[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
IPv4-only network and your Linux host operates a dual IPv4/IPv6 stack ... Re: BerkeleyLUG, have AC power, Wi-Fi & Internet ...
- To: BerkeleyLUG <berkeleylug@googlegroups.com>
- Subject: IPv4-only network and your Linux host operates a dual IPv4/IPv6 stack ... Re: BerkeleyLUG, have AC power, Wi-Fi & Internet ...
- From: "Michael Paoli" <Michael.Paoli@cal.berkeley.edu>
- Date: Tue, 15 Oct 2019 18:46:24 -0700
- Arc-authentication-results: i=2; gmr-mx.google.com; spf=neutral (google.com: 198.144.192.42 is neither permitted nor denied by best guess record for domain of michael.paoli@cal.berkeley.edu) smtp.mailfrom=Michael.Paoli@cal.berkeley.edu
- Arc-authentication-results: i=1; gmr-mx.google.com; spf=neutral (google.com: 198.144.192.42 is neither permitted nor denied by best guess record for domain of michael.paoli@cal.berkeley.edu) smtp.mailfrom=Michael.Paoli@cal.berkeley.edu
- Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:user-agent :content-disposition:mime-version:in-reply-to:references:subject:to :from:date:message-id:sender:dkim-signature; bh=Pw+is7Rn7eyO7DIpCyF7XAMCTKrVvoQTD0IBjwrfwOo=; b=zwfaP9N0a5gzbAs8DRklYmPc/4lEIrfGIC6ogC65ujPNHmb+JgIlDFs+PlReDIrdgS b9KHOka36swcLpBZyuhG67IXDeouDdKvKheH2Xy3ws5JrFOILXs7q0ZXWgxQACPBxeqw 7C2GQtEp3AcdejacKTGnxPeapYgeHjnm9Rfwzksj9T6a0CFuJz/sIMxA7yE8s6N6jkrw +/wtT50KCG2+debGpyYb27/U2RbQJZPFrb8XYgLl+OdNwhMB4p2K+lGDTi/5aJsUUR0U fq5CLuN6Vq233lbIi0LJyZrv39XcSMXP3DzkDg1nOBAWl21Luoj8U72FnqfMmHnf3Ipv 7nVQ==
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=user-agent:content-transfer-encoding:content-disposition :mime-version:in-reply-to:references:subject:to:from:date:message-id; bh=ac9B25T5cH9jIk7KTqi1u3plrCJPtCdDHzN1tTcjI/M=; b=bua5Je+zOlQ4cgxE3L51e9agLuSPNXg37gtGBtUqW4SQHQbUF7sAq0sD2pGZHsJypp WOmRwr6FN3WYT6m2McFHbVODpfCmD8Kl9cgb0Zg/bgS7zRAbboTmLCDbZh/N2MVE2UiD vkFMboZhhdpX0FyxzG2CLb733ytJ5gMLf7Fr3QQd5E5tGq/NyZVFqEfK5m3eorl9OUNi SmsYpkYlQlESoy/Rs9jlHpWweepywQmbZv03ZsrNl56qn3p5gzA/yXN3BETu/PEmlzLr mSqnikwTO7HhhqyvpLHlYP8TR/zfNfmWCFL2Prv/9qpeNWQIUCWjokdysNAvv3hmOVVl b22w==
- Arc-seal: i=2; a=rsa-sha256; t=1571190386; cv=pass; d=google.com; s=arc-20160816; b=i2kW2BzKxXVu0KHrdsxhjqP+kX8fzg5irVwuQEKdPIxRdvqqv5+YKSnna2hx8OcFj3 sz7lN8qYRsVElSYEgjxIRVessmlDOrK7Yfb6PujnVBXwAxnG9fQ7G7a2YC4RLeKgxtAI rtXSeQa98G3roFmt+W4RgsBbKt57OePlmv4ScxsZD44migN/eypAcxcxB31RmUkzCtOH pFa6nSD7yiRnIaUyJiTZ9PrSgEPBlExvcbOmKWvpVnx3coRuJasvh9RObSg+PUkYXD/n GQlgEYouSYFeKz+s7xAU8R0joYR0D5muLagFLwWIZUn7z99bUtYR3U6IaTZ8VARncPrH efhQ==
- Arc-seal: i=1; a=rsa-sha256; t=1571190385; cv=none; d=google.com; s=arc-20160816; b=TA1/l9hZyWZXvi30AYLzGpOg+FPPRind8RmcOYne3+6DaUbeJXjLGiTiaVC8jvI5YR aiqG9tYvzA/tVd8YTAqywOVSc5i+Oia+BOHFOQIZG5mKKHrKens8QYFxXIxYjvoSqchQ hmflk52ksmFRF/r01J7PCBlB3KEbnERwqkhi59I/KHml2ajV6g00m/fdHu5lJGNOuW4t gPsl0utGxho3UUnLARP4Cfa2WMZDwvk1KxSdq8tnIAuIpUlkkJbAb/3xow7r/EkdHkRP PqWCxdHcom6tWPja0un4jAFaHlkE+LV7NtPwVR9jSnQkWt4K+Y5aDc1qUB+KVcIxR4qP 5/gA==
- Delivered-to: historian@entropia.netisland.net
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:message-id:date:from:to:subject:references:in-reply-to :mime-version:content-disposition:user-agent:x-original-sender :x-original-authentication-results:reply-to:precedence:mailing-list :list-id:list-post:list-help:list-archive:list-subscribe :list-unsubscribe; bh=Pw+is7Rn7eyO7DIpCyF7XAMCTKrVvoQTD0IBjwrfwOo=; b=nTNKNWxsJb3DMy8XWZNENhswuBXmxih4fshUnNkzL1zF7dKoU3vZS1BssHOpjPt7Zd sl6IRIpZb3HLGoOwuA/ACNbrwr5ug1xjjgQT7bDhQWj4hHL6/mRiUG8SQfPsxvGLYRWi +Wx0WZ1KaFbRSEXkBviMTKs3art2zSzhjvMBQz4VVlCEUzNDgjuIoHZNjx+WHBzEeDPf XY7V9OexoOPU4TB1O4GqHnaI+JYRKLqXEtGwy3nkHxmEaSuxTvxa5XWbvJPchrHVfGG5 KPI/37rjCT0DvuXN5lOMMRtslVclDeZH0wk8cNbGELhZbKSRDakc7ANRBY1qbGQOzArb UBgw==
- In-reply-to: <20191015214353.GC12847@linuxmafia.com>
- List-archive: <https://groups.google.com/group/berkeleylu>
- List-help: <https://groups.google.com/support/>, <mailto:berkeleylug+help@googlegroups.com>
- List-id: <berkeleylug.googlegroups.com>
- List-post: <https://groups.google.com/group/berkeleylug/post>, <mailto:berkeleylug@googlegroups.com>
- List-subscribe: <https://groups.google.com/group/berkeleylug/subscribe>, <mailto:berkeleylug+subscribe@googlegroups.com>
- List-unsubscribe: <mailto:googlegroups-manage+61884646931+unsubscribe@googlegroups.com>, <https://groups.google.com/group/berkeleylug/subscribe>
- Mailing-list: list berkeleylug@googlegroups.com; contact berkeleylug+owners@googlegroups.com
- References: <20191013131613.453923fwv6mbexwk@webmail.rawbw.com> <CAGpvfsouiU-TwNWwTzA11ZTFcZBH40RUy4P7oC9nKm=8dDr5kg@mail.gmail.com> <20191015214353.GC12847@linuxmafia.com>
- Reply-to: berkeleylug@googlegroups.com
- Sender: berkeleylug@googlegroups.com
- User-agent: Internet Messaging Program (IMP) H3 (4.2.1-RC1)
Well, yes and no. ;-) (who could'a guessed I would say that?).
dual stack IPv4/IPv6 generally doesn't cause issues
*in-and-of-itself* ... but it *can* (often mostly indirectly)
cause lots of issues/headaches ... in certain circumstances.
In general (at least it's a nice theory!) dual stack is not an
issue, and on well behaved networks, and with reasonably well behaved
clients, it's not. Ah, but therein lies the rub.
Earlier in the IPv6 days, there were many many many buggy clients
(and other IPv6 bugginess) ... thankfully most of that is quite gone.
Nowadays, most of the issues are with networks and firewalls.
E.g. fairly common issue. Dual stack network environment, client hosts
given IPv4 & IPv6 addresses and routes ... so far so good.
But, alas, *access* (or further routing thereof) very different,
e.g. connectivity to TCP pots 80 & 443 works great on IPv4,
but alas, fails on IPv6 because somebody put firewalls in (e.g. in
$work environment) that are passing IPv4 to TCP ports 80 & 443, but
not passing IPv6 traffic to TCP ports 80 & 443. Now of course, e.g.
typically browser client, has no way to know the firewalls are not only
quite unfriendly in that regard, but quite inconsistently so and
discriminating against IPv6. So client has no reason not to treat
IPv4 & IPv6 equally ... so it tries ... and
maybe about half the time or so it tries IPv6 ... and it fails, ... so,
having IPv4 also (in general case), it likely retries over IPv4 ... but that
can add lots of latency as all the IPv6 failures are waited on, timed
out, then retried over IPv6 ... and with no "memory" - in general,
on the part of the client or client's operating system, to move towards
favoring IPv4. (The situation could also be reversed regarding IPv4 and
IPv6, but that's not as common).
So, ... how to fix that? Well, first, what *not* to do.
Don't disable IPv6. These days, there's really no reason not
to (also) be running IPv6. If/where it gives one grief, treat
that as a bug - and fix it - or as necessary/appropriate, work around
the issue until it's fixed. Disabling IPv6 effectively hides all those
issues, rather than leaving them where they can at least be checked on,
and work-arounds dropped as things get fixed.
And, more specifically on client? One can do things like use a -4 (or -6)
flag in many cases, or adjust relevant configuration file(s) to favor
IPv4, or favor it communicating to certain servers or over certain routes.
One can also drop the non-local routable IPv6 IPs - at least in more
severe cases - or drop certain routes. If the host can't route there via
IPv6 - and knows that based on its own routing information, then it
can't and won't even try IPv6 for that. But there's, e.g. no reason
whatsoever to disable local and non-routable IPv6. At present for
current supported operating systems, that should be considered an
integral part of the operating system, and shouldn't be disabled.
And for the most part, all those local and non-routable bits work
find these days - quite to highly rare anyone still runs into quite
significant issues still remaining there on most anything that's
current, supported, and reasonably mainstream.
Anyway, your mileage/experiences may vary ;-) ... but that's at least
approximately as I see it at the present time.
From: "Rick Moen" <rick@linuxmafia.com>
Subject: Re: BerkeleyLUG, have AC power, Wi-Fi & Internet ...
Date: Tue, 15 Oct 2019 14:43:53 -0700
Quoting tom r lopes (tomrlopes@gmail.com):
Ipv4 good but maybe a bit of latency :-).
If you're on an IPv4-only network and your Linux host operates a dual
IPv4/IPv6 stack, you can run into a situation where your host
continually attempts an IPv6 socket, waits for timeout, connection
fails, and only then attempts fallback to IPv4. This is super-annoying,
dumb behaviour, of course, but might (or might not) be what you
perceived as 'maybe a bit of latency'.
To test, do an experimental 'dig' across the Internet with the IPv4-only
flag. It's the '-4' flag, and there's a corresponding '-6' flag for
IPv6-only.
If that test reveals your stuck in the dumb-fallback scenario, there
are ways to force your stack (for that time period) to do IPv4-only.
I'm not going to spend time looking that up now, yet again, but it's
not difficult.
--
You received this message because you are subscribed to the Google Groups "BerkeleyLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to berkeleylug+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/berkeleylug/20191015184624.1253381nf0q2u3cw%40webmail.rawbw.com.