idnits 2.17.1 draft-wing-v6ops-happy-eyeballs-ipv6-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 25, 2010) is 4925 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 2766 (Obsoleted by RFC 4966) -- Obsolete informational reference (is this intentional?): RFC 5245 (Obsoleted by RFC 8445, RFC 8839) Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 v6ops D. Wing 3 Internet-Draft A. Yourtchenko 4 Intended status: Standards Track Cisco 5 Expires: April 28, 2011 October 25, 2010 7 Happy Eyeballs: Trending Towards Success with Dual-Stack Hosts 8 draft-wing-v6ops-happy-eyeballs-ipv6-01 10 Abstract 12 This document describes how a dual-stack client can determine the 13 functioning path to a dual-stack server. This provides a seemless 14 user experience during initial deployment of dual-stack networks and 15 during outages of IPv4 or outages of IPv6. 17 Status of this Memo 19 This Internet-Draft is submitted to IETF in full conformance with the 20 provisions of BCP 78 and BCP 79. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF), its areas, and its working groups. Note that 24 other groups may also distribute working documents as Internet- 25 Drafts. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference 30 material or to cite them other than as "work in progress." 32 The list of current Internet-Drafts can be accessed at 33 http://www.ietf.org/ietf/1id-abstracts.txt. 35 The list of Internet-Draft Shadow Directories can be accessed at 36 http://www.ietf.org/shadow.html. 38 This Internet-Draft will expire on April 28, 2011. 40 Copyright Notice 42 Copyright (c) 2010 IETF Trust and the persons identified as the 43 document authors. All rights reserved. 45 This document is subject to BCP 78 and the IETF Trust's Legal 46 Provisions Relating to IETF Documents 47 (http://trustee.ietf.org/license-info) in effect on the date of 48 publication of this document. Please review these documents 49 carefully, as they describe your rights and restrictions with respect 50 to this document. Code Components extracted from this document must 51 include Simplified BSD License text as described in Section 4.e of 52 the Trust Legal Provisions and are provided without warranty as 53 described in the Simplified BSD License. 55 Table of Contents 57 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 58 2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 3 59 3. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3 60 3.1. URIs and hostnames . . . . . . . . . . . . . . . . . . . . 4 61 3.2. IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 62 4. Client Recommendations . . . . . . . . . . . . . . . . . . . . 4 63 4.1. IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 64 4.2. Additional Considerations . . . . . . . . . . . . . . . . 7 65 4.2.1. Additional Network and Host Traffic . . . . . . . . . 7 66 4.2.2. Abandon Non-Winning Connections . . . . . . . . . . . 8 67 4.2.3. Flush or Expire Cache . . . . . . . . . . . . . . . . 8 68 4.2.4. Determining Address Type . . . . . . . . . . . . . . . 8 69 4.2.5. Debugging and Troubleshooting . . . . . . . . . . . . 8 70 4.2.6. DNS Behavior . . . . . . . . . . . . . . . . . . . . . 9 71 4.2.7. Thread safe DNS resolvers . . . . . . . . . . . . . . 9 72 4.2.8. Middlebox Issues . . . . . . . . . . . . . . . . . . . 9 73 4.2.9. Multiple Interfaces . . . . . . . . . . . . . . . . . 9 74 4.3. Content Provider Recommendations . . . . . . . . . . . . . 9 75 4.4. Security Considerations . . . . . . . . . . . . . . . . . 9 76 4.5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . 10 77 4.6. IANA Considerations . . . . . . . . . . . . . . . . . . . 10 78 5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10 79 5.1. Normative References . . . . . . . . . . . . . . . . . . . 10 80 5.2. Informational References . . . . . . . . . . . . . . . . . 10 81 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 11 83 1. Introduction 85 In order to use HTTP successfully over IPv6, it is necessary that the 86 user enjoys nearly identical performance as compared to IPv4. A 87 combination of today's applications, IPv6 tunneling and IPv6 service 88 providers, and some of today's content providers all cause the user 89 experience to suffer (Section 3). For IPv6, Google ensures a 90 positive user experience by using a DNS white list of IPv6 service 91 providers who peer directly with Google [whitelist]. However, this 92 is not scalable to all service providers worldwide, nor is it 93 scalable for other content providers to operate their own DNS white 94 list. 96 Instead, this document suggests a mechanism for applications to 97 quickly determine if IPv6 or IPv4 is the most optimal to connect to a 98 server. The suggestions in this document provide a user experience 99 which is superior to connecting to ordered IP addresses which is 100 helpful during the IPv6/IPv4 transition with dual stack hosts. 102 Following the procedures in this document, once a certain address 103 family is successful, the application trends towards preferring that 104 address family. Thus, repeated use of the application DOES NOT cause 105 repeated probes over both address families. 107 While the application recommendations in this document are described 108 in the context of HTTP clients ("web browsers"), but is useful and 109 applicable to other time-sensitive applications. 111 2. Notational Conventions 113 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 114 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 115 document are to be interpreted as described in [RFC2119]. 117 3. Problem Statement 119 As discussed in more detail in Section 3.1, it is important that the 120 same URI and hostname be used for IPv4 and IPv6. Using separate 121 namespaces causes namespace fragmentation and reduces the ability for 122 users to share URIs and hostnames, and complicates printed material 123 that includes the URI or hostname. 125 As discussed in more detail in Section 3.2, IPv6 connectivity is 126 sometimes broken entirely or slower than native IPv4 connectivity. 128 3.1. URIs and hostnames 130 URIs are often used between users to exchange pointers to content -- 131 such as on Facebook, email, instant messaging, or other systems. 132 Thus, production URIs and production hostnames containing references 133 to IPv4 or IPv6 will only function if the other party is also using 134 an application, OS, and a network that can access the URI or the 135 hostname. 137 3.2. IPv6 139 When IPv6 connectivity is impaired, today's IPv6-capable web browsers 140 incur many seconds of delay before falling back to IPv4. This harms 141 the user's experience with IPv6, which will slow the acceptance of 142 IPv6, because IPv6 is frequently disabled in its entirety on the end 143 systems to improve the user experience. 145 Reasons for such failure include no connection to the IPv6 Internet, 146 broken 6to4 or Teredo tunnels, and broken IPv6 peering. 148 DNS Server Client Server 149 | | | 150 1. |<--www.example.com A?-----| | 151 2. |<--www.example.com AAAA?--| | 152 3. |---192.0.2.1------------->| | 153 4. |---2001:dba::1----------->| | 154 5. | | | 155 6. | |--TCP SYN, IPv6--->X | 156 7. | |--TCP SYN, IPv6--->X | 157 8. | |--TCP SYN, IPv6--->X | 158 9. | | | 159 10. | |--TCP SYN, IPv4------->| 160 11. | |<-TCP SYN+ACK, IPv4----| 161 12. | |--TCP ACK, IPv4------->| 163 Figure 1: Existing behavior message flow 165 The client obtains the IPv4 and IPv6 records for the server (1-4). 166 The client attempts to connect using IPv6 to the server, but the IPv6 167 path is broken (6-8), which consumes several seconds of time. 168 Eventually, the client attempts to connect using IPv4 (10) which 169 succeeds. 171 4. Client Recommendations 173 To provide fast connections for users, clients should make 174 connections quickly over various technologies, automatically tune 175 itself to avoid flooding the network with unnecessary connections 176 (i.e., for technologies that have not made successful connections), 177 and occasionally flush its self-tuning. 179 4.1. IPv6 181 If a TCP client supports IPv6 and IPv4 and is connected to IPv4 and 182 IPv6 networks, it can perform the procedures described in this 183 section. 185 DNS Server Client Server 186 | | | 187 1. |<--www.example.com A?-----| | 188 2. |<--www.example.com AAAA?--| | 189 3. |---192.0.2.1------------->| | 190 4. |---2001:dba::1----------->| | 191 5. | | | 192 6. | |==TCP SYN, IPv6===>X | 193 7. | |--TCP SYN, IPv4------->| 194 8. | |<-TCP SYN+ACK, IPv4----| 195 9. | |--TCP ACK, IPv4------->| 196 10. | |==TCP SYN, IPv6===>X | 198 Figure 2: Happy Eyeballs flow 1, IPv6 broken 200 In diagram above, the client sends two TCP SYNs at the same time over 201 IPv6 (6) and IPv4 (7). In the diagram, the IPv6 path is broken but 202 has little impact to the user because there is no long delay before 203 using IPv4. The IPv6 path is retried until the application gives up 204 (10). 206 DNS Server Client Server 207 | | | 208 1. |<--www.example.com A?-----| | 209 2. |<--www.example.com AAAA?--| | 210 3. |---192.0.2.1------------->| | 211 4. |---2001:dba::1----------->| | 212 5. | | | 213 6. | |==TCP SYN, IPv6=======>| 214 7. | |--TCP SYN, IPv4------->| 215 8. | |<=TCP SYN+ACK, IPv6====| 216 9. | |<-TCP SYN+ACK, IPv4----| 217 10. | |==TCP ACK, IPv6=======>| 218 11. | |--TCP ACK, IPv4------->| 219 12. | |--TCP RST, IPv4------->| 221 Figure 3: Happy Eyeballs flow 2, IPv6 working 223 The diagram above shows a case where both IPv6 and IPv4 are working, 224 and IPv4 is abandoned (12). 226 This section details how to provide robust dual stack service for 227 both IPv6 and IPv4, so that the user perceives very fast application 228 response. 230 The TCP client application is configured with one value, P. A 231 positive value indicates a preference for IPv6 and a negative value 232 indicates a preference for IPv4. A value of 0 indicates equal 233 weight, which means the A and AAAA queries and associated connection 234 attempts will be sent as quickly as possible. The absolute value of 235 P is the measure of a delay before initiating a connection attempt on 236 the other address family. There are two P values maintained: one is 237 application-wide and the other is specific per each destination 238 (hostname and port). 240 The algorithm attempts to delay the DNS query until it expects that 241 address family will be necessary; that is, if the preference is 242 towards IPv6, then AAAA will be queried immediately and the A query 243 will be delayed. 245 The TCP client application starts two threads in order to minimize 246 the user-noticeable delay ("dead time") during the connection 247 attempts: 249 thread 1: (IPv6) 251 * If P<0, wait for absolute value of p*10 milliseconds 253 * send DNS query for AAAA 255 * wait until DNS response is received 257 * Attempt to connect over IPv6 using TCP 259 thread 2: (IPv4) 261 * if P>0, wait for p*10 milliseconds 263 * send DNS query for A 265 * wait until DNS response is received 267 * Attempt to connect over IPv4 using TCP 269 The first thread that succeeds returns the completed connection to 270 the parent code and aborts the other thread (Section 4.2.2). 272 After a connection is successful, we want to adjust the application- 273 wide preference and the per-destination preference. The value of P 274 is incremented (decremented) each time an IPv6 (IPv4) connection is 275 successfully made. When a connection using the less-preferred 276 address family is successful, it indicates the wrong address family 277 was used and the P is halved: 279 o If P>0 (indicating IPv6 is preferred over IPv4) and the first 280 thread to finish was the IPv6 thread it indicates the IPv6 281 preference is correct and we need to re-enforce this by increasing 282 the application-wide P value by 1. However, if the first thread 283 to finish was the IPv4 thread it indicates an IPv6 connection 284 problem occurred and we need to aggressively prefer IPv4 more by 285 halving P and rounding towards 0. 287 o If P<0 (indicating IPv4 is preferred over IPv6) and the first 288 thread to finish was the IPv4 thread it indicates the preference 289 is correct and we need to re-enforce this gently by decreasing the 290 application-wide P value by 1. However, if the first thread to 291 finish was the IPv6 thread it indicates an IPv4 connection problem 292 and we need to aggressively avoid IPv4 by halving P and rounding 293 towards 0. 295 o If P=0 (indicating equal preference), P is incremented if the 296 first thread to complete was the IPv6 thread, or decremented if 297 the first thread to complete was the IPv4 thread. 299 After adjusting P, it should never be larger than 4 seconds -- which 300 is similar to the value used by many IPv6-capable TCP client 301 applications to switch to an alternate A or AAAA record. 303 Note: Proof of concept tests on fast networks show that even 304 smaller value (around 0.5 seconds) is practical. More extensive 305 testing would be useful to find the best upper boundary that still 306 ensures a good user experience. 308 4.2. Additional Considerations 310 This section discusses considerations and requirements that are 311 common to new technology deployment. 313 4.2.1. Additional Network and Host Traffic 315 Additional network traffic and additional server load is created due 316 to these recommendations and mitigated by application-wide and per- 317 destination timer adjustments. The procedures described in this 318 document retain a quality user experience while transitioning from 319 IPv4-only to dual stack. The quality user experience benefits the 320 user but to the detriment of the network and server that are serving 321 the user. 323 4.2.2. Abandon Non-Winning Connections 325 It is RECOMMENDED that the non-winning connections be abandoned, even 326 though they could be used to download content. This is because some 327 web sites provide HTTP clients with cookies (after logging in) that 328 incorporate the client's IP address, or use IP addresses to identify 329 users. If some connections from the same HTTP client are arriving 330 from different IP addresses, such HTTP applications will break. 332 4.2.3. Flush or Expire Cache 334 Because every network has different characteristics (e.g., working or 335 broken IPv6 connectivity) the IPv6/IPv4 preference value (P) SHOULD 336 be reset to its default whenever the host is connected to a new 337 network ([cx-osx], [cx-win]). However, in some instances the 338 application and the host are unaware the network connectivity has 339 changed so it is RECOMMENDED that per-destination values expire after 340 10 minutes of inactivity. 342 4.2.4. Determining Address Type 344 [[[ IS THIS SECTION NECESSARY ?? 346 For some transitional technologies such as a dual-stack host, it is 347 easy for the application to recognize the native IPv6 address 348 (learned via a AAAA query) and the native IPv4 address (learned via 349 an A query). For other transitional technologies [RFC2766] it is 350 impossible for the host to differentiate a transitional technology 351 IPv6 address from a native IPv6 address (see Section 4.1 of 352 [RFC4966]). Replacement transitional technologies are attempting to 353 bridge this gap. It is necessary for applications to distinguish 354 between native and transitional addresses in order to provide the 355 most seamless user experience. 357 ]]] 359 4.2.5. Debugging and Troubleshooting 361 This mechanism is aimed to help the user experience in case of 362 connectivity problems. However, this precise reason also makes it 363 tougher to use these applications as a means of the verification that 364 the problems are fixed. To assist in that regard, the applications 365 implementing the proposal in this document SHOULD also provide a 366 mechanism to temporarily use only one address family. 368 4.2.6. DNS Behavior 370 Unique to DNS AAAA queries are the problems described in [RFC4074] 371 which, if they still persist, require applications to perform an A 372 query before the AAAA query. 374 [[Editor's Note: It is believed these defective DNS servers have 375 long since been upgraded. If so, we can remove this section.]] 377 4.2.7. Thread safe DNS resolvers 379 Some applications and some OSs do not have thread safe DNS resolvers, 380 which complicates implementation of simultaneous A and AAAA queries 381 for IPv4/IPv6. 383 4.2.8. Middlebox Issues 385 Some devices are known to exhibit what amounts to a bug, when the A 386 and AAAA requests are sent back-to-back over the same 4-tuple, and 387 drop one of the requests or replies [DNS-middlebox]. However, in 388 some cases fixing this behaviour may not be possible either due to 389 the architectural limitations or due to the administrative 390 constraints (location of the faulty device is unknown to the end 391 hosts or not controlled by the end hosts). The algorithm described 392 in this draft, in the case of this erroneous behaviour will 393 eventually pace the queries such that this issue is will be avoided. 394 The algorithm described in this draft also avoids calling the 395 operating system's getaddrinfo() with "any", which should prevent the 396 operating system from sending the A and AAAA queries on the same 397 port. 399 4.2.9. Multiple Interfaces 401 Interaction of the suggestions in this document with multiple 402 interfaces, and interaction with the MIF working group, is for 403 further study. 405 4.3. Content Provider Recommendations 407 Content providers SHOULD provide both AAAA and A records for servers 408 using the same DNS name for both IPv4 and IPv6. 410 4.4. Security Considerations 412 [[Placeholder.]] 414 See Section 4.2.2. 416 4.5. Acknowledgements 418 The mechanism described in this paper was inspired by Stuart 419 Cheshire's discussion at the IAB Plenary at IETF72, the author's 420 understanding of Safari's operation with SRV records, Interactive 421 Connectivity Establishment (ICE [RFC5245]), and the current IPv4/IPv6 422 behavior of SMTP mail transfer agents. 424 Thanks to Fred Baker, Jeff Kinzli, Christian Kuhtz, and Iljitsch van 425 Beijnum for fostering the creation of this document. 427 Thanks to Scott Brim and Stig Venaas for providing feedback on the 428 document. 430 4.6. IANA Considerations 432 This document has no IANA actions. 434 5. References 436 5.1. Normative References 438 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 439 Requirement Levels", BCP 14, RFC 2119, March 1997. 441 5.2. Informational References 443 [DNS-middlebox] 444 Various, "DNS middlebox behavior with multiple queries 445 over same source port", June 2009, 446 . 448 [RFC2766] Tsirtsis, G. and P. Srisuresh, "Network Address 449 Translation - Protocol Translation (NAT-PT)", RFC 2766, 450 February 2000. 452 [RFC4074] Morishita, Y. and T. Jinmei, "Common Misbehavior Against 453 DNS Queries for IPv6 Addresses", RFC 4074, May 2005. 455 [RFC4966] Aoun, C. and E. Davies, "Reasons to Move the Network 456 Address Translator - Protocol Translator (NAT-PT) to 457 Historic Status", RFC 4966, July 2007. 459 [RFC5245] Rosenberg, J., "Interactive Connectivity Establishment 460 (ICE): A Protocol for Network Address Translator (NAT) 461 Traversal for Offer/Answer Protocols", RFC 5245, 462 April 2010. 464 [cx-osx] Adium, "AIHostReachabilityMonitor", June 2009, 465 . 467 [cx-win] Microsoft, "NetworkChange.NetworkAvailabilityChanged 468 Event", June 2009, . 473 [whitelist] 474 Google, "Google IPv6 DNS Whitelist", March 2008, 475 . 477 Authors' Addresses 479 Dan Wing 480 Cisco Systems, Inc. 481 170 West Tasman Drive 482 San Jose, CA 95134 483 USA 485 Email: dwing@cisco.com 487 Andrew Yourtchenko 488 Cisco Systems, Inc. 489 De Kleetlaan, 7 490 San Jose, Diegem B-1831 491 Belgium 493 Email: ayourtch@cisco.com