Re: [v6ops] SLAAC renum: Problem Statement & Operational workarounds

Ole Troan <otroan@employees.org> Thu, 24 October 2019 10:47 UTC

Return-Path: <otroan@employees.org>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 451741200B5 for <v6ops@ietfa.amsl.com>; Thu, 24 Oct 2019 03:47:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TjJMS5jxFffL for <v6ops@ietfa.amsl.com>; Thu, 24 Oct 2019 03:47:13 -0700 (PDT)
Received: from clarinet.employees.org (clarinet.employees.org [198.137.202.74]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02884120098 for <v6ops@ietf.org>; Thu, 24 Oct 2019 03:47:12 -0700 (PDT)
Received: from astfgl.hanazo.no (246.51-175-81.customer.lyse.net [51.175.81.246]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by clarinet.employees.org (Postfix) with ESMTPSA id 942E54E11B34; Thu, 24 Oct 2019 10:47:11 +0000 (UTC)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by astfgl.hanazo.no (Postfix) with ESMTP id E533B1FE6F4C; Thu, 24 Oct 2019 12:47:08 +0200 (CEST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3594.4.19\))
From: Ole Troan <otroan@employees.org>
In-Reply-To: <CAO42Z2wCYi4KWTEz1hUSPVr9+hu8GaHRkPuvQQ2P00knvnPaaQ@mail.gmail.com>
Date: Thu, 24 Oct 2019 12:47:08 +0200
Cc: Trevor Warwick <twarwick@gmail.com>, v6ops list <v6ops@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <848BA3B3-36B4-4C42-86D0-88759BC45D5A@employees.org>
References: <m1iNIFE-0000IwC@stereo.hq.phicoh.net> <d1b6855d-bde9-7b53-4809-0846bb9772e4@si6networks.com> <CAO42Z2x7vudujw5t++obry56g=VNjQXXTHFK8pBPk0jmk78Bcg@mail.gmail.com> <CAJoHkZ8pTjszP0vw4BjX0HUhmPa6wJONzdy2JEm5iqAfBUvjRg@mail.gmail.com> <CAO42Z2wCYi4KWTEz1hUSPVr9+hu8GaHRkPuvQQ2P00knvnPaaQ@mail.gmail.com>
To: Mark Smith <markzzzsmith@gmail.com>
X-Mailer: Apple Mail (2.3594.4.19)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/rMJYlrMAOalNKww2Ou-05OyxO7k>
Subject: Re: [v6ops] SLAAC renum: Problem Statement & Operational workarounds
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Oct 2019 10:47:15 -0000

Mark,

Right. Instant/flash renumbering is not supported in IP networks.
IPv6 does nothing to help with this, well, assuming a network hiding behind NAT, it makes it harder.
Apart from "does not work", what more can the IETF say or do here?

Cheers,
Ole

> On 24 Oct 2019, at 12:43, Mark Smith <markzzzsmith@gmail.com>; wrote:
> 
> 
> 
> On Thu, 24 Oct 2019, 20:59 Trevor Warwick, <twarwick@gmail.com>; wrote:
> 
> On Thu, 24 Oct 2019 at 09:18, Mark Smith <markzzzsmith@gmail.com>; wrote:
> 
> 
> I thought about this in the exact context of the scenario of this draft. Although the design of the broadband deployment I worked on always planned to give out stable prefixes, I worked through this scenario and realised that so many complex issues disappear if you provide stable prefixes.
> 
> Fundamentally, if an ISP is selling an always on link to the same location, then the addressing should be as permanent as the link delivery location is.
> 
>  
> If you're an ISP today, and using DHCPv6-PD to hand out IPv6 prefixes, what are the possible scenarios if you don't try hard to keep the prefixes stable?
> 
> Why don't you want to try hard? Not trying hard gives customers a bad experience. They're paying you to try hard to give them the best suitable service you can give them.
> 
> 
> - You could be running a closed environment where all customers are forced to use your CPE, in which case you can make sure that your CPE has various   hacks added to try to cope with prefix instability and avoid customer hosts experiencing connectivity issues when prefixes change. Maybe you can make this work well enough, and advanced customers who don't want to use your CPE are just out of luck.
> 
> - If you're in an environment where customers can chose their own CPE, then it seems almost guaranteed that there will be connectivity problems when the prefix changes, because many CPE implementations don't handle this situation at all. So you're then relying on hosts falling back seamlessly to IPv4, in order to continue to have connectivity. In which case, I'd wonder why you're bothering to provide an IPv6 service in the first place. 
> 
> See what I said about selling an always on service to a fixed location, and the addressing having the same amount of stability as the service and link itself.
> 
> The reason this problem really exists is that ISPs have fundamentally continued to treat residential, always on broadband customers although they were still dial up customers. Nothing has changed - per BRAS (NAS) IP address pools, pool route aggregation at the router, customer gets a single IPv4 address when they attach, that can change each time they attach. PPPoE is making Ethernet connectivity resemble dial up connectivity.
> 
> Now this dial up model is trying to be applied to semi-permanent IPv6 services, where it's even less applicable now that customers get their own routed address space on a semi-permanent link.
> 
> Treat all customers as routed subnet SOHO customers, so they get the same prefix regardless of which BRAS they attach to. Move the route aggregation boundary to a higher level to e.g. a cluster of BRASes, or a region.
> 
> Use an IPv6 address provisioning model that suites and matches the service they're paying for, not a nearly 30 year old dial up model.
> 
> If your customers can BYO their CPE, then stable prefixes are the only choice.
> 
> See slide 6.
> 
> Residential IPv6 CPE - What Not to Do and Other Observations
> https://www.slideshare.net/mobile/markzzzsmith/residential-ipv6-cpe-what-not-to-do-and-other-observations
> 
> 
> 
> 
> I do think this is an important problem that needs to be solved, for this context and the others mentioned in the draft.
> 
> 
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops