[ipv6hackers] Happy eyeballs standards (was Re: Windows 7/2008 R2 Improved Resilliency to IPv6 Floods)

[Karl Auer]

On Wed, 2013-04-17 at 16:12 -0700, Andrew Yourtchenko wrote:
> re. "sample code for happy eyeballs"
> [...]
>  I decided against it - way too cludgy.

Good.

> One thought I had which might make this a bit tractable is to suggest a
> model that would separate the DNS lookup/connection establishment into a
> separate process, and use some more or less portable mechanism [1] to pass
> the file descriptors around..

Can I suggest going further towards abstraction? Develop a mechanism
that splits policy from implementation, and allow the policy to be
passed into the connection establishment. Policy would include things
like:

 - allow IPv6
 - allow IPv4
 - prefer IPv6 over IPv4  (yes, no, don't care)
 - how many simultaneous attempts to make
 - how long to wait
 - how many retries
 - etc

By having separate policies, applications can set up their own, allow
the user to configure custom policies and so on. With careful design,
you could have policies that are deterministic, others that are not and
so forth. For example, in a support situation the user could simply
switch to a single-protocol policy, even a single-address policy, and
try again.

> But I am very much divided from the security PoV - this delegates all the
> connection authority to a separate process

Having a policy step puts control of that connection process into the
user's hands. The default should be extremely conservative.

> What do the folks think - would such a project be useful ?

I think an expressive, effective, extensible policy system would be very
helpful on its own.

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389

GPG fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
Old fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017