Re: IPv6 woes - RFC

[Victor Kuarsingh <victor () jvknet com>]

On Wed, Sep 29, 2021 at 10:55 AM Owen DeLong via NANOG <nanog () nanog org>
wrote:

> Use SLAAC, allocate prefixes from both providers. If you are using
> multiple routers, set the priority of the preferred router to high in the
> RAs. If you’re using one router, set the preferred prefix as desired in the
> RAs.
>
> Owen

I agree this works, but I assume that we would not consider this a consumer
level solution (requires an administrator to make it work).  It also
assumes the local network policy allows for auto-addressing vs. requirement
for DHCP.

I have had IPv6 in my home for a long time now using multiple providers,
but it definitely works with high touch admin.  I don't see this as a
barrier to deploy IPv6 though (don't read that into my response).  But IPv6
still has a few corner cases that require some TLC.

regards,

Victor K






> On Sep 29, 2021, at 07:35, Christopher Morrow <morrowc.lists () gmail com>
> wrote:
>
> 
>
>
> On Wed, Sep 29, 2021 at 4:39 AM <borg () uu3 net> wrote:
>
> > Oh well.. Then how you gonna solve the el-cheapo SOHO multihoming?
> >
> > Im currently dual homed, having 2 uplinks, RFC1918 LAN, doing policy
> > routing and NATing however I want..
> why of COURSE you do source address selection!
> so simple!
>
>
> > ---------- Original message ----------
> >
> > From: Mark Andrews <marka () isc org>
> > To: borg () uu3 net
> > Cc: nanog () nanog org
> > Subject: Re: IPv6 woes - RFC
> > Date: Wed, 29 Sep 2021 00:28:40 +1000
> >
> >
> >
> > > On 28 Sep 2021, at 19:19, borg () uu3 net wrote:
> > >
> > > Heh, NAT is not that evil after all. Do you expect that all the home
> > > people will get routable public IPs for all they toys inside house?
> >
> > Yes! Remember routable does not mean that it is reachable from outside.
> >
> > > And if they change ISP they will get new range?
> >
> > Yes!  What do you think DHCPv6 Prefix Delegation is all about?  It
> > has only been specified for 18 years now.  The IPv6 address ranges ISP
> > get for RIRs are based on handing out multiple /64 to every customer.
> >
> > > Doesnt sounds nice to me.. But I guess I its just me
> >
> > It sounds like you need to do some reading about IPv6, then actually
> > use it.  100s of millions of home customers are get routable IPv6 prefixes
> > today around the world.  It's not scary.  Things don˙˙t blow up.
> >
> > > Yeah I am aware of putting additional aliases on loopback.
> > >
> > > No futher comment about ND and DHCP.
> > >
> > > Well, at a time when TCP/IP was invented, 32bit address space looked
> > > pretty much big... I dont blame them than they didnt predicted future..
> > > Unfortunately, cant say the same about IPv6 R&D taskforce ;)
> > >
> > > Hah, multicast... Ill skip it.
> > >
> > > Followed change to support CIDR, Internet was still small and considered
> > > R&D field...
> > >
> > > Okey, I think its no need to futher pollute NANOG list with this.
> > > I said at the begining that this is just my subjective opinion.
> > > This will not help IPv6 case at all.
> > >
> > > At least from my (2) standpoint it would be really cool that IPv6
> > > would be finally addopted.
> > >
> > > I just wanted to share my toughts about why im not big fan of IPv6.
> > > I also wanted to hear other opinions what they dislike about it, no
> > > list of how cool IPv6 is and how everyone should use it right away.
> > >
> > >
> > > ---------- Original message ----------
> > >
> > > From: Owen DeLong <owen () delong com>
> > > To: borg () uu3 net
> > > Cc: nanog () nanog org
> > > Subject: Re: IPv6 woes - RFC
> > > Date: Sat, 25 Sep 2021 12:01:22 -0700
> > >
> > >
> > >
> > > > On Sep 25, 2021, at 01:57 , borg () uu3 net wrote:
> > > >
> > > > Well, I think we should not compare IPX to IPv4 because those protocols
> > > > were made to handle completly different networks?
> > > >
> > > > Yeah, IPv6 is new, but its more like revolution instead of evolution.
> > > >
> > > > Well, Industry seems to addapt things quickly when they are good
> > enough.
> > > > Better things replace worse. Of course its not always the case,
> > sometimes
> > > > things are being forced here.. And thats how I feel about IPv6..
> > >
> > > Sometimes worse things replace better. NAT, for example was definitely
> > not
> > > an improvement to IPv4. It was a necessary evil intended to be a
> > temporary
> > > fix.
> > >
> > > > IPv4 Lookback is 127.0.0.1/8
> > > > You can use bind IPs within range by applications. Handy
> > > > In IPv6 its not the case.
> > >
> > > You are free to assign any additional IPv6 addresses you like to the
> > loopback
> > > interface and then bind them to applications. Personally, I haven˙˙t
> > found a
> > > particularly good use for this, but it is possible.
> > >
> > > It does mean that instead of wasting 1/256th of the entire address space
> > > in every context on loopbacks, you have to assign what you need there,
> > > but you can easily assign a /64 prefix to a loopback interface and have
> > > applications bind within range.
> > >
> > > > IPv6 ND brings new problems that has been (painfully?) fixed in IPv4.
> > > > Tables overflows, attacks and DDoS.. Why to repeat history again?
> > >
> > > Table overflows weren˙˙t fixed in IPv4 and have nothing to do with ND
> > vs.
> > > ARP. Table overflows are (not really an issue in my experience) the
> > > result of a larger address space than the memory available for the L2
> > > forwarding table on switches or the ND table on hosts. This isn˙˙t due
> > > to a difference in ND vs. ARP. It is due to the fact that there are no
> > > 64-bit networks in IPv4, but they are commonplace in IPv6.
> > >
> > > Mostly this has been solved in software by managing table discards more
> > > effectively.
> > >
> > > > IPv6 DHCP: Im not using IPv6, but I heard ppl talking about some
> > > > issues. If this is not the case, im sorry. Its been a while when I
> > last time
> > > > played with IPv6...
> > >
> > > I am using IPv6 and I˙˙m using IPv6 DHCP. I haven˙˙t encountered any
> > significant
> > > problems with it other than some minor inconveniences introduced by the
> > ability
> > > to have different DUID types and vendors doing semi-obnoxious things
> > along that
> > > line.
> > >
> > > > IPv6 interop: yeah, I agree here.. But people involved with IPv6
> > should
> > > > think about some external IPv4 interop.. Internet was exploding at
> > 1997..
> > > > Maybe they had hope that everyone upgrade like in CIDR case. And maybe
> > it
> > > > could happen if IPv6 wasnt so alien ;)
> > >
> > > It was thought about˙˙ It was considered. It was long pondered. Problem
> > was,
> > > nobody could come up with a way to overcome the fact that you can˙˙t put
> > > 128 bits of data in a 32 bit field without loss.
> > >
> > > IPv6 really isn˙˙t so alien, so I don˙˙t buy that argument. The
> > software changes
> > > necessary to implement IPv6 were significantly bigger than CIDR and IPv6
> > > affected applications, not just network. There was no way around these
> > > two facts. The IPv6 network stack did get adopted and implemented nearly
> > > as fast as CIDR and virtually every OS, Switch, Router has had IPv6
> > support
> > > for quite some time now at the network stack level. It is applications
> > and
> > > content providers that are lagging and they never did anything for CIDR.
> > >
> > > > As for IPv4 vs IPv6 complexity, again, why repeat history.
> > >
> > > What complexity?
> > >
> > > > Biggest IPv4
> > > > mistake was IPv4 being classfull. It was fixed by bringing CIDR into
> > game.
> > > No, biggest IPv4 mistake was 32-bit addresses. A larger address would
> > have been
> > > inconvenient in hardware at the time, but it would have made IPv4 much
> > more
> > > scalable and would have allowed it to last significantly longer.
> > >
> > > > (Another big mistake was class E reservation...)
> > >
> > > Not really. It was a decision that made sense at the time. Class D
> > reservation
> > > made sense originally too. Without it, we wouldn˙˙t have had addresses
> > available
> > > to experiment with or develop multicast.
> > >
> > > There was no way to know at the time that decision was made that IPv4
> > would run
> > > out of addresses before it would find some new thing to experiment with.
> > >
> > > > Internet was tiny at that time so everyone followed.
> > >
> > > Followed what, exactly?
> > >
> > > > Image something like this today? Same about IPv6.. it brings
> > > > forced network::endpoint probably due to IoT, sacrificing flexibility.
> > >
> > > I can˙˙t parse this into a meaningful comment. Can you clarify please?
> > > What is ˙˙forced network::endpoint˙˙ supposed to mean and what does it
> > > have to do with IoT? What flexibility has been sacrificed?
> > >
> > > > Again, I dont want to really defend my standpoint here. Its too late
> > for
> > > > that. I kinda regret now dropping into discussion...
> > >
> > > OK, so you want to make random comments which are not even necessarily
> > > true and then walk away from the discussion? I have trouble
> > understanding
> > > that perspective.
> > >
> > > I˙˙m not trying to bash your position or you. I˙˙m trying to understand
> > your
> > > objections, figure out which ones are legitimate criticism of IPv6,
> > which
> > > ones are legitimate criticism, but not actually IPv6, and which ones
> > > are simply factually incorrect. For the last category, I presume that
> > comes
> > > from your lack of actual IPv6 experience or some other form of ignorance
> > > and I˙˙d like to attempt useful education to address those.
> > >
> > > Owen
> > >
> > > > ---------- Original message ----------
> > > >
> > > > From: Grant Taylor via NANOG <nanog () nanog org>
> > > > To: nanog () nanog org
> > > > Subject: Re: IPv6 woes - RFC
> > > > Date: Fri, 24 Sep 2021 14:26:27 -0600
> > > >
> > > > On 9/24/21 11:53 AM, borg () uu3 net wrote:
> > > > > Well, I see IPv6 as double failure really.
> > > >
> > > > I still feel like you are combining / conflating two distinct issues
> > into one
> > > > generalization.
> > > >
> > > > > First, IPv6 itself is too different from IPv4.
> > > >
> > > > Is it?  Is it really?  Is the delta between IPv4 and IPv6 greater than
> > the delta
> > > > between IPv4 and IPX?
> > > >
> > > > If anything, I think the delta between IPv4 and IPv6 is too small.
> > Small enough
> > > > that both IPv4 and IPv6 get treated as one protocol and thus a lot of
> > friction
> > > > between the multiple personalities therein.  I also think that the
> > grouping of
> > > > IPv4 and IPv6 as one protocol is part of the downfall.
> > > >
> > > > More over if you think of IPv4 and IPv6 dual stack as analogous to the
> > > > multi-protocol networks of the '90s, and treat them as disparate
> > protocols that
> > > > serve similar purposes in (completely) different ways, a lot of the
> > friction
> > > > seems to make sense and as such becomes less friction through
> > understanding and
> > > > having reasonable expectations for the disparate protocols.
> > > >
> > > > > What Internet wanted is IPv4+ (aka IPv4 with bigger address space,
> > likely
> > > > > 64bit). Of course we could not extend IPv4, so having new protocol is
> > fine.
> > > > I don't think you truly mean that having a new protocol is fine.
> > Because if you
> > > > did, I think you would treat IPv6 as a completely different protocol
> > from IPv4.
> > > > E.g. AppleTalk vs DECnet.  After all, we effectively do have a new
> > protocol;
> > > > IPv6.
> > > >
> > > > IPv6 is as similar to IPv4 as Windows 2000 is similar to Windows 98.
> > Or
> > > > "different" in place of "similar".
> > > >
> > > > > It should just fix problem (do we have other problems I am not aware
> > of with
> > > > > IPv4?) of address space and thats it.  Im happy with IPv4, after 30+
> > years of
> > > > > usage we pretty much fixed all problems we had.
> > > >
> > > > I disagree.
> > > >
> > > > > The second failure is adoption. Even if my IPv6 hate is not rational,
> > adoption
> > > > > of IPv6 is crap. If adoption would be much better, more IPv4 could be
> > used for
> > > > > legacy networks ;) So stuborn guys like me could be happy too ;)
> > > >
> > > > I blame the industry, not the IPv6 protocol, for the lackluster
> > adoption of
> > > > IPv6.
> > > >
> > > > > As for details, that list is just my dream IPv6 protocol ;)
> > > > >
> > > > > But lets talk about details:
> > > > > - Loopback on IPv6 is ::1/128
> > > > >  I have setups where I need more addresses there that are local only.
> > > > >  Yeah I know, we can put extra aliases on interfaces etc.. but its
> > extra
> > > > >  work and not w/o problems
> > > >
> > > > How does IPv6 differ from IPv4 in this context?
> > > >
> > > > > - IPv6 Link Local is forced.
> > > > >  I mean, its always on interface, nevermind you assign static IP.
> > > > >  LL is still there and gets in the way (OSPFv3... hell yeah)
> > > >
> > > > I agree that IPv6 addresses seem to accumulate on interfaces like IoT
> > devices do
> > > > on a network.  But I don't see a technical problem with this in and of
> > itself.
> > > > --  I can't speak to OSPFv3 issues.
> > > >
> > > > > - ULA space, well.. its like RFC1918 but there are some issues with it
> > > > >  (or at least was? maybe its fixed) like source IP selection on with
> > > > >  multiple addresses.
> > > >
> > > > I consider this to be implementation issues and not a problem with the
> > protocol
> > > > itself.
> > > >
> > > > > - Neighbor Discovery protocol... quite a bit problems it created.
> > > >
> > > > Please elaborate.
> > > >
> > > > >  What was wrong w/ good old ARP? I tought we fixed all those problems
> > > > >  already like ARP poisoning via port security.. etc
> > > >
> > > > The apparent need to ""fix / address / respond to a protocol problem
> > at a lower
> > > > layer seems like a problem to me.
> > > >
> > > > > - NAT is there in IPv6 so no futher comments
> > > > > - DHCP start to get working on IPv6.. but it still pain sometimes
> > > >
> > > > What problems do you have with DHCP for IPv6?  I've been using it for
> > the better
> > > > part of a decade without any known problems.  What pain are you
> > experiencing?
> > > > > And biggest problem, interop w/ IPv4 was completly failure.
> > > >
> > > > I agree that the interoperability between IPv4 and IPv6 is the tall
> > pole in the
> > > > tent.  But I also believe that's to be expected when trying to
> > interoperate
> > > > disparate protocols.
> > > >
> > > > > From ground zero, I would expect that disparate protocols can't
> > interoperate
> > > > without external support, some of which requires explicit
> > configuration.
> > > > > Currently we have best Internet to migrate to new protocol. Why?
> > > >
> > > > The primary motivation -- as I understand it -- is the lack of unique
> > IP
> > > > addresses.
> > > >
> > > > > Because how internet become centralized. Eyeball networks just want
> > to reach
> > > > > content. E2E communication is not that much needed. We have games and
> > > > > enhusiast, but those can pay extra for public IPv4. Or get VPN/VPS.
> > > >
> > > > Now you are talking about two classes of Internet connectivity:
> > > >
> > > > 1)  First class participation where an endpoint /is/ /on/ the Internet
> > with a
> > > > globally routed IP.
> > > > 2)  Second class participation where an endpoint /has/ /access/ /to/
> > the
> > > > Internet via a non-globally routed IP.
> > > >
> > > > There may be some merit to multiple classes of Internet connectivity.
> > But I
> > > > think it should be dealt with openly and above board as such.
> > > >
> > > > > And end comment. I do NOT want to start some kind of flame war here.
> > Yeah I
> > > > > know, Im biased toward IPv4.
> > > >
> > > > I don't view honest and good spirited discussion of facts and
> > understanding to
> > > > be a flame war.  In fact, I view such discussions as a good thing.
> > > >
> > > > > If something new popups, I want it better than previous thingie (a
> > lot) and
> > > > > easier or at least same level of complications, but IPv6 just solves
> > one thing
> > > > > and brings a lot of complexity.
> > > > Please elaborate on the complexity that IPv6 brings that IPv4 didn't
> > also bring
> > > > with it in the '90s?
> > > >
> > > > Would the things that you are referring to as IPv6 complexities have
> > been any
> > > > different if we had started with IPv6 instead of IPv4 in the '80s &
> > '90s?
> > > > In some ways it seems to me that you are alluding to the legacy code /
> > equipment
> > > > / understanding / configuration / what have you.  This is something
> > that many
> > > > have been dealing with for quite a while.  The mainframe's ability to
> > run code
> > > > from near half a century ago comes to mind.
> > > >
> > > > > The fact is, IPv6 failed.
> > > >
> > > > I concede that IPv6 has faltered.  But I don't believe it's failed.  I
> > don't
> > > > think it's fair to claim that it has.
> > > >
> > > > > There are probably multiple reasons for it.  Do we ever move to IPv6?
> > I dont
> > > > > know.. Do I care for now? Nope, IPv4 works for me for now.
> > > >
> > > > You are entitled to your own opinion as much as I'm entitled to mine.
> > But the
> > > > key thing to keep in mind is that it's /your/ opinion.  The operative
> > word being
> > > > "your" as in "you".  Your views / opinions / experiences are /yours/.
> > What's
> > > > more important is that other people's views / opinions / experiences
> > may be
> > > > different.
> > > >
> > > >
> > > >
> > > > --
> > > > Grant. . . .
> > > > unix || die
> >
> > --
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742              INTERNET: marka () isc org