use v6 but don't use it SwedeMike (jabber) - 6to4 is enabled by default if you have a GUA on windows vista/7 but they don't prefer it geoff - If you prefer v6 in autotunneling things get pretty rough folk coming in on v6 unicast seem to do so at about the same rate (speed) as ipv4 The penatly for 6to4 is around 1.2 seconds, teredo setup is at least 1rtt As part of the experiment tried to mitigate 6to4 variability by putting v6 relay in the server Measure the tcp-3way tunnel setup penalty at 150ms average If you think that's bad lets look at teredo if the only interface you have is teredo it will not retrieve a AAAA , therefore only exercised for literal 30% of clients can pull down the object using terredo, an imense capacity for v6 distribution of setup time, seems to take around 2/3 of a second to setup peaks at 2 seconds and 3 seonds tunnel rtt cost is about 300ms some clients get away with almost no added cost. If you're on unicast v6 be happy and smile, if you're on tunneled v6 turn it off it's dual stack failure .6%, we're not sure why. number is high but unreliable. Connections failure How many folk can send me a syn but not an ack Failure rates for unicast v6 are 2-4% terredo failures = 35% 12-24% of 6to4 failure due to protocol 41 filtering 38% of terredo fail due to icmp filtering, you also don't like outgoing udp so ice/stun/turn probably don't work either. If you want to run v6 tunneling today don't. help us, see url labs.apnic.net tore anderson (jabber) - Regarding 6to4 relay congestion being unlikely due to the low levels of 6to4 traffic: I understand that most of the relayed 6to4 traffic is actually BitTorrent traffic that is rendezvousing with Teredo. This is of course invisible from the web server vantage point, but it might anyway cause congestion on the same 6to4 (and Teredo) relays that also handle the web server traffic that are actually observed in the experiments. Simon Leinen (jabber) - Tore: We have more than 100 Mb/s on our 6to4 relay right now; looks like most of this is indeed BitTorrent. Dave Thaler (jabber) - p2p works much better than non-native to native (which is actually related to why Windows doesn't do AAAA queries if it just has Teredo, as Fred said... by design) Simon P - should it be depricated geoff - killed simon p: would it be better to turn it (relays) off? Igor Gashinsky - killing relay isn't effective kill os. igor G - Counting dns failure rate is atrocious Geoff H - this is tcp failure counting so the dns failures don't show up Rajev - If we look at the data from the weekend do we draw different concusions about tunnel performance? Geoff H - We don't consider 12% failure as drammatically better than 20% it's just bad. Lorenzo C - The results match what we see, we've been looking at the network, we have certain large isps with peaks around 3-4% Geoff - would that we had more data, we seem to have tiny aperatures. badness clumps. the time for automatic tunneling has really passed some operating systems and home routers should turn it on by default we'll discuss this later but I think that a statement from this body supported by this data would be helpful. Dmitry Anipko (jabber) - Comment to Lorentzo: connection from automatic tunneling to native IPv6 is not preferred by default per RFC 3484 geoff h- we can't hop over brokeness in the isps netowrk lorenzo - don't try and make pigs fly Tony Hain - it is insane to insist on deploying a transition technology half-ass, then blame it for failures.. Mark T - qualify statement, in a controlled environment we can hop over v4 netowrks Tony Hain - if the content providers deployed 6to4 on their end the path would be exactly the same as IPv4 door-to-door. 4) Happy Eyeballs: Trending Towards Success with Dual-Stack Hosts http://tools.ietf.org/agenda/80/slides/v6ops-21.pptx 14-Mar-11, <draft-ietf-v6ops-happy-eyeballs-01.txt> Andrew Yourtchenko - changes add srv records section added mif reference added debugstrawman todo need more implmentations address hysteris problem need pluggable name based connect api... write a seperate draft for that? Where to take it? Fred B- The INT area. Jari Arko - yes Dave Thaler - Microsoft's pm's went to content providers, there is level of concern about multiple simulatnious connections and pontetially large number of resets. major agreement that problem needs to be solved. Can we do a better job about which one to try first? Maybe p could actually be fairly large if you had a good guess. Mark Andrews - happy eyeballs is a really generic problem with multihomed machines Janos Mohacsi - Agree with Dave Thaler: Some providers blacklisting clients with high syn and rst rates Fred B - some sort of memory about specifc addresses or prefixes Igor - I'm going to disagree with that sorry, as on operator I'll take the pain from happy eyeballs over the pain from not having happy eyeballs. Andrew - Feedback needs to be incorporated into the list Janos Mohacsi (jabber) - Agree with Simon Leinen. That is the correct solution as I have written earlier on v6ops mailing lists: RFC 3484(bis) can be used as a hint what makes sense and what is not. Dave Thaler - @simon: be careful, you need to it converge fast. starting with 0 knowledge for every s*d would be bad. That was my point about sharing knowledge so you guess right the first time almost always danwing - I disagree with Thaler, because a Happy Eyeballs user will _not_ be sending a lot of SYNs and RSTs. "P" prevents them from doing that. It's only the first connection that would be in parallel. Subsequent connections will continue to trend towards IPv6 (if it's working) or towards IPv4 (if it's working). And content providers have one, and only one primary job in life: deliver content. Happy Eyeballs is aligned with that goal. Which Igor re-inforced at the mic. 5) IPv6 Multihoming without Network Address Translation http://tools.ietf.org/agenda/80/slides/v6ops-10.ppt 6-Dec-10, <draft-ietf-v6ops-multihoming-without-nat66-00.txt> presenter unknown - next steps? Fred B - Need feedback 6) Routing Loop Attack using IPv6 Automatic Tunnels: Problem Statement and Proposed Mitigations http://tools.ietf.org/agenda/80/slides/v6ops-4.ppt 14-Mar-11, <draft-ietf-v6ops-tunnel-loops-05.txt> Fred Templin- problem mitigations For zeroconf dynmic routing, we've come up with proposal that meets these requirements - out of scope for this group. Fred B - Ron asked us to do another parallel last call on WG (on the revised draft) while an ietf last call is carried out. adrew yourtchenko - Well, on approach keep decrimenting the hopcount if it gets below a certain threshold, then throw it out. 7) IPv6 in 3GPP Evolved Packet System http://tools.ietf.org/html/draft-korhonen-v6ops-3gpp-eps 9-Feb-11, <draft-korhonen-v6ops-3gpp-eps-06.txt> j korhonen - updates since ietf79 work to make the draft more opinion neutral add operational aspects of v6only networks added ipv6 address configuration clarifications add ipv6 roaming conisderations adder inter-rat handovers Guillaume Leclanche (jabber) - Problem with v6 in the mobile world is that implementations are way behind the 3gpp releases. Which are themselves way behind IETF specs. J korhonen - needs 3316 recommendations Tina Tsou - about epc, is it addressed here? Fred - Call the question, hum (is this a working group document) Joel J - hum in affirmative not noted opposition. Fred - Hum (in favor of wglc) Joel J - hum in affirmative of WGLC 8) NAT64-CPE Mode Operation for Opening Residential Service http://tools.ietf.org/html/draft-chen-v6ops-nat64-cpe 14-Mar-11, <draft-chen-v6ops-nat64-cpe-01.txt> Gang Chen - uses requirements changes since 79 pcp upnp and nant-pmp are recomended with nat64cpe Fred B - we'd work on the requirements, the solution would be behave Gang C - we're generating requirepments Fred B- we'll have to take the adoption question to the list. dan wing - First half is a draft for v6ops, second half is a scenario in behave. Hui Deng - ? 9) Experience from NAT64 applications http://tools.ietf.org/agenda/80/slides/v6ops-18.ppt 7-Mar-11, <draft-tan-v6ops-nat64-experiences-00.txt> Cathy - test enviroment description scenarios results dan wing - thanks for reasearch. It's easy to draw the wrong conclusion e.g. everyone has breathed air has died Some other examples are caused by ipv4 address sharing I realize this is the first generation of this analysis. in behave we have cgnat in nat444 analysis. We need to uplevel this to the spefic problems in nat65 that make this harder and or which can be addressed. Fred B - feedback and testing on the algorithm that behave has just produced Dan Wing - Failure needs to be traced back to a root cause, where can we help. jari arko - thank you this is important work Also want to emphasis on finding the root cause - different failure modes, some are in application there are some problems with the content, third class where there's something wrong with the nat64 or natpt device. Simon Perreault (jabber) - FYI: We're running a NAT64 experiment right now (SSID: ietf-nat64) with a survey to gather your experiences. Please try it. hui deng - We do need to analyis the issues that those applciations really have jari - it's going ot be a long task tina tsou? - two comments, mainly affected by the p2p applications? who supports nat64 couldn't find it on the market jari - there are vendors with this product already so do nat64 testing Janos Mohacsi (jabber) - to testers: http://ecdysis.viagenie.ca/ 10) Comcast IPv6 Experiences (no slides on agenda) 7-Mar-11, <draft-jjmb-v6ops-comcast-ipv6-experiences-00.txt> JOHN Brzozowski - trials starting in jan 2010 making determination of need based on volume Deployed 6rdbr performance base on proximity geolocation potentially impacted limited support/manual configuartion native dual stack l2 delivery geographically liimited trial backoffice support project started 4-5 years ago wes george - 6to4 world ipv6 day, 6to4 relays what will happen, we'll shut it off? or there are some relay out there that make it ok. John B - it's (6to4 traffic) gonna go somehwere Fred - could nullroute the anycast address Wes G - assuming the client behaves well in that case John B - trying to suck less, 6to4 relays fred t – use of isatap? John B- we use it internally, our focus is on the native aspect. dave thaler - In 6to4 trials did you run into issues casued by broken relays John B - Return path is still the problem 11) World IPv6 Day Call to Arms http://tools.ietf.org/agenda/80/slides/v6ops-9.pdf 14-Mar-11, <draft-chown-v6ops-call-to-arms-01.txt> tim chown - world ipv6 day call to arms aims issues unmanaged tunnels pmtu connection timeouts next steps do we influence the experiement? Janos M (jabber) - I support tims draft Mark A - we should harden this in advance of june wes george - we need to stop looking at htis as an experiment it's testing for primetime not influencing it is wrong headed Janos Mohacsi (jabber) - about 6to4: discourage for this experiment - 6to4 should be used as a interim solution - not what IPv6 should be used. Tim C - change Fred B - value is 2 fold it's y2k, it's also marketing dave thaler - yes we want to influence the experiment Igor G - I hate to say this but the expierment is to break the users and see how many get fixed the meaningfully data is what happens Lorenzo C- lets not try to demonstrate that we can do this well but rather recognize what problems we have and make them better Somebody may decide to leave this stuff on Igor G- Whatever hacks you deploy please leave them in place 2:36:55 AM jhf: in case they have proven to work well Mark T - deployment on v6 day as though it were more than one day capture that as prime directive Dave Thaler - mark said what I meant... we want people to think and do what they would do if this were longer term, and learn what happens and get experience Lorenzo - More relay won't help or hinder them and if you call that influencing the experiment, then we should. ---- Done
- [v6ops] draft minutes first session thursday Marc… Joel Jaeggli