[v6ops] Re: I-D Action: draft-ietf-v6ops-cpe-lan-pd-03.txt

Mark Smith <markzzzsmith@gmail.com> Tue, 13 August 2024 09:36 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85B45C20C8F4 for <v6ops@ietfa.amsl.com>; Tue, 13 Aug 2024 02:36:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.15
X-Spam-Level:
X-Spam-Status: No, score=-1.15 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.455, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zUEysHQOvdEa for <v6ops@ietfa.amsl.com>; Tue, 13 Aug 2024 02:36:43 -0700 (PDT)
Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFE28C20C8E2 for <v6ops@ietf.org>; Tue, 13 Aug 2024 02:36:08 -0700 (PDT)
Received: by mail-pj1-x1033.google.com with SMTP id 98e67ed59e1d1-2cb53da06a9so3549796a91.0 for <v6ops@ietf.org>; Tue, 13 Aug 2024 02:36:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723541768; x=1724146568; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=1a5+mLJvVzHFedGX0H8TTD31eNk1FOYaWXNrYqUJtPg=; b=fwfeUeRDQP8pk5xl6N+GmtIyh8EQNA8LaVgNJNREuQ6FpMtWsQm7slEnae9wMnNbMN fta5iKk1BEOICylbZPITnHcijtMNc1Yowp8gOPLbqdpAd4w229Zs+GAFlLbugUdBDdbj VjM8waIXAL08vuSGeCmXvEPZjO43QP3WbBE5I06AQfYiLRxEvj9vv3g6UbigjIyATj0V YgIZnLnXDsh3K+OXMo29DFuaTPBlVxTsjLDqUTcOzXq1SmGOucBopnJWnx2zpQJGWcCH e7mG4uAMjxaPYc7p2cGKnRsLFXzVPnd32Ndd4h+75BNUZYbvzz8wKdtReAXu9DphszaL m38g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723541768; x=1724146568; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1a5+mLJvVzHFedGX0H8TTD31eNk1FOYaWXNrYqUJtPg=; b=aMaX/1uSTx9IdAmLbhkVDEwNKSL/iH1x3cs1P+tIuI1X0LpIlquR5mVPTHtfn/JFjX o+z2cStOn7+f4wAsNdEzDhtPAjRPIZlvsLRakQqYQHvp8zWpeBlv8k/g4YVzCCizXz8a ggs9PTbYbn33eFW5IQ4//Jmeh8id629x+ntZDtPJca0VzZz4X3GyFGT+o3FTX/bCJplW XpiwCHu8FHx45Ky3Hvlhtojr5+3+Y76xVKlYdGOjJO/n09tNq2Ymkn7pQ636JLdgpxkK BIcOb0Ux/5TukXHq2Mz/Kpe/q7s9BduXcVDSHOx6FxtjuVRhl/OXzyN/EG1SUkCvHFDq IqOw==
X-Forwarded-Encrypted: i=1; AJvYcCU7/DhEecn7RfI27Zfetwb5R0wGWg9cc3gMv73Qlky26QAw6cuyMMqOkSnevdMLvptiDy7RsQPg4OFZMDuo9w==
X-Gm-Message-State: AOJu0YyHcfDntlVgLuZmBakl9yFNwYrD2YhwIA4E1YRh5uXPdsOJN4Rr GR0raj0C3Kd1IJDJRfXGvCNjb8iDlPc1ULsRqqlJseknl2Vmj2srpsEiP+z4FOgdc5W4596J1qz qXFzHUxqurHPPXWY9O2XTqP8CI7XhIAWm
X-Google-Smtp-Source: AGHT+IGrhUwAuOQs1UnaCEx+0SbAw9G4yOxBKWGneQn6G0SQSorrU4iHzr6GEK9UJH1bLD8nvXkWEiwpTlhudf+N0hA=
X-Received: by 2002:a17:90a:a00c:b0:2c9:63fb:d3ab with SMTP id 98e67ed59e1d1-2d3942cfb60mr3544817a91.22.1723541768151; Tue, 13 Aug 2024 02:36:08 -0700 (PDT)
MIME-Version: 1.0
References: <172306305735.252.5586801355147827297@dt-datatracker-6df4c9dcf5-t2x2k> <CAO42Z2zXDPNMdgFoT3L+=hfHmXUu6oKNorsE_s_zYdyJ2_=ETA@mail.gmail.com> <CAJgLMKsCPoFbLime_-apaiALZGtvEBcVkm=KV6K_8k+U227zEw@mail.gmail.com> <CAPt1N1mtxq3ARrm3huQR7ZHeHe7OZ7eKaUDA=Hmbj0m-wpX2AA@mail.gmail.com> <CAJgLMKsAUKA6wFMEkOL+fi9OaCkH5wkWbWgwtgGEn9vcuTTyZw@mail.gmail.com> <CAPt1N1=fVPJspkvRPwsctg5=bS_=CHcXKEA9wt7Rm_==9aDUEQ@mail.gmail.com> <CAO42Z2zWL2KzSExrRw14ovz1065cnBG8YEwL4aysNpfTmZqr8g@mail.gmail.com> <CAPt1N1=WJY0wx8Xhfsfvk=YacKYXFcNsgnzHP5Zh-P75e00ezA@mail.gmail.com> <CAJgLMKti6amqyeuK1VbFikHAGS7hp+kiwurnkaBvNNnZ0rg91w@mail.gmail.com> <CAPt1N1nssUP60m+Obv9zprPBZ3qXM0U8VUggitJn+k4Ks9Hw=g@mail.gmail.com> <CAJgLMKsLYL5+J_9-oWD4QWArOQxKLU4XVNGTayn-iYs5p39waA@mail.gmail.com>
In-Reply-To: <CAJgLMKsLYL5+J_9-oWD4QWArOQxKLU4XVNGTayn-iYs5p39waA@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Tue, 13 Aug 2024 19:35:41 +1000
Message-ID: <CAO42Z2xb02=X2-eq-Jop+d7+ZHMKGsNrywn-J9Ej2DReD4K1ag@mail.gmail.com>
To: Timothy Winters <tim@qacafe.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: UNGSOANZHESAHX2EDSE3JOQBLHCYVLLQ
X-Message-ID-Hash: UNGSOANZHESAHX2EDSE3JOQBLHCYVLLQ
X-MailFrom: markzzzsmith@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-v6ops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: v6ops list <v6ops@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [v6ops] Re: I-D Action: draft-ietf-v6ops-cpe-lan-pd-03.txt
List-Id: v6ops discussion list <v6ops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/pdqM5CROXqS-9jB99IB78MM0pqM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Owner: <mailto:v6ops-owner@ietf.org>
List-Post: <mailto:v6ops@ietf.org>
List-Subscribe: <mailto:v6ops-join@ietf.org>
List-Unsubscribe: <mailto:v6ops-leave@ietf.org>

Hi Tim, Ted,

Great to say to send another PD request with a new IAID when there are
no prefixes left.

I've realised we might be talking past each other a bit regarding
requesting a /48.

Here's what I was thinking for the sequence of events that would
signal to an ISP that they're both not providing enough prefixes and
also signalling how many additional prefixes they would need to
provide:

1. At initialisation, CPE makes an initial IA_PD request with no
Prefix-Length hint value (I assume this is where /48 has been
suggested).
2. ISP hands out a small PD prefix for the customer e.g. a /60.
3. Customer's network runs out of /64s because of e.g. too many links,
or too many PD-per-host hosts.
4. Customer's CPE knows it needs another 6 /64s (as an example) and
then sends a new IAID with a Prefix-Length hint rounded up to the next
prefix bit boundary of a /61.
5. The ISP provides an additional suitably sized prefix to satisfy the
4. prefix hint request.

At 4., it could be simpler for the CPE to instead send a Prefix-Length
hint of the same size as supplied at 2 i.e. request another /60.

The size of the prefix hint at step 4 would provide to the ISP
evidence that they're both not providing enough initial address space,
and also an indication of how much additional space they need to
provide, if their view is to only provide "enough" prefixes for what
they think the customer needs rather than a simpler and assured
"always enough" of a /48.

Regards,
Mark.






On Fri, 9 Aug 2024 at 22:57, Timothy Winters <tim@qacafe.com> wrote:
>
> Agree.
> On Fri, Aug 9, 2024 at 8:56 AM Ted Lemon <mellon@fugue.com> wrote:
>>
>> It would also make sense to send a new IAID whenever we get a new pd request and have no remaining prefixes to provide.
>>
>>
>> Op vr 9 aug 2024 om 08:53 schreef Timothy Winters <tim@qacafe.com>
>>>
>>> Hi Mark and Ted,
>>>
>>> I'll add a line asking for a second IA_PD with a unique IAID when sending Renew/Rebind messages.
>>>
>>> ~Tim
>>>
>>> On Fri, Aug 9, 2024 at 7:33 AM Ted Lemon <mellon@fugue.com> wrote:
>>>>
>>>> The point of always asking for a /48 isn’t to signal something to the isp other than “give me the biggest prefix you are willing to provide.”  If we don’t ask for a /48, we won’t get one.
>>>>
>>>> If we ask for additional prefixes, the customer may just never see a problem, so I’m not sure how useful a signal this is, but certainly it will tell the isp if there is demand for narrower prefixes, and that isn’t a bad thing.
>>>>
>>>> Op vr 9 aug 2024 om 03:30 schreef Mark Smith <markzzzsmith@gmail.com>
>>>>>
>>>>> Hi,
>>>>>
>>>>> On Fri, 9 Aug 2024, 12:20 Ted Lemon, <mellon@fugue.com> wrote:
>>>>>>
>>>>>> What’s the downside?  :)
>>>>>
>>>>>
>>>>> The concern I have is that I've seen obscure individual customer faults float around inside residential help desks for a number of weeks being looked at by different people, rather than being escalated to network engineering as soon as they should be. Eventually it might get escalated, or the customer leaves through frustration.
>>>>>
>>>>> For ISPs that aren't willing to give out large prefixes e.g., /60s, having the CPE ask for additional PD space when it runs out would at least show up in DHCPv6 PD server logs. That network engineering can directly look for that, and it would be absolute evidence of what problem the individual customer is suffering from. It would also be direct evidence to the ISP that they're not handing out big enough prefixes to customers.
>>>>>
>>>>> If an ISP isn't going to honor an IA_PD request for a /48, which I think would be unlikely for ISPs who aren't already handing out /48s, then I don't think this ID specifying to always ask for /48s is going to achieve anything. It won't signal to network engineering that customers are running out of address space because it will hide that customers are running out.
>>>>>
>>>>> Regards,
>>>>> Mark.
>>>>>
>>>>>
>>>>>>
>>>>>> Op do 8 aug 2024 om 14:36 schreef Timothy Winters <tim@qacafe.com>
>>>>>>>
>>>>>>> Ted,
>>>>>>>
>>>>>>> On Thu, Aug 8, 2024 at 2:28 PM Ted Lemon <mellon@fugue.com> wrote:
>>>>>>>>
>>>>>>>> I think it's fine to try to get more prefixes if you don't get the amount you asked for the first time, by adding IA_PDs with different IAIDs to subsequent requests. However, we should always ask for a /48. How does the CPE router know how many prefixes it will be asked to provide? If the ISP doesn't want to provide a /48, it will provide a smaller allocation, and that's perfectly fine.
>>>>>>>
>>>>>>> I was toying with that idea as well.  Just asking for /48.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, Aug 8, 2024 at 2:23 PM Timothy Winters <tim@qacafe.com> wrote:
>>>>>>>>>
>>>>>>>>> Hi Mark,
>>>>>>>>>
>>>>>>>>> On Wed, Aug 7, 2024 at 7:06 PM Mark Smith <markzzzsmith@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> Apologies for the late comments, I seem to be missing IETF ID
>>>>>>>>>> announcements and WGLCs (I think trying to read everything out of my
>>>>>>>>>> Inbox might not be working).
>>>>>>>>>>
>>>>>>>>>> I don't think logging a system management error for the below
>>>>>>>>>> situation is good enough in a residential environment:
>>>>>>>>>>
>>>>>>>>>> "LPD-2:
>>>>>>>>>> The IPv6 CE Router MUST assign a prefix from the delegated prefix as
>>>>>>>>>> specified by L-2 [RFC7084]. If not enough addresses are available the
>>>>>>>>>> IPv6 CE Router SHOULD log a system management error."
>>>>>>>>>>
>>>>>>>>>> Non-technical residential end-users are very unlikely to look up
>>>>>>>>>> system error logs if they have a fault, they'll call their ISP's help
>>>>>>>>>> desk straight away - their ISP is their first port of call for any and
>>>>>>>>>> all faults that look to be Internet faults.
>>>>>>>>>
>>>>>>>>> In this case I was thinking for the ISP to know that they have routers that want to give out IA_PD
>>>>>>>>> on the LAN and they aren't giving a prefix large enough.
>>>>>>>>>
>>>>>>>>>> In my experience of residential help desk staff looking up or asking
>>>>>>>>>> customers to look up system logs for error messages isn't a practice
>>>>>>>>>> either - and if you look at logs of some of these devices they're very
>>>>>>>>>> chatty so spotting error messages is time consuming, which is counter
>>>>>>>>>> to a common helpdesk KPI of customer calls answered per hour.
>>>>>>>>>>
>>>>>>>>>> I also think in some cases CPE don't expose system logs - from memory,
>>>>>>>>>> Google's Nest CE routers don't have a system log available.
>>>>>>>>>
>>>>>>>>> I was thinking about getting system logs from CWMP/USP/NETCONF from the ISP.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> It would be better if engineering were somehow directly notified of a
>>>>>>>>>> customer running out of prefixes and ideally could provide more
>>>>>>>>>> prefixes automatically. The IA_PD Prefix-Length Hint mechanism would
>>>>>>>>>> do that.
>>>>>>>>>
>>>>>>>>> I'd had discussions with many ISPs, and only a handful of environments with the DHCPv6 server
>>>>>>>>> honor prefix hints.  Most ISPs for planning purposes have a number and that's what they send.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> So I'd suggest updating LPD-2 to:
>>>>>>>>>>
>>>>>>>>>> "LPD-2:
>>>>>>>>>> The IPv6 CE Router MUST assign a prefix from the delegated prefix as
>>>>>>>>>> specified by L-2 [RFC7084]. If not enough prefixes are available the
>>>>>>>>>> IPv6 CE Router MUST request the number of required additional
>>>>>>>>>> prefixes, rounded up to the next shortest prefix length bit boundary,
>>>>>>>>>> via an additional IA_PD option through the Prefix-Length Hint
>>>>>>>>>> mechanism [RFC8168]. The second or subsequent IA_PD options are used
>>>>>>>>>> to avoid a renumbering event where the initial and now too-small
>>>>>>>>>> Prefix-Delegation prefix would be entirely replaced with a new and
>>>>>>>>>> single larger Prefix-Delegation prefix. The IPv6 CE Router SHOULD log
>>>>>>>>>> a system management error."
>>>>>>>>>
>>>>>>>>> For this solution, I have some questions.
>>>>>>>>>
>>>>>>>>> Are you proposing that subsequent DHCPv6 messages (Renew, Rebind) ask
>>>>>>>>> for additional IA_PDs, beyond what is currently leased?
>>>>>>>>>
>>>>>>>>> OR are you proposing that the CE Router change what it's asking DHCPv6 Solicit or Request?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> I'm not entirely convinced that "request the number of required
>>>>>>>>>> additional prefixes, rounded up to the next shortest prefix length bit
>>>>>>>>>> boundary" is the right amount of address space the CE should request.
>>>>>>>>>> Perhaps a simpler mechanism would be to request an additional PD
>>>>>>>>>> Prefix that is the same size as the initial PD prefix provided by the
>>>>>>>>>> ISP.
>>>>>>>>>
>>>>>>>>> I like this idea the best.  I think this has the highest chance of success, that the DHCPv6 Server is
>>>>>>>>> configured to give out one size.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> (I understand above is complex to provision and manage on the DHCPv6
>>>>>>>>>> server side and IPv6 addressing side, however that's the price of
>>>>>>>>>> treating IPv6 address space as if it was scarce rather than abundant.
>>>>>>>>>> My advice to residential ISPs is to give out /48s. APNIC had no issues
>>>>>>>>>> with giving an ISP I worked for a few years ago enough address space
>>>>>>>>>> for us to give all of our 500K residential customers /48s.)
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>> Mark.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Thu, 8 Aug 2024 at 06:39, <internet-drafts@ietf.org> wrote:
>>>>>>>>>> >
>>>>>>>>>> > Internet-Draft draft-ietf-v6ops-cpe-lan-pd-03.txt is now available. It is a
>>>>>>>>>> > work item of the IPv6 Operations (V6OPS) WG of the IETF.
>>>>>>>>>> >
>>>>>>>>>> >    Title:   IPv6 CE Routers LAN Prefix Delegation
>>>>>>>>>> >    Author:  Timothy Winters
>>>>>>>>>> >    Name:    draft-ietf-v6ops-cpe-lan-pd-03.txt
>>>>>>>>>> >    Pages:   7
>>>>>>>>>> >    Dates:   2024-08-07
>>>>>>>>>> >
>>>>>>>>>> > Abstract:
>>>>>>>>>> >
>>>>>>>>>> >    This document defines requirements for IPv6 CE Routers to support
>>>>>>>>>> >    DHCPv6 Prefix Delegation for redistributing any unused prefix(es)
>>>>>>>>>> >    that were delegated to the IPv6 CE Router.  This document updates RFC
>>>>>>>>>> >    7084.
>>>>>>>>>> >
>>>>>>>>>> > The IETF datatracker status page for this Internet-Draft is:
>>>>>>>>>> > https://datatracker.ietf.org/doc/draft-ietf-v6ops-cpe-lan-pd/
>>>>>>>>>> >
>>>>>>>>>> > There is also an HTMLized version available at:
>>>>>>>>>> > https://datatracker.ietf.org/doc/html/draft-ietf-v6ops-cpe-lan-pd-03
>>>>>>>>>> >
>>>>>>>>>> > A diff from the previous version is available at:
>>>>>>>>>> > https://author-tools.ietf.org/iddiff?url2=draft-ietf-v6ops-cpe-lan-pd-03
>>>>>>>>>> >
>>>>>>>>>> > Internet-Drafts are also available by rsync at:
>>>>>>>>>> > rsync.ietf.org::internet-drafts
>>>>>>>>>> >
>>>>>>>>>> >
>>>>>>>>>> > _______________________________________________
>>>>>>>>>> > v6ops mailing list -- v6ops@ietf.org
>>>>>>>>>> > To unsubscribe send an email to v6ops-leave@ietf.org
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> v6ops mailing list -- v6ops@ietf.org
>>>>>>>>>> To unsubscribe send an email to v6ops-leave@ietf.org
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> v6ops mailing list -- v6ops@ietf.org
>>>>>>>>> To unsubscribe send an email to v6ops-leave@ietf.org