Summary: Has a DISCUSS. Has enough positions to pass once DISCUSS positions are resolved.
* Section 4 It is not clear what you intend here "IPv6 Router Advertisement Interval = 300s" The router advertisement interval is not configured as an absolute value but as minimum and maximum bounds (MinRtrAdvInterval and MaxRtrAdvInterval) which are used to calculate the actual advertisement interval. When the RA is sent from an interface, the actual interval is an uniformly distributed random value between the MinRtrAdvInterval and MaxRtrAdvInterval. At the very minimum you need to clarify if you would like to have this as a lower bound or as an upper bound.
* Section 4 -> I think text is needed here to handle the case where the DNS server is provided in the RA itself (RFC8106) "In addition it will use stateless DHCPv6 to get the IPv6 address of the DNS server" -> I am not sure what is the motivation for this text. "however it SHOULD NOT use stateful DHCPv6 to receive a service provider managed IPv6 address" -> This text seems incorrect "due to the L-bit set, it SHOULD send this traffic to the First Hop Provider Router" I think it should be the exact opposite. i.e. say *unset* instead of set "due to the L-bit being unset, it SHOULD send this traffic to the First Hop Provider Router"
I have no technical comments, but a number of editorial comments: - General: I think this could use another proofreading and/or editing pass for the following issues: -- Inconsistent tense--especially use of future or present continuous. -- Wordy and convoluted sentences -- Use of "/" as a conjunction. - Abstract: The abstract is longer and more detailed than is useful. The last paragraph could have stood alone as the abstract. It's not clear to me if "hosts (subscribers)" means something different than "hosts" in context. -1: Please expand "IA_NA" on first use. s/"This document will focus..."/"This document focuses..." "As such the use of IPv6 SLAAC based subscriber and address management for provider managed shared network services is the recommended technology of choice, as it does not exclude any known IPv6 implementation." Does this document make that recommendation, or is that some pre-existing recommendation? -3: "The Best Current Practice documented in this note is to provide a unique IPv6 prefix to hosts/subscribers devices connected to the provider managed shared network." The sentence hard to follow. Consider "This document recommends...". I'm not sure how to interpret "hosts/subscribers devices" "Each unique IPv6 prefix can function as control-plane anchor point to make sure that each subscriber is receiving" s/"... subscriber is receiving ..."/"... subscriber receives..." -4: Is "First Hop Provider Router" different than "First Hop Router"? In the last bullet (L-flag=0), are NEVER and ALWAYS in all-caps expected to have different meaning than if they had normal capitalization? The sentence starting with "The architected result of designing the RA as documented above..." is convoluted and hard to follow. "... however it SHOULD NOT use stateful DHCPv6 to receive a service provider managed IPv6 address": Is that really a normative requirement, or is it a statement of fact about existing requirements? "it SHOULD send this traffic to the First Hop Provider Router." : statement of fact? - 5: "To reduce undesired resource consumption on the First Hop Router the desire is to remove UE/subscriber context in the case of non-permanent UE, such as in the case of WiFi hotspots as quickly as possible. " Convoluted sentence. "A possible solution is to use a subscriber inactivity timer which, after tracking a pre-defined (currently unspecified) number of minutes, deletes the subscriber context on the First Hop Router." s/which/that (Consider " ... timer that deletes...after a predetermined number of minutes" -7: "The combination of both IPv6 privacy extensions and operator based assignment of a Unique IPv6 Prefix per Host provides each implementing operator a tool to manage and provide subscriber services and hence reduces the experienced privacy within each operator controlled domain." I have trouble following that sentence. Is the point to say that providing tools to manage and provide services reduces privacy in general? As worded, it almost sounds like this is meant as a feature, which I assume is not the case.
One nit: Please consider moving Benefits of unique IPv6 prefix over a unique IPv6 address from the service provider include improved subscriber isolation and enhanced subscriber management. to the first paragraph of the Abstract. I’m assuming that this explains the “needs that have arisen” in the first sentence of the Abstract, of course.
To me this seems approriate for BCP; I'm saying this because this was mentioned in the shepherd-write-up as it was brought up by the gen-art review. Please also consider the following comment from the gen-art review (Thanks Joel!): "The issue of status for the document (BCP vs Informational) is for the IESG to conclude. However, even if it is a BCP, as I understand the purpose, this document is intended to describe the practices to be used when a provider has decided to deploy a /64 per host. The wording that is chosen throughout the document makes it appear that the underlying decision about such a deployment is also a recommended practice." I agree that wording could be made clearer here!
Radius should have an informative reference on first use.
Thank you for addressing the SecDir review: https://mailarchive.ietf.org/arch/msg/secdir/wWp_0vlmsz7Ss-nowjhehYImOeg
Document: draft-ietf-v6ops-unique-ipv6-prefix-per-host-07.txt I found the discussion of the shared network medium a bit confusing. As I understand it, the idea is that if we are on a shared network and we have the same prefix, I might try to send to you directly. What you want to do is make that not happen by having each node have a separate prefix. Correct? If so, perhaps promote this bullet, and also have it describe the problem and why this provides a solution: o Two devices (subscriber/hosts), both attached to the same provider managed shared network should only be able to communicate through the provider managed First Hop Router It's a bit unclear to me how much you are saying that something is current practice versus how much you are recommending it. For instance, the abstract reads more like what you would expect for PS. This document outlines an approach utilising existing IPv6 protocols to allow hosts to be assigned a unique IPv6 prefix (instead of a unique IPv6 address from a shared IPv6 prefix). Benefits of unique IPv6 prefix over a unique IPv6 address from the service provider include improved subscriber isolation and enhanced subscriber management. But then S 4 seems to be documenting: The IPv6 RA flags used for best common practice in IPv6 SLAAC based Provider managed shared networks are: The use of a unique IPv6 prefix per UE adds an additional level of protection and efficiency as it relates to how IPv6 Neighbor Discovery and Router Discovery processing. Since the UE has a unique IPv6 prefix all traffic by default will be directed to the First Hop provider router. Further, the flag combinations documented above maximise the IPv6 configurations that are available by hosts including the use of privacy IPv6 addressing. It's not quite clear to me why unique prefixs are needed here if people set L=0. Is it that people ignore L=0? Finally, I'm a bit confused about how to read this text about the L=0 bit in cases where I have multiple devices rather than just one at the customer prem. Say I have a topology with a home router and devices behind it. I.e., Service Provider | | Customer Router | +-----------+-----------+ | | | Host 1 Host 2 Host 3 I assume what happens here is that the router gets prefix X, assigns itself XY, and then the Hosts get XA, XB, XC, etc, a la 7278. Is that right? If so, my question is about packets coming into the Router from the SP, which have (say) XA. The text about the L-flag suggests that the router should send them back to the gateway, but that's clearly not right. What am I missing?