From owner-freebsd-stable@freebsd.org Thu Oct 10 03:20:11 2019 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D494B140691 for ; Thu, 10 Oct 2019 03:20:11 +0000 (UTC) (envelope-from jdc@koitsu.org) Received: from mambo.koitsu.org (mambo.koitsu.org [172.81.177.231]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 46pbtg0zdMz4Sd5 for ; Thu, 10 Oct 2019 03:20:10 +0000 (UTC) (envelope-from jdc@koitsu.org) Date: Wed, 9 Oct 2019 20:13:39 -0700 From: Jeremy Chadwick To: freebsd-stable@freebsd.org Subject: Re: [HEADSUP] Re: Is IPV6 option still necessary? Message-ID: <20191010031339.GA69497@koitsu.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.12.2 (2019-09-21) X-Rspamd-Queue-Id: 46pbtg0zdMz4Sd5 X-Spamd-Bar: +++++ X-Spamd-Result: default: False [5.73 / 15.00]; ARC_NA(0.00)[]; FAKE_REPLY(1.00)[]; NEURAL_HAM_MEDIUM(-0.85)[-0.846,0]; FAKE_REPLY_C(6.00)[]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:172.81.177.231]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; MIME_TRACE(0.00)[0:+]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.93)[-0.926,0]; IP_SCORE(0.31)[asn: 174(1.58), country: US(-0.05)]; DMARC_POLICY_ALLOW(-0.50)[koitsu.org,quarantine]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:174, ipnet:172.81.176.0/21, country:US]; MID_RHS_MATCH_FROM(0.00)[]; GREYLIST(0.00)[pass,body] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Oct 2019 03:20:11 -0000 > Now we can get back on the ipv6 option. > > so if we want to proceed further in removing the option to build with or without > ipv6 for the ports side. Please speak up in reply to this email, if you are > building without ipv6, why are you doing so, what are the real benefit for it. > How bad it will impact you if we do remove that option? Whenever I use ports over FreeBSD-provided packages (or to use ports to build my own packages), I often disable IPV6 support. The lengthy response below should explain why. In short: the IPV6 option is useful and important. Please keep it. In length: I think anyone operating in the Real World knows quite well that IPv6 is still treated as a third-class citizen when it comes to both general connectivity/reliability* and general use cases code-wise**. It's still very much in utero; or a toddler, if you will. When you encounter IPv6 vs. IPv4 prioritisation issues, they are painful and annoying. No user or administrator is going to sit for hours fiddling with it all to restore things to a working state when simply removing IPv6 relieves the problem permanently. Time and time again I see companies advertising AAAA records and webservers listening on IPv6 yet IPv6 transit fails but their A/IPv4 endpoint works fine. It's the dual-stack nature that makes a lot of this worse than it should be. (I do think this subject should be re-visited once the world as a whole starts to seriously decommission IPv4, though. Yes I'm serious.) I've worked for several companies that are IPv4-only, where the belief (and one I share) is that IPv6-only clients have some 6-to-4-ish gateway/NAT somewhere upstream, otherwise they wouldn't be able to reach most of the Internet. IPv4 NAT still works for the majority of use cases still as of 2019. Furthermore, faux-political statements like "IPv6 is more widely used than 2012" should be ignored and facts reiterated: IPv6 adoption is around 25% as of mid-2019. And it's taken over 10 years to reach that. IPv4 is also well-understood, and not, as Dave Horsfall accurately described, "a horse designed by a committee"; people are still trying to wrap their head around IPv6 NDP/RA, SLAAC, and a myriad of other things (dare I mention syntax?). It's this which explains the sluggish adoption rate. And yes, I am well-aware of how important IPv6 is in other regions, particularly Asia. I am not belittling that need at all. But not everyone globally has the same needs. What should really be asked for is the opposite: for the FreeBSD ports folks to justify its removal. How is this hurting you on a daily basis? Is there a large percentage of Mk/ framework bits causing you pain? Are the bulk of per-port patches inducing maintainer grief? At what scale is this impacting you? In 7 years (since the OP picked 2012), how much time has been spent by maintainers ensuring IPV6=true works for their port(s)? Are you truly OK throwing away the integration work done by many, many people (not just Project members!) over the past N years (see: per-port patches), and forcing people who still need the option to make their own ports tree to retain it? Here's some harsh advice for the FreeBSD Project: quit changing shit for sake of change, often masked by lies like "XXX is stagnant/old" or similarly fallacious and loaded statements. The project (both src and ports, but especially ports) have lost many very good people in the past 10+ years (and I'm not talking about me) *because* of that change for sake of change mindset -- the same mindset driving this request! It's changes like this that drive people away from FreeBSD. Really. It's the same mindset that provoked people to stop using Linux distros due to systemd integration. I will not be replying to this thread past this point. I have said all that I care to say / spent enough time on it. Just please stop hurting administrators and end users with proposals/actions like this. * - Real-world IPv6 failures impacting end users tend to be higher than IPv4; this is anecdotal on my part, but I have a myriad of peers who have had to disable IPv6 for similar reasons. The IPv4 fallback in software (both userland apps and network stacks) does not always work "correctly". Just go see how often IPv6 failures/issues are reported on both NANOG and the outages@ mailing list. And yes I am quite aware that a good portion of the Internet backbone at this point is IPv6 (that's nice, and not what we're talking about here). ** - I still continue to see open-source software committing major fixes to AF_INET6 related code bits. Major pieces of software include curl, wget, Busybox, DNS servers (pick one!), and ntp... just for starters. -- | Jeremy Chadwick jdc@koitsu.org | | UNIX Systems Administrator PGP 0x2A389531 | | Making life hard for others since 1977. |