Re: [v6ops] new draft: draft-elkins-v6ops-multicast-virtual-nodes

["Ackermann, Michael" <MAckermann@bcbsm.com>]

In response to how much relative knowledge there is on IPV6 and the understanding that issues such as this may exist……..
In most corporate and enterprise worlds that I deal with, which is primarily Financial, insurance and Health Care,   the answer is nearly zero.   I find this unfortunate and frustrating,  but true.   I and a few others are trying to change this and evangelize IPv6, but we are pushing ropes up hills in these environments.    Most large enterprises want to avoid IPv6 as long as possible and look for excuses to do so.
I fully recognize that this type of information contained in this draft,  may be considered elementary,  trivial,  or even unnecessary in IETF circles, but I can guarantee you that the preponderance of network technicians in  the corporate world do not even know these protocols exist, much less understand the potential damage they can inflict.
My suspicion regarding “Hosting Companies”,  is that their IPv6 knowledge levels lie somewhere above the dearth of corporate America, but well below the knowledge level of those involved in IETF.

Therefore, I believe that information and advice, such as contained in this draft, will be very helpful to those not proficient in IPv6 and hence positive to the cause of promoting IPv6 deployment.

From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Nalini Elkins
Sent: Saturday, September 20, 2014 7:25 PM
To: Nick Hilliard; Andrew 👽 Yourtchenko
Cc: draft-elkins-v6ops-multicast-virtual-nodes@tools.ietf.org; v6ops@ietf.org
Subject: Re: [v6ops] new draft: draft-elkins-v6ops-multicast-virtual-nodes


On 20/09/2014 15:15, Nalini Elkins wrote:
> Situation:  node A is on a subnet with 25 other nodes (B-Z)
>
> 1.  Node A sends 10 ICMP ping requests to FF02::1
> 2.  Nodes B through Z send Node A back ICMP 10 ping replies each
>
> Impact: with very little work by Node A, he has made B - Z do work &
> created network congestion with 250+ packets.

>If the hosting provider has any sense, this will count towards node A's
>bandwidth allocation and if they persist in doing this, they will end up
>with a large bill as well as having trashed their connectivity.

>The lesson is that if you shoot yourself in the foot, it will hurt.  If
>your network design is such that shooting yourself in the foot causes other
>hosts to be shot in the foot, then your network design may have a problem.

>If you are a commercial hosting provider who provides third party shared
>tenancy networks which use this design, then you should expect problems of
>this sort.

>Most hosting providers know these things and there is no need for the IETF
>to remind them.

Really?

So then, are you saying that the hosting company example we gave was for a
particularly ignorant or incompetent firm?   That most hosting providers of IPv6
services and most end user enterprises (because our draft is for them as well)
are quite well aware of the potential drawbacks and implications of IPv6 link-local
and multicast traffic in the design of their subnets or broadcast domains.
And, furthermore take such traffic and / or the need for isolation of nodes for
security or regulatory purposes into account when doing their network design?

And, basically, the issues that we are trying to bring up are quite well known
to everyone.   You could be right (but I am betting against it!).

Maybe my co-author, who works for a large end-user enterprise, and whose
organization is trying to implement IPv6, can chime in and let us know how
well known these issues are in his own organization and those he speaks to
regularly.

Maybe other enterprise customers on the list can speak as well.  Would love
to hear from them.  Having said that, probably if they are on this email list,
they are probably orders of magnitude more sophisticated than most.

I can also take an informal poll.   I can call 2 -3 other hosting companies
to see what their IPv6 addressing structure is & let you all know.   I can also
call 5 - 10 large enterprise companies in the US (Fortune 500 & large federal
agencies & the like) to tell you if they take such things into consideration.

A few years ago, I compiled IPv6 addressing plans (subnet structure,
naming conventions, etc) from 6 - 7 universities (commercial entities will
generally not speak publicly about how they do things).   I can tell you there
were no such considerations in their plans.  I can go back and ask them
if they will allow me to distribute their plans publicly.


All this will take me a few days, so maybe we can pick up the discussion
on Wed / Thurs of next week.

I believe that guidance on network design is needed for end-user sites -
including hosting companies.   That was the reason for our draft.  If I am
wrong and no such guidance is needed, then I will be quiet and withdraw
the draft.

Nalini



The information contained in this communication is highly confidential and is intended solely for the use of the individual(s) to whom this communication is directed. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information is prohibited. Please notify the sender, by electronic mail or telephone, of any unintended receipt and delete the original message without making any copies.
 
 Blue Cross Blue Shield of Michigan and Blue Care Network of Michigan are nonprofit corporations and independent licensees of the Blue Cross and Blue Shield Association.