v6ops D. Wing Internet-Draft A. Yourtchenko Intended status: Standards Track Cisco Expires: April 28, 2011 October 25, 2010 Happy Eyeballs: Trending Towards Success with Dual-Stack Hosts draft-wing-v6ops-happy-eyeballs-ipv6-01 Abstract This document describes how a dual-stack client can determine the functioning path to a dual-stack server. This provides a seemless user experience during initial deployment of dual-stack networks and during outages of IPv4 or outages of IPv6. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 28, 2011. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents Wing & Yourtchenko Expires April 28, 2011 [Page 1]
Internet-Draft Happy Eyeballs Dual Stack October 2010 carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 3 3. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3 3.1. URIs and hostnames . . . . . . . . . . . . . . . . . . . . 4 3.2. IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 4. Client Recommendations . . . . . . . . . . . . . . . . . . . . 4 4.1. IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 4.2. Additional Considerations . . . . . . . . . . . . . . . . 7 4.2.1. Additional Network and Host Traffic . . . . . . . . . 7 4.2.2. Abandon Non-Winning Connections . . . . . . . . . . . 8 4.2.3. Flush or Expire Cache . . . . . . . . . . . . . . . . 8 4.2.4. Determining Address Type . . . . . . . . . . . . . . . 8 4.2.5. Debugging and Troubleshooting . . . . . . . . . . . . 8 4.2.6. DNS Behavior . . . . . . . . . . . . . . . . . . . . . 9 4.2.7. Thread safe DNS resolvers . . . . . . . . . . . . . . 9 4.2.8. Middlebox Issues . . . . . . . . . . . . . . . . . . . 9 4.2.9. Multiple Interfaces . . . . . . . . . . . . . . . . . 9 4.3. Content Provider Recommendations . . . . . . . . . . . . . 9 4.4. Security Considerations . . . . . . . . . . . . . . . . . 9 4.5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . 10 4.6. IANA Considerations . . . . . . . . . . . . . . . . . . . 10 5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10 5.1. Normative References . . . . . . . . . . . . . . . . . . . 10 5.2. Informational References . . . . . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 11 Wing & Yourtchenko Expires April 28, 2011 [Page 2]
Internet-Draft Happy Eyeballs Dual Stack October 2010 1. Introduction In order to use HTTP successfully over IPv6, it is necessary that the user enjoys nearly identical performance as compared to IPv4. A combination of today's applications, IPv6 tunneling and IPv6 service providers, and some of today's content providers all cause the user experience to suffer (Section 3). For IPv6, Google ensures a positive user experience by using a DNS white list of IPv6 service providers who peer directly with Google [whitelist]. However, this is not scalable to all service providers worldwide, nor is it scalable for other content providers to operate their own DNS white list. Instead, this document suggests a mechanism for applications to quickly determine if IPv6 or IPv4 is the most optimal to connect to a server. The suggestions in this document provide a user experience which is superior to connecting to ordered IP addresses which is helpful during the IPv6/IPv4 transition with dual stack hosts. Following the procedures in this document, once a certain address family is successful, the application trends towards preferring that address family. Thus, repeated use of the application DOES NOT cause repeated probes over both address families. While the application recommendations in this document are described in the context of HTTP clients ("web browsers"), but is useful and applicable to other time-sensitive applications. 2. Notational Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 3. Problem Statement As discussed in more detail in Section 3.1, it is important that the same URI and hostname be used for IPv4 and IPv6. Using separate namespaces causes namespace fragmentation and reduces the ability for users to share URIs and hostnames, and complicates printed material that includes the URI or hostname. As discussed in more detail in Section 3.2, IPv6 connectivity is sometimes broken entirely or slower than native IPv4 connectivity. Wing & Yourtchenko Expires April 28, 2011 [Page 3]
Internet-Draft Happy Eyeballs Dual Stack October 2010 3.1. URIs and hostnames URIs are often used between users to exchange pointers to content -- such as on Facebook, email, instant messaging, or other systems. Thus, production URIs and production hostnames containing references to IPv4 or IPv6 will only function if the other party is also using an application, OS, and a network that can access the URI or the hostname. 3.2. IPv6 When IPv6 connectivity is impaired, today's IPv6-capable web browsers incur many seconds of delay before falling back to IPv4. This harms the user's experience with IPv6, which will slow the acceptance of IPv6, because IPv6 is frequently disabled in its entirety on the end systems to improve the user experience. Reasons for such failure include no connection to the IPv6 Internet, broken 6to4 or Teredo tunnels, and broken IPv6 peering. DNS Server Client Server | | | 1. |<--www.example.com A?-----| | 2. |<--www.example.com AAAA?--| | 3. |---192.0.2.1------------->| | 4. |---2001:dba::1----------->| | 5. | | | 6. | |--TCP SYN, IPv6--->X | 7. | |--TCP SYN, IPv6--->X | 8. | |--TCP SYN, IPv6--->X | 9. | | | 10. | |--TCP SYN, IPv4------->| 11. | |<-TCP SYN+ACK, IPv4----| 12. | |--TCP ACK, IPv4------->| Figure 1: Existing behavior message flow The client obtains the IPv4 and IPv6 records for the server (1-4). The client attempts to connect using IPv6 to the server, but the IPv6 path is broken (6-8), which consumes several seconds of time. Eventually, the client attempts to connect using IPv4 (10) which succeeds. 4. Client Recommendations To provide fast connections for users, clients should make connections quickly over various technologies, automatically tune Wing & Yourtchenko Expires April 28, 2011 [Page 4]
Internet-Draft Happy Eyeballs Dual Stack October 2010 itself to avoid flooding the network with unnecessary connections (i.e., for technologies that have not made successful connections), and occasionally flush its self-tuning. 4.1. IPv6 If a TCP client supports IPv6 and IPv4 and is connected to IPv4 and IPv6 networks, it can perform the procedures described in this section. DNS Server Client Server | | | 1. |<--www.example.com A?-----| | 2. |<--www.example.com AAAA?--| | 3. |---192.0.2.1------------->| | 4. |---2001:dba::1----------->| | 5. | | | 6. | |==TCP SYN, IPv6===>X | 7. | |--TCP SYN, IPv4------->| 8. | |<-TCP SYN+ACK, IPv4----| 9. | |--TCP ACK, IPv4------->| 10. | |==TCP SYN, IPv6===>X | Figure 2: Happy Eyeballs flow 1, IPv6 broken In diagram above, the client sends two TCP SYNs at the same time over IPv6 (6) and IPv4 (7). In the diagram, the IPv6 path is broken but has little impact to the user because there is no long delay before using IPv4. The IPv6 path is retried until the application gives up (10). DNS Server Client Server | | | 1. |<--www.example.com A?-----| | 2. |<--www.example.com AAAA?--| | 3. |---192.0.2.1------------->| | 4. |---2001:dba::1----------->| | 5. | | | 6. | |==TCP SYN, IPv6=======>| 7. | |--TCP SYN, IPv4------->| 8. | |<=TCP SYN+ACK, IPv6====| 9. | |<-TCP SYN+ACK, IPv4----| 10. | |==TCP ACK, IPv6=======>| 11. | |--TCP ACK, IPv4------->| 12. | |--TCP RST, IPv4------->| Figure 3: Happy Eyeballs flow 2, IPv6 working Wing & Yourtchenko Expires April 28, 2011 [Page 5]
Internet-Draft Happy Eyeballs Dual Stack October 2010 The diagram above shows a case where both IPv6 and IPv4 are working, and IPv4 is abandoned (12). This section details how to provide robust dual stack service for both IPv6 and IPv4, so that the user perceives very fast application response. The TCP client application is configured with one value, P. A positive value indicates a preference for IPv6 and a negative value indicates a preference for IPv4. A value of 0 indicates equal weight, which means the A and AAAA queries and associated connection attempts will be sent as quickly as possible. The absolute value of P is the measure of a delay before initiating a connection attempt on the other address family. There are two P values maintained: one is application-wide and the other is specific per each destination (hostname and port). The algorithm attempts to delay the DNS query until it expects that address family will be necessary; that is, if the preference is towards IPv6, then AAAA will be queried immediately and the A query will be delayed. The TCP client application starts two threads in order to minimize the user-noticeable delay ("dead time") during the connection attempts: thread 1: (IPv6) * If P<0, wait for absolute value of p*10 milliseconds * send DNS query for AAAA * wait until DNS response is received * Attempt to connect over IPv6 using TCP thread 2: (IPv4) * if P>0, wait for p*10 milliseconds * send DNS query for A * wait until DNS response is received * Attempt to connect over IPv4 using TCP The first thread that succeeds returns the completed connection to the parent code and aborts the other thread (Section 4.2.2). Wing & Yourtchenko Expires April 28, 2011 [Page 6]
Internet-Draft Happy Eyeballs Dual Stack October 2010 After a connection is successful, we want to adjust the application- wide preference and the per-destination preference. The value of P is incremented (decremented) each time an IPv6 (IPv4) connection is successfully made. When a connection using the less-preferred address family is successful, it indicates the wrong address family was used and the P is halved: o If P>0 (indicating IPv6 is preferred over IPv4) and the first thread to finish was the IPv6 thread it indicates the IPv6 preference is correct and we need to re-enforce this by increasing the application-wide P value by 1. However, if the first thread to finish was the IPv4 thread it indicates an IPv6 connection problem occurred and we need to aggressively prefer IPv4 more by halving P and rounding towards 0. o If P<0 (indicating IPv4 is preferred over IPv6) and the first thread to finish was the IPv4 thread it indicates the preference is correct and we need to re-enforce this gently by decreasing the application-wide P value by 1. However, if the first thread to finish was the IPv6 thread it indicates an IPv4 connection problem and we need to aggressively avoid IPv4 by halving P and rounding towards 0. o If P=0 (indicating equal preference), P is incremented if the first thread to complete was the IPv6 thread, or decremented if the first thread to complete was the IPv4 thread. After adjusting P, it should never be larger than 4 seconds -- which is similar to the value used by many IPv6-capable TCP client applications to switch to an alternate A or AAAA record. Note: Proof of concept tests on fast networks show that even smaller value (around 0.5 seconds) is practical. More extensive testing would be useful to find the best upper boundary that still ensures a good user experience. 4.2. Additional Considerations This section discusses considerations and requirements that are common to new technology deployment. 4.2.1. Additional Network and Host Traffic Additional network traffic and additional server load is created due to these recommendations and mitigated by application-wide and per- destination timer adjustments. The procedures described in this document retain a quality user experience while transitioning from IPv4-only to dual stack. The quality user experience benefits the Wing & Yourtchenko Expires April 28, 2011 [Page 7]
Internet-Draft Happy Eyeballs Dual Stack October 2010 user but to the detriment of the network and server that are serving the user. 4.2.2. Abandon Non-Winning Connections It is RECOMMENDED that the non-winning connections be abandoned, even though they could be used to download content. This is because some web sites provide HTTP clients with cookies (after logging in) that incorporate the client's IP address, or use IP addresses to identify users. If some connections from the same HTTP client are arriving from different IP addresses, such HTTP applications will break. 4.2.3. Flush or Expire Cache Because every network has different characteristics (e.g., working or broken IPv6 connectivity) the IPv6/IPv4 preference value (P) SHOULD be reset to its default whenever the host is connected to a new network ([cx-osx], [cx-win]). However, in some instances the application and the host are unaware the network connectivity has changed so it is RECOMMENDED that per-destination values expire after 10 minutes of inactivity. 4.2.4. Determining Address Type [[[ IS THIS SECTION NECESSARY ?? For some transitional technologies such as a dual-stack host, it is easy for the application to recognize the native IPv6 address (learned via a AAAA query) and the native IPv4 address (learned via an A query). For other transitional technologies [RFC2766] it is impossible for the host to differentiate a transitional technology IPv6 address from a native IPv6 address (see Section 4.1 of [RFC4966]). Replacement transitional technologies are attempting to bridge this gap. It is necessary for applications to distinguish between native and transitional addresses in order to provide the most seamless user experience. ]]] 4.2.5. Debugging and Troubleshooting This mechanism is aimed to help the user experience in case of connectivity problems. However, this precise reason also makes it tougher to use these applications as a means of the verification that the problems are fixed. To assist in that regard, the applications implementing the proposal in this document SHOULD also provide a mechanism to temporarily use only one address family. Wing & Yourtchenko Expires April 28, 2011 [Page 8]
Internet-Draft Happy Eyeballs Dual Stack October 2010 4.2.6. DNS Behavior Unique to DNS AAAA queries are the problems described in [RFC4074] which, if they still persist, require applications to perform an A query before the AAAA query. [[Editor's Note: It is believed these defective DNS servers have long since been upgraded. If so, we can remove this section.]] 4.2.7. Thread safe DNS resolvers Some applications and some OSs do not have thread safe DNS resolvers, which complicates implementation of simultaneous A and AAAA queries for IPv4/IPv6. 4.2.8. Middlebox Issues Some devices are known to exhibit what amounts to a bug, when the A and AAAA requests are sent back-to-back over the same 4-tuple, and drop one of the requests or replies [DNS-middlebox]. However, in some cases fixing this behaviour may not be possible either due to the architectural limitations or due to the administrative constraints (location of the faulty device is unknown to the end hosts or not controlled by the end hosts). The algorithm described in this draft, in the case of this erroneous behaviour will eventually pace the queries such that this issue is will be avoided. The algorithm described in this draft also avoids calling the operating system's getaddrinfo() with "any", which should prevent the operating system from sending the A and AAAA queries on the same port. 4.2.9. Multiple Interfaces Interaction of the suggestions in this document with multiple interfaces, and interaction with the MIF working group, is for further study. 4.3. Content Provider Recommendations Content providers SHOULD provide both AAAA and A records for servers using the same DNS name for both IPv4 and IPv6. 4.4. Security Considerations [[Placeholder.]] See Section 4.2.2. Wing & Yourtchenko Expires April 28, 2011 [Page 9]
Internet-Draft Happy Eyeballs Dual Stack October 2010 4.5. Acknowledgements The mechanism described in this paper was inspired by Stuart Cheshire's discussion at the IAB Plenary at IETF72, the author's understanding of Safari's operation with SRV records, Interactive Connectivity Establishment (ICE [RFC5245]), and the current IPv4/IPv6 behavior of SMTP mail transfer agents. Thanks to Fred Baker, Jeff Kinzli, Christian Kuhtz, and Iljitsch van Beijnum for fostering the creation of this document. Thanks to Scott Brim and Stig Venaas for providing feedback on the document. 4.6. IANA Considerations This document has no IANA actions. 5. References 5.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. 5.2. Informational References [DNS-middlebox] Various, "DNS middlebox behavior with multiple queries over same source port", June 2009, <https://bugzilla.redhat.com/show_bug.cgi?id=505105>. [RFC2766] Tsirtsis, G. and P. Srisuresh, "Network Address Translation - Protocol Translation (NAT-PT)", RFC 2766, February 2000. [RFC4074] Morishita, Y. and T. Jinmei, "Common Misbehavior Against DNS Queries for IPv6 Addresses", RFC 4074, May 2005. [RFC4966] Aoun, C. and E. Davies, "Reasons to Move the Network Address Translator - Protocol Translator (NAT-PT) to Historic Status", RFC 4966, July 2007. [RFC5245] Rosenberg, J., "Interactive Connectivity Establishment (ICE): A Protocol for Network Address Translator (NAT) Traversal for Offer/Answer Protocols", RFC 5245, April 2010. Wing & Yourtchenko Expires April 28, 2011 [Page 10]
Internet-Draft Happy Eyeballs Dual Stack October 2010 [cx-osx] Adium, "AIHostReachabilityMonitor", June 2009, <https://bugzilla.redhat.com/show_bug.cgi?id=505105>. [cx-win] Microsoft, "NetworkChange.NetworkAvailabilityChanged Event", June 2009, <http://msdn.microsoft.com/en-us/ library/ system.net.networkinformation.networkchange.networkavailab ilitychanged.aspx>. [whitelist] Google, "Google IPv6 DNS Whitelist", March 2008, <http://www.google.com/intl/en/ipv6>. Authors' Addresses Dan Wing Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Email: dwing@cisco.com Andrew Yourtchenko Cisco Systems, Inc. De Kleetlaan, 7 San Jose, Diegem B-1831 Belgium Email: ayourtch@cisco.com Wing & Yourtchenko Expires April 28, 2011 [Page 11]