On Wed, Sep 29, 2021 at 10:55 AM Owen DeLong via NANOG <nanog@nanog.org> wrote:
> Use SLAAC, allocate prefixes from both providers. If you are using > multiple routers, set the priority of the preferred router to high in the > RAs. If you’re using one router, set the preferred prefix as desired in the > RAs. > > Owen > I agree this works, but I assume that we would not consider this a consumer level solution (requires an administrator to make it work). It also assumes the local network policy allows for auto-addressing vs. requirement for DHCP. I have had IPv6 in my home for a long time now using multiple providers, but it definitely works with high touch admin. I don't see this as a barrier to deploy IPv6 though (don't read that into my response). But IPv6 still has a few corner cases that require some TLC. regards, Victor K > > > On Sep 29, 2021, at 07:35, Christopher Morrow <morrowc.li...@gmail.com> > wrote: > > > > > On Wed, Sep 29, 2021 at 4:39 AM <b...@uu3.net> wrote: > >> Oh well.. Then how you gonna solve the el-cheapo SOHO multihoming? >> >> Im currently dual homed, having 2 uplinks, RFC1918 LAN, doing policy >> routing and NATing however I want.. >> >> > why of COURSE you do source address selection! > so simple! > > >> >> ---------- Original message ---------- >> >> From: Mark Andrews <ma...@isc.org> >> To: b...@uu3.net >> Cc: nanog@nanog.org >> Subject: Re: IPv6 woes - RFC >> Date: Wed, 29 Sep 2021 00:28:40 +1000 >> >> >> >> > On 28 Sep 2021, at 19:19, b...@uu3.net wrote: >> > >> > Heh, NAT is not that evil after all. Do you expect that all the home >> > people will get routable public IPs for all they toys inside house? >> >> Yes! Remember routable does not mean that it is reachable from outside. >> >> > And if they change ISP they will get new range? >> >> Yes! What do you think DHCPv6 Prefix Delegation is all about? It >> has only been specified for 18 years now. The IPv6 address ranges ISP >> get for RIRs are based on handing out multiple /64 to every customer. >> >> > Doesnt sounds nice to me.. But I guess I its just me >> >> It sounds like you need to do some reading about IPv6, then actually >> use it. 100s of millions of home customers are get routable IPv6 prefixes >> today around the world. It's not scary. Things don˙˙t blow up. >> >> > Yeah I am aware of putting additional aliases on loopback. >> > >> > No futher comment about ND and DHCP. >> > >> > Well, at a time when TCP/IP was invented, 32bit address space looked >> > pretty much big... I dont blame them than they didnt predicted future.. >> > Unfortunately, cant say the same about IPv6 R&D taskforce ;) >> > >> > Hah, multicast... Ill skip it. >> > >> > Followed change to support CIDR, Internet was still small and considered >> > R&D field... >> > >> > Okey, I think its no need to futher pollute NANOG list with this. >> > I said at the begining that this is just my subjective opinion. >> > This will not help IPv6 case at all. >> > >> > At least from my (2) standpoint it would be really cool that IPv6 >> > would be finally addopted. >> > >> > I just wanted to share my toughts about why im not big fan of IPv6. >> > I also wanted to hear other opinions what they dislike about it, no >> > list of how cool IPv6 is and how everyone should use it right away. >> > >> > >> > ---------- Original message ---------- >> > >> > From: Owen DeLong <o...@delong.com> >> > To: b...@uu3.net >> > Cc: nanog@nanog.org >> > Subject: Re: IPv6 woes - RFC >> > Date: Sat, 25 Sep 2021 12:01:22 -0700 >> > >> > >> > >> >> On Sep 25, 2021, at 01:57 , b...@uu3.net wrote: >> >> >> >> Well, I think we should not compare IPX to IPv4 because those protocols >> >> were made to handle completly different networks? >> >> >> >> Yeah, IPv6 is new, but its more like revolution instead of evolution. >> >> >> >> Well, Industry seems to addapt things quickly when they are good >> enough. >> >> Better things replace worse. Of course its not always the case, >> sometimes >> >> things are being forced here.. And thats how I feel about IPv6.. >> > >> > Sometimes worse things replace better. NAT, for example was definitely >> not >> > an improvement to IPv4. It was a necessary evil intended to be a >> temporary >> > fix. >> > >> >> >> >> IPv4 Lookback is 127.0.0.1/8 >> >> You can use bind IPs within range by applications. Handy >> >> In IPv6 its not the case. >> > >> > You are free to assign any additional IPv6 addresses you like to the >> loopback >> > interface and then bind them to applications. Personally, I haven˙˙t >> found a >> > particularly good use for this, but it is possible. >> > >> > It does mean that instead of wasting 1/256th of the entire address space >> > in every context on loopbacks, you have to assign what you need there, >> > but you can easily assign a /64 prefix to a loopback interface and have >> > applications bind within range. >> > >> >> IPv6 ND brings new problems that has been (painfully?) fixed in IPv4. >> >> Tables overflows, attacks and DDoS.. Why to repeat history again? >> > >> > Table overflows weren˙˙t fixed in IPv4 and have nothing to do with ND >> vs. >> > ARP. Table overflows are (not really an issue in my experience) the >> > result of a larger address space than the memory available for the L2 >> > forwarding table on switches or the ND table on hosts. This isn˙˙t due >> > to a difference in ND vs. ARP. It is due to the fact that there are no >> > 64-bit networks in IPv4, but they are commonplace in IPv6. >> > >> > Mostly this has been solved in software by managing table discards more >> > effectively. >> > >> >> IPv6 DHCP: Im not using IPv6, but I heard ppl talking about some >> >> issues. If this is not the case, im sorry. Its been a while when I >> last time >> >> played with IPv6... >> > >> > I am using IPv6 and I˙˙m using IPv6 DHCP. I haven˙˙t encountered any >> significant >> > problems with it other than some minor inconveniences introduced by the >> ability >> > to have different DUID types and vendors doing semi-obnoxious things >> along that >> > line. >> > >> >> IPv6 interop: yeah, I agree here.. But people involved with IPv6 >> should >> >> think about some external IPv4 interop.. Internet was exploding at >> 1997.. >> >> Maybe they had hope that everyone upgrade like in CIDR case. And maybe >> it >> >> could happen if IPv6 wasnt so alien ;) >> > >> > It was thought about˙˙ It was considered. It was long pondered. Problem >> was, >> > nobody could come up with a way to overcome the fact that you can˙˙t put >> > 128 bits of data in a 32 bit field without loss. >> > >> > IPv6 really isn˙˙t so alien, so I don˙˙t buy that argument. The >> software changes >> > necessary to implement IPv6 were significantly bigger than CIDR and IPv6 >> > affected applications, not just network. There was no way around these >> > two facts. The IPv6 network stack did get adopted and implemented nearly >> > as fast as CIDR and virtually every OS, Switch, Router has had IPv6 >> support >> > for quite some time now at the network stack level. It is applications >> and >> > content providers that are lagging and they never did anything for CIDR. >> > >> >> As for IPv4 vs IPv6 complexity, again, why repeat history. >> > >> > What complexity? >> > >> >> Biggest IPv4 >> >> mistake was IPv4 being classfull. It was fixed by bringing CIDR into >> game. >> > >> > No, biggest IPv4 mistake was 32-bit addresses. A larger address would >> have been >> > inconvenient in hardware at the time, but it would have made IPv4 much >> more >> > scalable and would have allowed it to last significantly longer. >> > >> >> (Another big mistake was class E reservation...) >> > >> > Not really. It was a decision that made sense at the time. Class D >> reservation >> > made sense originally too. Without it, we wouldn˙˙t have had addresses >> available >> > to experiment with or develop multicast. >> > >> > There was no way to know at the time that decision was made that IPv4 >> would run >> > out of addresses before it would find some new thing to experiment with. >> > >> >> Internet was tiny at that time so everyone followed. >> > >> > Followed what, exactly? >> > >> >> Image something like this today? Same about IPv6.. it brings >> >> forced network::endpoint probably due to IoT, sacrificing flexibility. >> > >> > I can˙˙t parse this into a meaningful comment. Can you clarify please? >> > What is ˙˙forced network::endpoint˙˙ supposed to mean and what does it >> > have to do with IoT? What flexibility has been sacrificed? >> > >> >> Again, I dont want to really defend my standpoint here. Its too late >> for >> >> that. I kinda regret now dropping into discussion... >> > >> > OK, so you want to make random comments which are not even necessarily >> > true and then walk away from the discussion? I have trouble >> understanding >> > that perspective. >> > >> > I˙˙m not trying to bash your position or you. I˙˙m trying to understand >> your >> > objections, figure out which ones are legitimate criticism of IPv6, >> which >> > ones are legitimate criticism, but not actually IPv6, and which ones >> > are simply factually incorrect. For the last category, I presume that >> comes >> > from your lack of actual IPv6 experience or some other form of ignorance >> > and I˙˙d like to attempt useful education to address those. >> > >> > Owen >> > >> >> >> >> >> >> ---------- Original message ---------- >> >> >> >> From: Grant Taylor via NANOG <nanog@nanog.org> >> >> To: nanog@nanog.org >> >> Subject: Re: IPv6 woes - RFC >> >> Date: Fri, 24 Sep 2021 14:26:27 -0600 >> >> >> >> On 9/24/21 11:53 AM, b...@uu3.net wrote: >> >>> Well, I see IPv6 as double failure really. >> >> >> >> I still feel like you are combining / conflating two distinct issues >> into one >> >> generalization. >> >> >> >>> First, IPv6 itself is too different from IPv4. >> >> >> >> Is it? Is it really? Is the delta between IPv4 and IPv6 greater than >> the delta >> >> between IPv4 and IPX? >> >> >> >> If anything, I think the delta between IPv4 and IPv6 is too small. >> Small enough >> >> that both IPv4 and IPv6 get treated as one protocol and thus a lot of >> friction >> >> between the multiple personalities therein. I also think that the >> grouping of >> >> IPv4 and IPv6 as one protocol is part of the downfall. >> >> >> >> More over if you think of IPv4 and IPv6 dual stack as analogous to the >> >> multi-protocol networks of the '90s, and treat them as disparate >> protocols that >> >> serve similar purposes in (completely) different ways, a lot of the >> friction >> >> seems to make sense and as such becomes less friction through >> understanding and >> >> having reasonable expectations for the disparate protocols. >> >> >> >>> What Internet wanted is IPv4+ (aka IPv4 with bigger address space, >> likely >> >>> 64bit). Of course we could not extend IPv4, so having new protocol is >> fine. >> >> >> >> I don't think you truly mean that having a new protocol is fine. >> Because if you >> >> did, I think you would treat IPv6 as a completely different protocol >> from IPv4. >> >> E.g. AppleTalk vs DECnet. After all, we effectively do have a new >> protocol; >> >> IPv6. >> >> >> >> IPv6 is as similar to IPv4 as Windows 2000 is similar to Windows 98. >> Or >> >> "different" in place of "similar". >> >> >> >>> It should just fix problem (do we have other problems I am not aware >> of with >> >>> IPv4?) of address space and thats it. Im happy with IPv4, after 30+ >> years of >> >>> usage we pretty much fixed all problems we had. >> >> >> >> I disagree. >> >> >> >>> The second failure is adoption. Even if my IPv6 hate is not rational, >> adoption >> >>> of IPv6 is crap. If adoption would be much better, more IPv4 could be >> used for >> >>> legacy networks ;) So stuborn guys like me could be happy too ;) >> >> >> >> I blame the industry, not the IPv6 protocol, for the lackluster >> adoption of >> >> IPv6. >> >> >> >>> As for details, that list is just my dream IPv6 protocol ;) >> >>> >> >>> But lets talk about details: >> >>> - Loopback on IPv6 is ::1/128 >> >>> I have setups where I need more addresses there that are local only. >> >>> Yeah I know, we can put extra aliases on interfaces etc.. but its >> extra >> >>> work and not w/o problems >> >> >> >> How does IPv6 differ from IPv4 in this context? >> >> >> >>> - IPv6 Link Local is forced. >> >>> I mean, its always on interface, nevermind you assign static IP. >> >>> LL is still there and gets in the way (OSPFv3... hell yeah) >> >> >> >> I agree that IPv6 addresses seem to accumulate on interfaces like IoT >> devices do >> >> on a network. But I don't see a technical problem with this in and of >> itself. >> >> -- I can't speak to OSPFv3 issues. >> >> >> >>> - ULA space, well.. its like RFC1918 but there are some issues with it >> >>> (or at least was? maybe its fixed) like source IP selection on with >> >>> multiple addresses. >> >> >> >> I consider this to be implementation issues and not a problem with the >> protocol >> >> itself. >> >> >> >>> - Neighbor Discovery protocol... quite a bit problems it created. >> >> >> >> Please elaborate. >> >> >> >>> What was wrong w/ good old ARP? I tought we fixed all those problems >> >>> already like ARP poisoning via port security.. etc >> >> >> >> The apparent need to ""fix / address / respond to a protocol problem >> at a lower >> >> layer seems like a problem to me. >> >> >> >>> - NAT is there in IPv6 so no futher comments >> >>> - DHCP start to get working on IPv6.. but it still pain sometimes >> >> >> >> What problems do you have with DHCP for IPv6? I've been using it for >> the better >> >> part of a decade without any known problems. What pain are you >> experiencing? >> >> >> >>> And biggest problem, interop w/ IPv4 was completly failure. >> >> >> >> I agree that the interoperability between IPv4 and IPv6 is the tall >> pole in the >> >> tent. But I also believe that's to be expected when trying to >> interoperate >> >> disparate protocols. >> >> >> >>> From ground zero, I would expect that disparate protocols can't >> interoperate >> >> without external support, some of which requires explicit >> configuration. >> >> >> >>> Currently we have best Internet to migrate to new protocol. Why? >> >> >> >> The primary motivation -- as I understand it -- is the lack of unique >> IP >> >> addresses. >> >> >> >>> Because how internet become centralized. Eyeball networks just want >> to reach >> >>> content. E2E communication is not that much needed. We have games and >> >>> enhusiast, but those can pay extra for public IPv4. Or get VPN/VPS. >> >> >> >> Now you are talking about two classes of Internet connectivity: >> >> >> >> 1) First class participation where an endpoint /is/ /on/ the Internet >> with a >> >> globally routed IP. >> >> 2) Second class participation where an endpoint /has/ /access/ /to/ >> the >> >> Internet via a non-globally routed IP. >> >> >> >> There may be some merit to multiple classes of Internet connectivity. >> But I >> >> think it should be dealt with openly and above board as such. >> >> >> >>> And end comment. I do NOT want to start some kind of flame war here. >> Yeah I >> >>> know, Im biased toward IPv4. >> >> >> >> I don't view honest and good spirited discussion of facts and >> understanding to >> >> be a flame war. In fact, I view such discussions as a good thing. >> >> >> >>> If something new popups, I want it better than previous thingie (a >> lot) and >> >>> easier or at least same level of complications, but IPv6 just solves >> one thing >> >>> and brings a lot of complexity. >> >> Please elaborate on the complexity that IPv6 brings that IPv4 didn't >> also bring >> >> with it in the '90s? >> >> >> >> Would the things that you are referring to as IPv6 complexities have >> been any >> >> different if we had started with IPv6 instead of IPv4 in the '80s & >> '90s? >> >> >> >> In some ways it seems to me that you are alluding to the legacy code / >> equipment >> >> / understanding / configuration / what have you. This is something >> that many >> >> have been dealing with for quite a while. The mainframe's ability to >> run code >> >> from near half a century ago comes to mind. >> >> >> >>> The fact is, IPv6 failed. >> >> >> >> I concede that IPv6 has faltered. But I don't believe it's failed. I >> don't >> >> think it's fair to claim that it has. >> >> >> >>> There are probably multiple reasons for it. Do we ever move to IPv6? >> I dont >> >>> know.. Do I care for now? Nope, IPv4 works for me for now. >> >> >> >> You are entitled to your own opinion as much as I'm entitled to mine. >> But the >> >> key thing to keep in mind is that it's /your/ opinion. The operative >> word being >> >> "your" as in "you". Your views / opinions / experiences are /yours/. >> What's >> >> more important is that other people's views / opinions / experiences >> may be >> >> different. >> >> >> >> >> >> >> >> -- >> >> Grant. . . . >> >> unix || die >> >> -- >> Mark Andrews, ISC >> 1 Seymour St., Dundas Valley, NSW 2117, Australia >> PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org >> >