One document matched: draft-ietf-v6ops-happy-eyeballs-01.txt
Differences from draft-ietf-v6ops-happy-eyeballs-00.txt
v6ops D. Wing
Internet-Draft A. Yourtchenko
Intended status: Standards Track Cisco
Expires: September 15, 2011 March 14, 2011
Happy Eyeballs: Trending Towards Success with Dual-Stack Hosts
draft-ietf-v6ops-happy-eyeballs-01
Abstract
This document describes how a dual-stack client can determine the
functioning path to a dual-stack server. This provides a seamless
user experience during initial deployment of dual-stack networks and
during outages of IPv4 or outages of IPv6.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 15, 2011.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Wing & Yourtchenko Expires September 15, 2011 [Page 1]
Internet-Draft Happy Eyeballs Dual Stack March 2011
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 4
3. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 4
3.1. URIs and hostnames . . . . . . . . . . . . . . . . . . . . 4
3.2. IPv6 connectivity . . . . . . . . . . . . . . . . . . . . 4
4. Client Recommendations . . . . . . . . . . . . . . . . . . . . 5
4.1. Dualstack behavior . . . . . . . . . . . . . . . . . . . . 5
4.2. Implementation details . . . . . . . . . . . . . . . . . . 6
4.2.1. Applications that use address records . . . . . . . . 6
4.2.2. Applications that use the SRV records . . . . . . . . 8
5. Additional Considerations . . . . . . . . . . . . . . . . . . 9
5.1. Additional Network and Host Traffic . . . . . . . . . . . 9
5.2. Abandon Non-Winning Connections . . . . . . . . . . . . . 10
5.3. Flush or Expire Cache . . . . . . . . . . . . . . . . . . 10
5.4. Determining Address Type . . . . . . . . . . . . . . . . . 10
5.5. Debugging and Troubleshooting . . . . . . . . . . . . . . 10
5.6. DNS Behavior . . . . . . . . . . . . . . . . . . . . . . . 11
5.7. Middlebox Issues . . . . . . . . . . . . . . . . . . . . . 11
5.8. Multiple Interfaces . . . . . . . . . . . . . . . . . . . 12
6. Content Provider Recommendations . . . . . . . . . . . . . . . 12
7. Security Considerations . . . . . . . . . . . . . . . . . . . 12
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 12
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13
10.1. Normative References . . . . . . . . . . . . . . . . . . . 13
10.2. Informational References . . . . . . . . . . . . . . . . . 13
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 14
Wing & Yourtchenko Expires September 15, 2011 [Page 2]
Internet-Draft Happy Eyeballs Dual Stack March 2011
1. Introduction
In order to use HTTP successfully over IPv6, it is necessary that the
user enjoys nearly identical performance as compared to IPv4. A
combination of today's applications, IPv6 tunneling and IPv6 service
providers, and some of today's content providers all cause the user
experience to suffer (Section 3). For IPv6, a content provider may
ensure a positive user experience by using a DNS white list of IPv6
service providers who peer directly with them, e.g. [whitelist].
However, this is not scalable to all service providers worldwide, nor
is it scalable for other content providers to operate their own DNS
white list.
Instead, this document suggests a mechanism for applications to
quickly determine if IPv6 or IPv4 is the most optimal to connect to a
server. The suggestions in this document provide a user experience
which is superior to connecting to ordered IP addresses which is
helpful during the IPv6/IPv4 transition with dual stack hosts.
This problem is described also in [RFC1671]: "The dual-stack code
may get two addresses back from DNS; which does it use? During the
many years of transition the Internet will contain black holes. For
example, somewhere on the way from IPng host A to IPng host B there
will sometimes (unpredictably) be IPv4-only routers which discard
IPng packets. Also, the state of the DNS does not necessarily
correspond to reality. A host for which DNS claims to know an IPng
address may in fact not be running IPng at a particular moment; thus
an IPng packet to that host will be discarded on delivery. Knowing
that a host has both IPv4 and IPng addresses gives no information
about black holes. A solution to this must be proposed and it must
not depend on manually maintained information. (If this is not
solved, the dual stack approach is no better than the packet
translation approach.)"
Following the procedures in this document, once a certain address
family is successful, the application trends towards preferring that
address family. Thus, repeated use of the application DOES NOT cause
repeated probes over both address families.
While the application recommendations in this document are described
in the context of HTTP clients ("web browsers"), it is also useful
and applicable to other interactive applications.
Code which implements some of the ideas described in this document
has been made available [Perreault] [Andrews].
Wing & Yourtchenko Expires September 15, 2011 [Page 3]
Internet-Draft Happy Eyeballs Dual Stack March 2011
2. Notational Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
3. Problem Statement
As discussed in more detail in Section 3.1, it is important that the
same URI and hostname be used for IPv4 and IPv6. Using separate
namespaces causes namespace fragmentation and reduces the ability for
users to share URIs and hostnames, and complicates printed material
that includes the URI or hostname.
As discussed in more detail in Section 3.2, IPv6 connectivity is
sometimes broken entirely or slower than native IPv4 connectivity.
3.1. URIs and hostnames
URIs are often used between users to exchange pointers to content --
such as on social networks, email, instant messaging, or other
systems. Thus, production URIs and production hostnames containing
references to IPv4 or IPv6 will only function if the other party is
also using an application, OS, and a network that can access the URI
or the hostname.
3.2. IPv6 connectivity
When IPv6 connectivity is impaired, today's IPv6-capable web browsers
incur many seconds of delay before falling back to IPv4. This harms
the user's experience with IPv6, which will slow the acceptance of
IPv6, because IPv6 is frequently disabled in its entirety on the end
systems to improve the user experience.
Reasons for such failure include no connection to the IPv6 Internet,
broken 6to4 or Teredo tunnels, and broken IPv6 peering.
Wing & Yourtchenko Expires September 15, 2011 [Page 4]
Internet-Draft Happy Eyeballs Dual Stack March 2011
DNS Server Client Server
| | |
1. |<--www.example.com A?-----| |
2. |<--www.example.com AAAA?--| |
3. |---192.0.2.1------------->| |
4. |---2001:db8::1----------->| |
5. | | |
6. | |--TCP SYN, IPv6--->X |
7. | |--TCP SYN, IPv6--->X |
8. | |--TCP SYN, IPv6--->X |
9. | | |
10. | |--TCP SYN, IPv4------->|
11. | |<-TCP SYN+ACK, IPv4----|
12. | |--TCP ACK, IPv4------->|
Figure 1: Existing behavior message flow
The client obtains the IPv4 and IPv6 records for the server (1-4).
The client attempts to connect using IPv6 to the server, but the IPv6
path is broken (6-8), which consumes several seconds of time.
Eventually, the client attempts to connect using IPv4 (10) which
succeeds.
4. Client Recommendations
To provide fast connections for users, clients should make
connections quickly over various technologies, automatically tune
itself to avoid flooding the network with unnecessary connections
(i.e., for technologies that have not made successful connections),
and occasionally flush its self-tuning.
4.1. Dualstack behavior
If a TCP client supports IPv6 and IPv4 and is connected to IPv4 and
IPv6 networks, it can perform the procedures described in this
section.
Wing & Yourtchenko Expires September 15, 2011 [Page 5]
Internet-Draft Happy Eyeballs Dual Stack March 2011
DNS Server Client Server
| | |
1. |<--www.example.com A?-----| |
2. |<--www.example.com AAAA?--| |
3. |---192.0.2.1------------->| |
4. |---2001:db8::1----------->| |
5. | | |
6. | |==TCP SYN, IPv6===>X |
7. | |--TCP SYN, IPv4------->|
8. | |<-TCP SYN+ACK, IPv4----|
9. | |--TCP ACK, IPv4------->|
10. | |==TCP SYN, IPv6===>X |
Figure 2: Happy Eyeballs flow 1, IPv6 broken
In the diagram above, the client sends two TCP SYNs at the same time
over IPv6 (6) and IPv4 (7). In the diagram, the IPv6 path is broken
but has little impact to the user because there is no long delay
before using IPv4. The IPv6 path is retried until the application
gives up (10).
DNS Server Client Server
| | |
1. |<--www.example.com A?-----| |
2. |<--www.example.com AAAA?--| |
3. |---192.0.2.1------------->| |
4. |---2001:db8::1----------->| |
5. | | |
6. | |==TCP SYN, IPv6=======>|
7. | |--TCP SYN, IPv4------->|
8. | |<=TCP SYN+ACK, IPv6====|
9. | |<-TCP SYN+ACK, IPv4----|
10. | |==TCP ACK, IPv6=======>|
11. | |--TCP ACK, IPv4------->|
12. | |--TCP RST, IPv4------->|
Figure 3: Happy Eyeballs flow 2, IPv6 working
The diagram above shows a case where both IPv6 and IPv4 are working,
and IPv4 is abandoned (12).
4.2. Implementation details
4.2.1. Applications that use address records
This section details how to provide robust dual stack service for
both IPv6 and IPv4, so that the user perceives very fast application
response.
Wing & Yourtchenko Expires September 15, 2011 [Page 6]
Internet-Draft Happy Eyeballs Dual Stack March 2011
The TCP client application is configured with one application-wide
value of P. A positive value indicates a preference for IPv6 and a
negative value indicates a preference for IPv4. A value of 0
indicates equal weight, which means the A and AAAA queries and
associated connection attempts will be sent as quickly as possible.
The absolute value of P is the measure of a delay before initiating a
DNS lookup and a connection attempt on the other address family.
There are two P values maintained: one is application-wide and the
other is specific per each destination (hostname and port).
The algorithm attempts to delay the DNS query until it expects that
address family will be necessary; that is, if the preference is
towards IPv6, then AAAA will be queried immediately and the A query
will be delayed.
The TCP client application starts two concurrent execution flows
(they will be referred to as "threads" but this reference does not
imply the implementation detail of using the threading library,
merely the property of mutual concurrency) in order to minimize the
user-noticeable delay ("dead time") during the connection attempts:
thread 1: (IPv6)
* If P<0, wait for absolute value of p*10 milliseconds
* send DNS query for AAAA
* wait until DNS response is received
* Attempt to connect over IPv6 using TCP
thread 2: (IPv4)
* if P>0, wait for p*10 milliseconds
* send DNS query for A
* wait until DNS response is received
* Attempt to connect over IPv4 using TCP
The first thread that succeeds returns the completed connection to
the parent code and aborts the other thread (Section 5.2).
After a connection is successful, we want to adjust the application-
wide preference and the per-destination preference. The value of P
is incremented (decremented) each time an IPv6 (IPv4) connection wins
the race.. When a connection using the less-preferred address family
Wing & Yourtchenko Expires September 15, 2011 [Page 7]
Internet-Draft Happy Eyeballs Dual Stack March 2011
is successful, it indicates the wrong address family was used and the
value of P is halved:
o If P>0 (indicating IPv6 is preferred over IPv4) and the first
thread to finish was the IPv6 thread it indicates the IPv6
preference is correct and we need to re-enforce this by increasing
the application-wide P value by 1. However, if the first thread
to finish was the IPv4 thread it indicates an IPv6 connection
problem occurred and we need to aggressively prefer IPv4 more by
halving P and rounding towards 0.
o If P<0 (indicating IPv4 is preferred over IPv6) and the first
thread to finish was the IPv4 thread it indicates the preference
is correct and we need to re-enforce this gently by decreasing the
application-wide P value by 1. However, if the first thread to
finish was the IPv6 thread it indicates an IPv4 connection problem
and we need to aggressively avoid IPv4 by halving P and rounding
towards 0.
o If P=0 (indicating equal preference), P is incremented by one if
the first thread to complete was the IPv6 thread, or decremented
by one if the first thread to complete was the IPv4 thread.
After adjusting P, the resulting delay should never be larger than 4
seconds -- which is similar to the value used by many IPv6-capable
TCP client applications to switch to an alternate A or AAAA record.
Editor's Note 01: Proof of concept tests on fast networks show
that even smaller value (around 0.5 seconds) may be practical.
More extensive testing would be useful to find the best upper
boundary that still ensures a good user experience.
Editor's Note 02: A strict implementation of the above steps
results in "P" being adjusted if there are no AAAA records or are
no A records. This is undesirable. Thus, a future version of
this specification is expected to recommend that "P" only be
adjusted if there was both an A and AAAA record.
4.2.2. Applications that use the SRV records
For the purposes of this section, "client" is defined as the entity
initiating the connection.
For protocols which support DNS SRV [RFC2782], the client performs
the IN SRV query (e.g. IN SRV _xmpp-client._tcp.example.com) as
normal. The client MUST perform the following steps:
Wing & Yourtchenko Expires September 15, 2011 [Page 8]
Internet-Draft Happy Eyeballs Dual Stack March 2011
1. Sort all SRV records according to priority (lowest priority
first)
2. Process all of the SRV targets of the same priority with a weight
greater than 0:
A. Perform A/AAAA queries for each SRV target in parallel, as
described in Section 4.2.1
B. Connect to the IPv4/IPv6 addresses
C. If at least one connection succeeds, stop processing SRV
records
3. If there is no connection, process all of the SRV targets of the
same priority with a weight of 0, as per steps 2.1 through 2.3
above
4. Repeat steps 2.1 through 2.3 for the next priority, until a
connection is established or all SRV records have been exhausted
5. If there is still no connection, fallback to using the domain
(e.g. example.com), following steps 2.1 through 2.3 above
It is RECOMMENDED, but not required, for the client to cache the
winning connection's address information and reuse it on subsequent
connections. If a significant network event occurs (e.g. network
interface is activated/deactivated, IP address changes), the client
MUST forget the cached address information and perform all of the
steps from above. The definition of "significant network event" is
intentionally vague.
5. Additional Considerations
This section discusses considerations and requirements that are
common to new technology deployment.
5.1. Additional Network and Host Traffic
Additional network traffic and additional server load is created due
to these recommendations and mitigated by application-wide and per-
destination timer adjustments. The procedures described in this
document retain a quality user experience while transitioning from
IPv4-only to dual stack. The quality user experience benefits the
user but to the detriment of the network and server that are serving
the user.
Wing & Yourtchenko Expires September 15, 2011 [Page 9]
Internet-Draft Happy Eyeballs Dual Stack March 2011
5.2. Abandon Non-Winning Connections
It is RECOMMENDED that the non-winning connections be abandoned, even
though they could be used to download content. This is because some
web sites provide HTTP clients with cookies (after logging in) that
incorporate the client's IP address, or use IP addresses to identify
users. If some connections from the same HTTP client are arriving
from different IP addresses, such HTTP applications will break. It's
also important to abandon connections to avoid consuming server or
middlebox (e.g., NAT) resources (file descriptors, memory, TCP
control blocks) and avoid sending TCP or application-level keepalives
on otherwise unused connections.
5.3. Flush or Expire Cache
Because every network has different characteristics (e.g., working or
broken IPv6 connectivity) the IPv6/IPv4 preference value (P) SHOULD
be reset to its default whenever the host is connected to a new
network ([cx-osx], [cx-win]). However, in some instances the
application and the host are unaware the network connectivity has
changed so it is RECOMMENDED that per-destination values expire after
10 minutes of inactivity.
5.4. Determining Address Type
For some transitional technologies such as a dual-stack host, it is
easy for the application to recognize the native IPv6 address
(learned via a AAAA query) and the native IPv4 address (learned via
an A query). For other transitional technologies [RFC2766] it is
impossible for the host to differentiate a transitional technology
IPv6 address from a native IPv6 address (see Section 4.1 of
[RFC4966]). Replacement transitional technologies are attempting to
bridge this gap. It is necessary for applications to distinguish
between native and transitional addresses in order to provide the
most seamless user experience.
Application awareness of transitional technologies, if implemented,
SHOULD provide a facility to give the preference only to native IPv6
addresses.
5.5. Debugging and Troubleshooting
This mechanism is aimed at ensuring a reliable user experience
regardless of connectivity problems affecting any single transport.
However, this naturally means that applications employing these
techniques are by default less useful for diagnosing issues with any
particular transport. To assist in that regard, the applications
implementing the proposal in this document SHOULD also provide a
Wing & Yourtchenko Expires September 15, 2011 [Page 10]
Internet-Draft Happy Eyeballs Dual Stack March 2011
mechanism to revert the behavior to that of a default provided by the
operating system - the [RFC3484].
[[[ To be discussed.
Some sites may wish to be informed when the the hosts adjust their
"P" value, in order to troubleshoot the underlying cause. To help
these sites, a strawman proposal is to send a syslog message or
other notification to an address that may be configured by a site
administrator in a centralized fashion. (The exact method TBD -
DHCP option, domain name, etc.) This syslog message should be
sent only first N times that the host expects to prefer IPv6 but
has to use IPv4. I.e. the first N times it decreases the value of
P. N - TBD.
]]]
5.6. DNS Behavior
Unique to DNS AAAA queries are the problems described in [RFC4074]
which, if they still persist, require applications to perform an A
query before the AAAA query.
[[Editor's Note 03: It is believed these defective DNS servers
have long since been upgraded. If so, we can remove this
section.]]
5.7. Middlebox Issues
Some devices are known to exhibit what amounts to a bug, when the A
and AAAA requests are sent back-to-back over the same 4-tuple, and
drop one of the requests or replies [DNS-middlebox]. However, in
some cases fixing this behaviour may not be possible either due to
the architectural limitations or due to the administrative
constraints (location of the faulty device is unknown to the end
hosts or not controlled by the end hosts). The algorithm described
in this draft, in the case of this erroneous behaviour will
eventually pace the queries such that this issue is will be avoided.
The algorithm described in this draft also avoids calling the
operating system's getaddrinfo() with "any", which should prevent the
operating system from sending the A and AAAA queries on the same
port.
For the large part, these issues are believed to be fixed, in which
case the getaddrinfo() with AF_UNSPEC as the address family in its
hints.
Wing & Yourtchenko Expires September 15, 2011 [Page 11]
Internet-Draft Happy Eyeballs Dual Stack March 2011
5.8. Multiple Interfaces
Interaction of the suggestions in this document with multiple
interfaces, and interaction with the MIF working group, is for
further study ([I-D.chen-mif-happy-eyeballs-extension] is devoted to
this).
6. Content Provider Recommendations
Content providers SHOULD provide both AAAA and A records for servers
using the same DNS name for both IPv4 and IPv6.
7. Security Considerations
[[Placeholder.]]
See Section 5.2.
8. Acknowledgements
The mechanism described in this paper was inspired by Stuart
Cheshire's discussion at the IAB Plenary at IETF72, the author's
understanding of Safari's operation with SRV records, Interactive
Connectivity Establishment (ICE [RFC5245]), and the current IPv4/IPv6
behavior of SMTP mail transfer agents.
Thanks to Fred Baker, Jeff Kinzli, Christian Kuhtz, and Iljitsch van
Beijnum for fostering the creation of this document.
Thanks to Scott Brim, Rick Jones, Stig Venaas, Erik Kline, Bjoern
Zeeb, Matt Miller for providing feedback on the document.
Thanks to Javier Ubillos, Simon Perreault and Mark Andrews for the
active feedback and the experimental work on the independent
practical implementations that they created.
Also the authors would like to thank the following individuals who
participated in various email discussions on this topic: Mohacsi
Janos, Pekka Savola, Ted Lemon, Carlos Martinez-Cagnazzo, Simon
Perreault, Jack Bates, Jeroen Massar, Fred Baker, Javier Ubillos,
Teemu Savolainen, Scott Brim, Erik Kline, Cameron Byrne, Daniel
Roesen, Guillaume Leclanche, Cameron Byrne, Mark Smith, Gert Doering,
Martin Millnert, Tim Durack, Matthew Palmer.
Wing & Yourtchenko Expires September 15, 2011 [Page 12]
Internet-Draft Happy Eyeballs Dual Stack March 2011
9. IANA Considerations
This document has no IANA actions.
10. References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for
specifying the location of services (DNS SRV)", RFC 2782,
February 2000.
[RFC3484] Draves, R., "Default Address Selection for Internet
Protocol version 6 (IPv6)", RFC 3484, February 2003.
10.2. Informational References
[Andrews] Andrews, M., "How to connect to a multi-homed server over
TCP", January 2011, <http://www.isc.org/community/blog/
201101/how-to-connect-to-a-multi-h omed-server-over-tcp>.
[DNS-middlebox]
Various, "DNS middlebox behavior with multiple queries
over same source port", June 2009,
<https://bugzilla.redhat.com/show_bug.cgi?id=505105>.
[I-D.chen-mif-happy-eyeballs-extension]
Chen, G., "Happy Eyeballs Extension for Multiple
Interfaces", draft-chen-mif-happy-eyeballs-extension-00
(work in progress), March 2011.
[Perreault]
Perreault, S., "Happy Eyeballs in Erlang", February 2011,
<http://www.viagenie.ca/news/
index.html#happy_eyeballs_erlang>.
[RFC1671] Carpenter, B., "IPng White Paper on Transition and Other
Considerations", RFC 1671, August 1994.
[RFC2766] Tsirtsis, G. and P. Srisuresh, "Network Address
Translation - Protocol Translation (NAT-PT)", RFC 2766,
February 2000.
[RFC4074] Morishita, Y. and T. Jinmei, "Common Misbehavior Against
Wing & Yourtchenko Expires September 15, 2011 [Page 13]
Internet-Draft Happy Eyeballs Dual Stack March 2011
DNS Queries for IPv6 Addresses", RFC 4074, May 2005.
[RFC4966] Aoun, C. and E. Davies, "Reasons to Move the Network
Address Translator - Protocol Translator (NAT-PT) to
Historic Status", RFC 4966, July 2007.
[RFC5245] Rosenberg, J., "Interactive Connectivity Establishment
(ICE): A Protocol for Network Address Translator (NAT)
Traversal for Offer/Answer Protocols", RFC 5245,
April 2010.
[cx-osx] Adium, "AIHostReachabilityMonitor", June 2009,
<https://bugzilla.redhat.com/show_bug.cgi?id=505105>.
[cx-win] Microsoft, "NetworkChange.NetworkAvailabilityChanged
Event", June 2009, <http://msdn.microsoft.com/en-us/
library/
system.net.networkinformation.networkchange.networkavailab
ilitychanged.aspx>.
[whitelist]
Google, "Google IPv6 DNS Whitelist", January 2009,
<http://www.google.com/intl/en/ipv6>.
Authors' Addresses
Dan Wing
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA
Email: dwing@cisco.com
Andrew Yourtchenko
Cisco Systems, Inc.
De Kleetlaan, 7
San Jose, Diegem B-1831
Belgium
Email: ayourtch@cisco.com
Wing & Yourtchenko Expires September 15, 2011 [Page 14]
| PAFTECH AB 2003-2026 | 2026-04-23 21:30:50 |