idnits 2.17.1 draft-ietf-v6ops-happy-eyeballs-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 14, 2011) is 4600 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Downref: Normative reference to an Informational RFC: RFC 3363 ** Obsolete normative reference: RFC 3484 (Obsoleted by RFC 6724) == Outdated reference: A later version (-13) exists of draft-ietf-6man-addr-select-opt-01 == Outdated reference: A later version (-06) exists of draft-ietf-websec-origin-04 -- Obsolete informational reference (is this intentional?): RFC 5245 (Obsoleted by RFC 8445, RFC 8839) Summary: 2 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 v6ops D. Wing 3 Internet-Draft A. Yourtchenko 4 Intended status: Standards Track Cisco 5 Expires: March 17, 2012 September 14, 2011 7 Happy Eyeballs: Success with Dual-Stack Hosts 8 draft-ietf-v6ops-happy-eyeballs-04 10 Abstract 12 When the IPv4 server and path is working but the IPv6 server or IPv6 13 path is down, a dual-stack client application experiences significant 14 connection delay compared to an IPv4-only client. This is 15 undesirable because it causes the dual-stack client to have a worse 16 user experience. This document specifies requirements for algorithms 17 that reduce this delay, and provides an example algorithm. 19 Status of this Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on March 17, 2012. 36 Copyright Notice 38 Copyright (c) 2011 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 54 2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 3 55 3. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3 56 3.1. URIs and hostnames . . . . . . . . . . . . . . . . . . . . 4 57 3.2. IPv6 connectivity . . . . . . . . . . . . . . . . . . . . 4 58 4. Algorithm Requirements . . . . . . . . . . . . . . . . . . . . 5 59 4.1. Delay IPv4 . . . . . . . . . . . . . . . . . . . . . . . . 6 60 4.2. Stateful Behavior when IPv6 Fails . . . . . . . . . . . . 7 61 4.3. Reset on Network (re-)Initialization . . . . . . . . . . . 8 62 4.4. Abandon Non-Winning Connections . . . . . . . . . . . . . 8 63 5. Additional Considerations . . . . . . . . . . . . . . . . . . 9 64 5.1. Additional Network and Host Traffic . . . . . . . . . . . 9 65 5.2. Determining Address Type . . . . . . . . . . . . . . . . . 9 66 5.3. Debugging and Troubleshooting . . . . . . . . . . . . . . 9 67 5.4. Three or More Interfaces . . . . . . . . . . . . . . . . . 9 68 5.5. A and AAAA Resource Records . . . . . . . . . . . . . . . 10 69 5.6. A6 Resource Records . . . . . . . . . . . . . . . . . . . 10 70 5.7. Connection time out . . . . . . . . . . . . . . . . . . . 10 71 5.8. Interaction with Same Origin Policy . . . . . . . . . . . 10 72 5.9. Happy Eyeballs in an Operating System . . . . . . . . . . 11 73 6. Example Algorithm . . . . . . . . . . . . . . . . . . . . . . 11 74 7. Security Considerations . . . . . . . . . . . . . . . . . . . 11 75 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11 76 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 77 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12 78 10.1. Normative References . . . . . . . . . . . . . . . . . . . 12 79 10.2. Informational References . . . . . . . . . . . . . . . . . 12 80 Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . . 14 81 A.1. changes from -03 to -04 . . . . . . . . . . . . . . . . . 14 82 A.2. changes from -02 to -03 . . . . . . . . . . . . . . . . . 14 83 A.3. changes from -01 to -02 . . . . . . . . . . . . . . . . . 14 84 A.4. changes from -00 to -01 . . . . . . . . . . . . . . . . . 15 85 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 15 87 1. Introduction 89 In order to use applications over IPv6, it is necessary that users 90 enjoy nearly identical performance as compared to IPv4. A 91 combination of today's applications, IPv6 tunneling, IPv6 service 92 providers, and some of today's content providers all cause the user 93 experience to suffer (Section 3). For IPv6, a content provider may 94 ensure a positive user experience by using a DNS white list of IPv6 95 service providers who peer directly with them (e.g., [whitelist]). 96 However, this does not scale well (to the number of DNS servers 97 worldwide or the number of content providers worldwide), and does not 98 react to intermittent network path outages. 100 Instead, applications can improve the user experience themselves, by 101 more aggressively making connections on IPv6 and IPv4. There are a 102 variety of algorithms that can be envisioned. This document 103 specifies requirements for any such algorithm, with the goals that 104 the network and servers are not inordinately harmed with a simple 105 doubling of traffic on IPv6 and IPv4, and the host's address 106 preference is honored (e.g., [RFC3484]). 108 2. Notational Conventions 110 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 111 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 112 document are to be interpreted as described in [RFC2119]. 114 3. Problem Statement 116 The basis of the IPv6/IPv4 selection problem was first described in 117 1994 in [RFC1671], 119 "The dual-stack code may get two addresses back from DNS; which 120 does it use? During the many years of transition the Internet 121 will contain black holes. For example, somewhere on the way from 122 IPng host A to IPng host B there will sometimes (unpredictably) be 123 IPv4-only routers which discard IPng packets. Also, the state of 124 the DNS does not necessarily correspond to reality. A host for 125 which DNS claims to know an IPng address may in fact not be 126 running IPng at a particular moment; thus an IPng packet to that 127 host will be discarded on delivery. Knowing that a host has both 128 IPv4 and IPng addresses gives no information about black holes. A 129 solution to this must be proposed and it must not depend on 130 manually maintained information. (If this is not solved, the dual 131 stack approach is no better than the packet translation 132 approach.)" 134 As discussed in more detail in Section 3.1, it is important that the 135 same URI and hostname be used for IPv4 and IPv6. Using separate 136 namespaces (e.g., "ipv6.example.com") causes namespace fragmentation 137 and reduces the ability for users to share URIs and hostnames, and 138 complicates printed material that includes the URI or hostname. 140 As discussed in more detail in Section 3.2, IPv6 connectivity is 141 broken to specific prefixes or specific hosts, or slower than native 142 IPv4 connectivity. 144 3.1. URIs and hostnames 146 URIs are often used between users to exchange pointers to content -- 147 such as on social networks, email, instant messaging, or other 148 systems. Thus, production URIs and production hostnames containing 149 references to IPv4 or IPv6 will only function if the other party is 150 also using an application, OS, and a network that can access the URI 151 or the hostname. 153 3.2. IPv6 connectivity 155 When IPv6 connectivity is impaired, today's IPv6-capable web browsers 156 incur many seconds of delay before falling back to IPv4. This harms 157 the user's experience with IPv6, which will slow the acceptance of 158 IPv6, because IPv6 is frequently disabled in its entirety on the end 159 systems to improve the user experience. 161 Reasons for such failure include no connection to the IPv6 Internet, 162 broken 6to4 or Teredo tunnels, and broken IPv6 peering. The 163 following diagram shows this behavior. 165 DNS Server Client Server 166 | | | 167 1. |<--www.example.com A?-----| | 168 2. |<--www.example.com AAAA?--| | 169 3. |---192.0.2.1------------->| | 170 4. |---2001:db8::1----------->| | 171 5. | | | 172 6. | |--TCP SYN, IPv6--->X | 173 7. | |--TCP SYN, IPv6--->X | 174 8. | |--TCP SYN, IPv6--->X | 175 9. | | | 176 10. | |--TCP SYN, IPv4------->| 177 11. | |<-TCP SYN+ACK, IPv4----| 178 12. | |--TCP ACK, IPv4------->| 180 Figure 1: Existing behavior message flow 182 The client obtains the IPv4 and IPv6 records for the server (1-4). 183 The client attempts to connect using IPv6 to the server, but the IPv6 184 path is broken (6-8), which consumes several seconds of time. 185 Eventually, the client attempts to connect using IPv4 (10) which 186 succeeds. 188 Delays experienced by users of various browser and operating system 189 combinations have been studied [Experiences]. 191 4. Algorithm Requirements 193 A Happy Eyeballs algorithm has two primary goals: 195 1. Provides fast connection for users, by quickly attempting to 196 connect using IPv6 and (if that connection attempt is not quickly 197 successful) to connect using IPv4. 199 2. Avoids thrashing the network, by not (always) making simultaneous 200 connection attempts on both IPv6 and IPv4. 202 The basic idea is depicted in the following diagram: 204 DNS Server Client Server 205 | | | 206 1. |<--www.example.com A?-----| | 207 2. |<--www.example.com AAAA?--| | 208 3. |---192.0.2.1------------->| | 209 4. |---2001:db8::1----------->| | 210 5. | | | 211 6. | |==TCP SYN, IPv6===>X | 212 7. | |--TCP SYN, IPv4------->| 213 8. | |<-TCP SYN+ACK, IPv4----| 214 9. | |--TCP ACK, IPv4------->| 215 10. | |==TCP SYN, IPv6===>X | 217 Figure 2: Happy Eyeballs flow 1, IPv6 broken 219 In the diagram above, the client sends two TCP SYNs at the same time 220 over IPv6 (6) and IPv4 (7). In the diagram, the IPv6 path is broken 221 but has little impact to the user because there is no long delay 222 before using IPv4. The IPv6 path is retried until the application 223 gives up (10). 225 After performing the above procedure, the client learns if 226 connections to the host's IPv6 or IPv4 address were successful. The 227 client MUST cache that information to avoid thrashing the network 228 with excessive subsequent connection attempts. For example, in the 229 diagram above, the client has noticed that IPv6 to that address 230 failed, and it should provide a greater preference to using IPv4 231 instead. 233 DNS Server Client Server 234 | | | 235 1. |<--www.example.com A?-----| | 236 2. |<--www.example.com AAAA?--| | 237 3. |---192.0.2.1------------->| | 238 4. |---2001:db8::1----------->| | 239 5. | | | 240 6. | |==TCP SYN, IPv6=======>| 241 7. | |--TCP SYN, IPv4------->| 242 8. | |<=TCP SYN+ACK, IPv6====| 243 9. | |<-TCP SYN+ACK, IPv4----| 244 10. | |==TCP ACK, IPv6=======>| 245 11. | |--TCP ACK, IPv4------->| 246 12. | |--TCP RST, IPv4------->| 248 Figure 3: Happy Eyeballs flow 2, IPv6 working 250 The diagram above shows a case where both IPv6 and IPv4 are working, 251 and IPv4 is abandoned (12). 253 Any Happy Eyeballs algorithm will persist in products for as long as 254 the client host is dual-stacked, which will persist as long as there 255 are IPv4-only servers on the Internet -- the so-called "long tail". 256 Over time, as most content is available via IPv6, the amount of IPv4 257 traffic will decrease. This means that the IPv4 infrastructure will, 258 over time, be sized to accommodate that decreased (and decreasing) 259 amount of traffic. It is critical that a Happy Eyeballs algorithm 260 not cause a surge of unnecessary traffic on that IPv4 infrastructure. 261 To meet that goal, compliant Happy Eyeballs algorithms must adhere to 262 the requirements in this section. 264 4.1. Delay IPv4 266 In the near future, there will be a mix of different hosts at 267 individual subscribers homes -- hosts that are IPv4-only, hosts that 268 are IPv6-only (e.g., sensors), and dual-stack. This mix of hosts 269 will exist both within a single home and between subscribers. For 270 example an IPv4-only television or video streaming device purchased 271 last year and moved from the living room to a bedroom. As another 272 example, another subscriber might have hosts that are all capable of 273 dual-stack operation. 275 Due to IPv4 exhaustion, it is likely that a subscriber's hosts (both 276 IPv4-only hosts and dual-stack hosts) will be sharing an IPv4 address 277 with other subscribers. The dual-stack hosts have an advantage: 278 they can utilize IPv6 or IPv4. The IPv4-only hosts have a 279 disadvantage: they can only utilize IPv4. If all hosts (dual-stack 280 and IPv4-only) are using IPv4, there is additional contention for the 281 shared IPv4 address. The IPv4-only hosts cannot avoid that 282 contention (as they can only use IPv4) while the dual-stack hosts can 283 avoid that contention by using IPv6. 285 As dual-stack hosts proliferate and content becomes available over 286 IPv6, there will be less and less IPv4 traffic. This is true 287 especially for dual-stack hosts that do not implement Happy Eyeballs, 288 because those dual-stack hosts have a very strong preference to use 289 IPv6 (with timeouts in the tens of seconds before they will attempt 290 to use IPv4). 292 When deploying IPv6, both content providers and Internet Service 293 Providers (who supply IPv4 address sharing mechanisms such as Carrier 294 Grade NAT (CGN)) will want to reduce their investment in IPv4 295 equipment -- load balancers, peering links, and address sharing 296 devices. If a Happy Eyeballs implementation treats IPv6 and IPv4 297 equally by connecting to whichever address family is fastest, it will 298 contribute to load on IPv4. This load impacts IPv4-only devices (by 299 increasing contention of IPv4 address sharing and increasing load on 300 IPv4 load balancers). Because of this, ISPs and content providers 301 will find it impossible to reduce their investment in IPv4 equipment. 302 This means that costs to migrate to IPv6 are increased, because the 303 investment in IPv4 cannot be reduced. Furthermore, using only a 304 metric that measures connection speed ignores the value of IPv6 over 305 IPv4 address sharing, such as shared penalty boxes and geo-location 306 [RFC6269]. 308 Thus, to avoid harming IPv4-only hosts which can only utilize IPv4, 309 implementations MUST prefer the first IP address family returned by 310 the host's address preference policy, unless implementing a stateful 311 algorithm described in Section 4.2. This usually means giving 312 preferring IPv6 over IPv4, although that preference can be over- 313 ridden by user configuration or by network configuration 314 [I-D.ietf-6man-addr-select-opt]. If the host's policy is unknown or 315 not attainable, implementations MUST prefer IPv6 over IPv4. 317 4.2. Stateful Behavior when IPv6 Fails 319 Some Happy Eyeballs algorithms are stateful -- that is, the algorithm 320 will remember that IPv6 always fails, or that IPv6 to certain 321 prefixes always fails, and so on. This section describes such 322 algorithms. Stateless algorithms, which do not remember the success/ 323 failure of previous connections, are not discussed in this section. 325 After making a connection attempt on the preferred address family 326 (e.g., IPv6), and failing to establish a connection within a certain 327 time period (see Section 5.7), a Happy Eyeballs implementation will 328 decide to initiate a second connection attempt using the same address 329 family or the other address family. 331 Such an implementation MAY make subsequent connection attempts (to 332 the same host or to other hosts) on the successful address family 333 (e.g., IPv4). Such an implementation MUST occasionally make 334 connection attempts using the host's preferred address family, as it 335 may have become functional again, and is RECOMMENDED to do so every 336 10 minutes. Implementation note: this can be achieved by attempting 337 to connect to both address families at the same time every 10 338 minutes, which does not significantly harm the application's 339 connection setup time. If connections using the preferred address 340 family are again successful, the preferred address family SHOULD be 341 used for subsequent connections. Because this implementation is 342 stateful, it MAY track connection success (or failure) based on IPv6 343 or IPv4 prefix (e.g., connections to the same prefix assigned to the 344 interface are successful whereas connections to other prefixes are 345 failing). 347 4.3. Reset on Network (re-)Initialization 349 Because every network has different characteristics (e.g., working or 350 broken IPv6 or IPv4 connectivity), a Happy Eyeballs algorithm SHOULD 351 re-initialize when the host is connected to a new network. Hosts can 352 determine network (re-)initialization by a variety of mechanisms 353 (e.g., DNAv4 [RFC4436], DNAv6 [RFC6059]). 355 If the client application is a web browser, see also Section 5.8. 357 4.4. Abandon Non-Winning Connections 359 It is RECOMMENDED that the non-winning connections be abandoned, even 360 though they could -- in some cases -- be put to reasonable use. 362 Justification: This reduces the load on the server (file 363 descriptors, TCP control blocks), stateful middleboxes (NAT and 364 firewalls) and, if the abandoned connection is IPv4, reduces IPv4 365 address sharing contention. 367 HTTP: The design of some sites can break because of HTTP cookies 368 that incorporate the client's IP address and require all 369 connections be from the same IP address. If some connections from 370 the same client are arriving from different IP addresses (or 371 worse, different IP address families), such applications will 372 break. Additionally for HTTP, using the non-winning connection 373 can interfere with the browser's Same Origin Policy (see 374 Section 5.8). 376 5. Additional Considerations 378 This section discusses considerations related to Happy Eyeballs. 380 5.1. Additional Network and Host Traffic 382 Additional network traffic and additional server load is created due 383 to the recommendations in this document, especially when connections 384 to the preferred address family (usually IPv6) are not completing 385 quickly. 387 The procedures described in this document retain a quality user 388 experience while transitioning from IPv4-only to dual stack, while 389 still giving IPv6 a slight preference over IPv4 (in order to remove 390 load from IPv4 networks, most importantly to reduce the load on IPv4 391 network address translators). The improvement in the user experience 392 benefits the user to only a small detriment of the network, DNS 393 server, and server that are serving the user. 395 5.2. Determining Address Type 397 For some transitional technologies such as a dual-stack host, it is 398 easy for the application to recognize the native IPv6 address 399 (learned via a AAAA query) and the native IPv4 address (learned via 400 an A query). While IPv6/IPv4 translation makes that difficult, 401 fortunately IPv6/IPv4 translators are not deployed on networks with 402 dual stack clients. 404 5.3. Debugging and Troubleshooting 406 This mechanism is aimed at ensuring a reliable user experience 407 regardless of connectivity problems affecting any single transport. 408 However, this naturally means that applications employing these 409 techniques are by default less useful for diagnosing issues with a 410 particular address family. To assist in that regard, the 411 implementations MAY also provide a mechanism to disable their Happy 412 Eyeballs behavior via a user setting. 414 5.4. Three or More Interfaces 416 A dual-stack host might have more than two interfaces because of a 417 VPN (where a third interface is the tunnel address, often assigned by 418 the remote corporate network), because of multiple physical 419 interfaces such as wired and wireless Ethernet, because the host 420 belongs to multiple VLANs, or other reasons. The interaction of 421 Happy Eyeballs with more than two interfaces is for further study. 423 5.5. A and AAAA Resource Records 425 It is possible that an DNS query for an A or AAAA resource record 426 will return more than one A or AAAA address. When this occurs, it is 427 RECOMMENDED that a Happy Eyeballs implementation order the responses 428 following the host's address preference policy and then try the first 429 address. If that fails after a certain time (see Section 5.7), the 430 next address SHOULD be the IPv4 address. 432 If that fails to connect after a certain time (see Section 5.7), a 433 Happy Eyeballs implementation SHOULD try the other addresses 434 returned; the order of these connection attempts is not important. 436 5.6. A6 Resource Records 438 The A6 resource record SHOULD NOT be queried [RFC3363]. 440 5.7. Connection time out 442 The primary purpose of Happy Eyeballs is to reduce the wait time for 443 a dual stack connection to complete, especially when the IPv6 path is 444 broken and IPv6 is preferred. Aggressive time outs (on the order of 445 tens of milliseconds) achieve this goal, but at the cost of network 446 traffic. This network traffic may be billable on certain networks, 447 will create state on some middleboxes (e.g., firewalls, IDS, NAT), 448 and will consume ports if IPv4 addresses are shared. For these 449 reasons, it is RECOMMENDED that connection attempts be paced to give 450 connections a chance to complete. It is RECOMMENDED that connections 451 attempts be paced 150-250ms apart. Stateful algorithms are expected 452 to be more aggressive (that is, make connection attempts closer 453 together), as stateful algorithms maintain an estimate of the 454 expected connection completion time. 456 5.8. Interaction with Same Origin Policy 458 Web browsers implement same origin policy [I-D.ietf-websec-origin] 459 which causes subsequent connections to the same hostname to go to the 460 same IPv4 (or IPv6) address as the previous successful connection. 461 This is done to prevent certain types of attacks. 463 The same-origin policy harms user-visible responsiveness if a new 464 connection fails (e.g., due to a transient event such as router 465 failure or load balancer failure). While it is tempting to use Happy 466 Eyeballs to maintain responsiveness, web browsers MUST NOT change 467 their same origin policy because of Happy Eyeballs, as that would 468 create an additional security exposure. 470 5.9. Happy Eyeballs in an Operating System 472 Applications would have to change in order to use the mechanism 473 described in this document, by either implementing the mechanism 474 directly, or by calling APIs made available to them. To improve IPv6 475 connectivity experience for legacy applications (e.g., applications 476 which simply rely on the operating system's address preference 477 order), operating systems may consider more sophisticated approaches. 478 These can include changing address sorting based on configuration 479 received from the network, or observing connection failures to IPv6 480 and IPV4 destinations. 482 6. Example Algorithm 484 What follows is the algorithm implemented in Google Chrome and 485 Mozilla Firefox. 487 1. Call getaddinfo(), which returns a list of IP addresses sorted by 488 the host's address preference policy. 490 2. Initiate a connection attempt with the first address in that list 491 (e.g., IPv6). 493 3. If that connection does not complete within a short period of 494 time (e.g., 200-300ms), initiate a connection attempt with the 495 first address belonging to the other address family (e.g., IPv4) 497 4. The first connection that is established is used. The other 498 connection is discarded. 500 Other example algorithms include [Perreault] and [Andrews]. 502 7. Security Considerations 504 See Section 4.4 and Section 5.8. 506 8. Acknowledgements 508 The mechanism described in this paper was inspired by Stuart 509 Cheshire's discussion at the IAB Plenary at IETF72, the author's 510 understanding of Safari's operation with SRV records, Interactive 511 Connectivity Establishment (ICE [RFC5245]), the current IPv4/IPv6 512 behavior of SMTP mail transfer agents, and the implementation of 513 Happy Eyeballs in Google Chrome and Mozilla Firefox. 515 Thanks to Fred Baker, Jeff Kinzli, Christian Kuhtz, and Iljitsch van 516 Beijnum for fostering the creation of this document. 518 Thanks to Scott Brim, Rick Jones, Stig Venaas, Erik Kline, Bjoern 519 Zeeb, Matt Miller, Dave Thaler, Dmitry Anipko, and Brian Carpenter 520 for their feedback. 522 Thanks to Javier Ubillos, Simon Perreault and Mark Andrews for the 523 active feedback and the experimental work on the independent 524 practical implementations that they created. 526 Also the authors would like to thank the following individuals who 527 participated in various email discussions on this topic: Mohacsi 528 Janos, Pekka Savola, Ted Lemon, Carlos Martinez-Cagnazzo, Simon 529 Perreault, Jack Bates, Jeroen Massar, Fred Baker, Javier Ubillos, 530 Teemu Savolainen, Scott Brim, Erik Kline, Cameron Byrne, Daniel 531 Roesen, Guillaume Leclanche, Mark Smith, Gert Doering, Martin 532 Millnert, Tim Durack, Matthew Palmer. 534 9. IANA Considerations 536 This document has no IANA actions. 538 10. References 540 10.1. Normative References 542 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 543 Requirement Levels", BCP 14, RFC 2119, March 1997. 545 [RFC3363] Bush, R., Durand, A., Fink, B., Gudmundsson, O., and T. 546 Hain, "Representing Internet Protocol version 6 (IPv6) 547 Addresses in the Domain Name System (DNS)", RFC 3363, 548 August 2002. 550 [RFC3484] Draves, R., "Default Address Selection for Internet 551 Protocol version 6 (IPv6)", RFC 3484, February 2003. 553 10.2. Informational References 555 [Andrews] Andrews, M., "How to connect to a multi-homed server over 556 TCP", January 2011, . 559 [Experiences] 560 Savolainen, T., Miettinen, N., Veikkolainen, S., Chown, 561 T., and J. Morse, "Experiences of host behavior in broken 562 IPv6 networks", March 2011, 563 . 565 [I-D.ietf-6man-addr-select-opt] 566 Matsumoto, A., Fujisaki, T., Kato, J., and T. Chown, 567 "Distributing Address Selection Policy using DHCPv6", 568 draft-ietf-6man-addr-select-opt-01 (work in progress), 569 June 2011. 571 [I-D.ietf-websec-origin] 572 Barth, A., "The Web Origin Concept", 573 draft-ietf-websec-origin-04 (work in progress), 574 August 2011. 576 [Perreault] 577 Perreault, S., "Happy Eyeballs in Erlang", February 2011, 578 . 581 [RFC1671] Carpenter, B., "IPng White Paper on Transition and Other 582 Considerations", RFC 1671, August 1994. 584 [RFC4436] Aboba, B., Carlson, J., and S. Cheshire, "Detecting 585 Network Attachment in IPv4 (DNAv4)", RFC 4436, March 2006. 587 [RFC5245] Rosenberg, J., "Interactive Connectivity Establishment 588 (ICE): A Protocol for Network Address Translator (NAT) 589 Traversal for Offer/Answer Protocols", RFC 5245, 590 April 2010. 592 [RFC6059] Krishnan, S. and G. Daley, "Simple Procedures for 593 Detecting Network Attachment in IPv6", RFC 6059, 594 November 2010. 596 [RFC6269] Ford, M., Boucadair, M., Durand, A., Levis, P., and P. 597 Roberts, "Issues with IP Address Sharing", RFC 6269, 598 June 2011. 600 [whitelist] 601 Google, "Google IPv6 DNS Whitelist", January 2009, 602 . 604 Appendix A. Changes 606 A.1. changes from -03 to -04 608 o Better explained why IPv6 needs to be preferred 610 o Don't query A6. 612 A.2. changes from -02 to -03 614 o Re-casted this specification as a list of requirements for a 615 compliant algorithm, rather than trying to dictate a One True 616 algorithm. 618 A.3. changes from -01 to -02 620 o Now honors host's address preference (RFC3484 and friends) 622 o No longer requires thread-safe DNS library. It uses getaddrinfo() 624 o No longer describes threading. 626 o IPv6 is given a 200ms head start (Initial Headstart variable). 628 o If the IPv6 and IPv4 connection attempts were made at nearly the 629 same time, wait Tolerance Interval milliseconds for both to 630 complete before deciding which one wins. 632 o Renamed "global P" to "Smoothed P", and better described how it is 633 calculated. 635 o introduced the exception cache. This contains the set of networks 636 that only work with IPv4 (or only with IPv6), so that subsequent 637 connection attempts use that address family without them causing 638 serious affect to Smoothed P. 640 o encourages that every 10 minutes the exception cache and Smoothed 641 P be reset. This allows IPv6 to be attempted again, so we don't 642 get 'stuck' on IPv4. 644 o If we didn't get both A and AAAA, abandon all Happy Eyeballs 645 processing (thanks to Simon Perreault). 647 o added discussion of Same Origin Policy 649 o Removed discussion of NAT-PT and address learning; those are only 650 used with IPv6-only hosts whereas this document is about dual- 651 stack hosts contacting dual-stack servers. 653 A.4. changes from -00 to -01 655 o added SRV section (thanks to Matt Miller) 657 Authors' Addresses 659 Dan Wing 660 Cisco Systems, Inc. 661 170 West Tasman Drive 662 San Jose, CA 95134 663 USA 665 Email: dwing@cisco.com 667 Andrew Yourtchenko 668 Cisco Systems, Inc. 669 De Kleetlaan, 7 670 Diegem B-1831 671 Belgium 673 Email: ayourtch@cisco.com