Re: [v6ops] A broken promise - "You said PD Prefix Valid Lifetime is going to be X" (Re: SLAAC renum: Problem Statement & Operational workarounds)

Owen DeLong <owen@delong.com> Fri, 01 November 2019 16:22 UTC

Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E92C21209FE for <v6ops@ietfa.amsl.com>; Fri, 1 Nov 2019 09:22:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.999
X-Spam-Level:
X-Spam-Status: No, score=-6.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=delong.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TbsAjuqsqzdh for <v6ops@ietfa.amsl.com>; Fri, 1 Nov 2019 09:22:02 -0700 (PDT)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id 7D8511209EE for <v6ops@ietf.org>; Fri, 1 Nov 2019 09:22:02 -0700 (PDT)
Received: from dhcp-220-72.meetings.nanog.org (dhcp-220-72.meetings.nanog.org [199.187.220.72]) (authenticated bits=0) by owen.delong.com (8.15.2/8.15.2) with ESMTPSA id xA1GLxwW025605 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 1 Nov 2019 09:22:00 -0700
DKIM-Filter: OpenDKIM Filter v2.11.0 owen.delong.com xA1GLxwW025605
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delong.com; s=mail; t=1572625321; bh=YPPfy0PFwleLtUFFrhhyhuVCj/I9ehRl4mO9AL8Sps8=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=IsNAvMbbG9YPuWocZIFMisEzD8JipeUWMkCfRSiJBjmgU1DWRGROmd5NYONWi7BMz P0uMom6LK/YlKayahp77em5IJrnNIsc1cRF90fPZGYE2BX/i+OC4kynk1pcUPRFZfh YOfWDo3t4Zf/oxyMsZrrAEk3s+EO2gQn/YkXH/NQ=
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.8\))
From: Owen DeLong <owen@delong.com>
In-Reply-To: <ad77e7c9-0578-4eca-2ef9-8f2c61638b82@si6networks.com>
Date: Fri, 1 Nov 2019 09:21:59 -0700
Cc: Sander Steffann <sander@steffann.nl>, v6ops list <v6ops@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <C53B7612-38A0-4CAC-8D5E-3A7AE7158925@delong.com>
References: <m1iPlMZ-0000J5C@stereo.hq.phicoh.net> <FACE45EC-27FC-437A-A5BF-D800DF089B50@fugue.com> <837E9523-14FC-4F6C-88FC-DCC316265299@employees.org> <CAO42Z2wz1H-x1O+k-ra09V=xON7GOYM+0uHkG0d3ExnsGNuDeA@mail.gmail.com> <03aad034-4e35-743f-975d-7d3c9f29b5cc@si6networks.com> <9EC75FDA-10A6-4FDC-BB42-EFC51C6631DE@steffann.nl> <ad77e7c9-0578-4eca-2ef9-8f2c61638b82@si6networks.com>
To: Fernando Gont <fgont@si6networks.com>
X-Mailer: Apple Mail (2.3445.104.8)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (owen.delong.com [192.159.10.2]); Fri, 01 Nov 2019 09:22:01 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/zsuDClCPN8UTMuj5sQ0udMDBSAU>
Subject: Re: [v6ops] A broken promise - "You said PD Prefix Valid Lifetime is going to be X" (Re: SLAAC renum: Problem Statement & Operational workarounds)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Nov 2019 16:22:05 -0000


> On Nov 1, 2019, at 2:29 AM, Fernando Gont <fgont@si6networks.com> wrote:
> 
> On 1/11/19 05:22, Sander Steffann wrote:
>> Hi,
>> 
>>>> I think Ole observed that this is contrary to what the PD prefix's
>>>> Valid Lifetime said would be the case. The ISP supplied a PD Prefix
>>>> with a Valid Lifetime of X seconds, and then broke that promise by
>>>> abruptly changing addressing before X seconds. ISPs should be expected
>>>> to live up to their Valid Lifetime promises.
>>> 
>>> "Hope" doesn't make networks run properly.
>> 
>> This isn't "Hope", this is breaking promises, and that does break networks. If you can't at least trust that promises are intended to be kept then you have no network at all...
> 
> You might hope the ISPs do stable prefixes, that CPEs record the leased
> prefixes on stable storage, and that CPE routers does not crash and reboot.
> 
> However, 37% of surveyed ISPs
> (https://indico.uknof.org.uk/event/41/contributions/542/attachments/712/866/bcop-ipv6-prefix-v9.pdf)
> indicate they do dynamic prefixes, and thus are likely to be facing this
> problem (possibly being masqueraded by falling back to IPv4).
> 
> You may want to declare ISPs clueless, start a crusade to switch to
> stable prefixes (unlikely success), claim that CPE vendors are cheap, etc.
> 
> But at the end of the day, user experience will still suck.
> 
> (I have had cases in which I have flash-renumbered my network by
> changing and reloading a RA daemon)

Dynamic prefixes do not necessarily imply flash renumbering and broken promises as Sander calls it.

He’s right that even in the case of dynamic prefixes, the ISP _SHOULD_ delegate or at least preserve the operability of the prefix for the duration promised in the lease, even across reboot of the delegated router, etc.

However, you’re also right that vendors and ISPs don’t always do what they should and these proposals can help mitigate the damage when that happens.

If there are problematic tradeoffs associated with these measures, they should be considered, but taking an absolutist approach of “this shouldn’t happen, so we shouldn’t make efforts to handle this case” isn’t useful IMHO.

>>> In any case, as previously noted, there are multiple scenarios that may
>>> lead to this problem.
>> 
>> Sure, bad things can happen, and there are cases where despite the best intentions you can't keep your promise. But that doesn't mean everybody should go around making promises without even thinking about keeping them…
> 
> I certainly can't speak for the 37% above. But a number of folks have
> already noted (some on-list, some off-list) that they are running
> networks on which this flash-renumbering events do occur.
> 
> The home network/cpe case is a notable example, but others exists. And
> particularly the host-side mitigations help all of them.

I’d argue that the CPE side mitigations are the low hanging fruit here. I think it will be far faster and easier to update CPE firmware and that the changes proposed to CPE are, in fact, in most cases simpler than the host changes.

Owen