[HEADSUP] Re: Is IPV6 option still necessary?

[Baptiste Daroussin]

On Thu, Oct 10, 2019 at 06:02:23PM -0700, Jeremy Chadwick via freebsd-ports wrote:
> > Now we can get back on the ipv6 option.
> > 
> > so if we want to proceed further in removing the option to build with or without
> > ipv6 for the ports side. Please speak up in reply to this email, if you are
> > building without ipv6, why are you doing so, what are the real benefit for it.
> > How bad it will impact you if we do remove that option?
> 
> Whenever I use ports over FreeBSD-provided packages (or to use ports to
> build my own packages), I often disable IPV6 support.  The lengthy
> response below should explain why.
> 
> In short: the IPV6 option is useful and important.  Please keep it.
> 
> In length: I think anyone operating in the Real World knows quite well
> that IPv6 is still treated as a third-class citizen when it comes to
> both general connectivity/reliability* and general use cases
> code-wise**.  It's still very much in utero; or a toddler, if you will.
> 
> When you encounter IPv6 vs. IPv4 prioritisation issues, they are painful
> and annoying.  No user or administrator is going to sit for hours
> fiddling with it all to restore things to a working state when simply
> removing IPv6 relieves the problem permanently.  Time and time again I
> see companies advertising AAAA records and webservers listening on IPv6
> yet IPv6 transit fails but their A/IPv4 endpoint works fine.  It's the
> dual-stack nature that makes a lot of this worse than it should be.  (I
> do think this subject should be re-visited once the world as a whole
> starts to seriously decommission IPv4, though.  Yes I'm serious.)
> 
> I've worked for several companies that are IPv4-only, where the belief
> (and one I share) is that IPv6-only clients have some 6-to-4-ish
> gateway/NAT somewhere upstream, otherwise they wouldn't be able to reach
> most of the Internet.  IPv4 NAT still works for the majority of use
> cases still as of 2019.
> 
> Furthermore, faux-political statements like "IPv6 is more widely used
> than 2012" should be ignored and facts reiterated: IPv6 adoption is
> around 25% as of mid-2019.  And it's taken over 10 years to reach that.
> 
> IPv4 is also well-understood, and not, as Dave Horsfall accurately
> described, "a horse designed by a committee"; people are still trying to
> wrap their head around IPv6 NDP/RA, SLAAC, and a myriad of other things
> (dare I mention syntax?).  It's this which explains the sluggish
> adoption rate.
> 
> And yes, I am well-aware of how important IPv6 is in other regions,
> particularly Asia.  I am not belittling that need at all.  But not
> everyone globally has the same needs.
> 
> What should really be asked for is the opposite: for the FreeBSD ports
> folks to justify its removal.
> 
> How is this hurting you on a daily basis?  Is there a large percentage
> of Mk/ framework bits causing you pain?  Are the bulk of per-port
> patches inducing maintainer grief?  At what scale is this impacting you?
> In 7 years (since the OP picked 2012), how much time has been spent by
> maintainers ensuring IPV6=true works for their port(s)?  Are you truly
> OK throwing away the integration work done by many, many people (not
> just Project members!) over the past N years (see: per-port patches),
> and forcing people who still need the option to make their own ports
> tree to retain it?
> 
> Here's some harsh advice for the FreeBSD Project: quit changing shit for
> sake of change, often masked by lies like "XXX is stagnant/old" or
> similarly fallacious and loaded statements.  The project (both src and
> ports, but especially ports) have lost many very good people in the past
> 10+ years (and I'm not talking about me) *because* of that change for
> sake of change mindset -- the same mindset driving this request!  It's
> changes like this that drive people away from FreeBSD.  Really.  It's
> the same mindset that provoked people to stop using Linux distros due
> to systemd integration.
> 
> I will not be replying to this thread past this point.  I have said all
> that I care to say / spent enough time on it.  Just please stop hurting
> administrators and end users with proposals/actions like this.
> 
> * - Real-world IPv6 failures impacting end users tend to be higher
> than IPv4; this is anecdotal on my part, but I have a myriad of peers
> who have had to disable IPv6 for similar reasons.  The IPv4 fallback in
> software (both userland apps and network stacks) does not always work
> "correctly".  Just go see how often IPv6 failures/issues are reported on
> both NANOG and the outages@ mailing list.  And yes I am quite aware that
> a good portion of the Internet backbone at this point is IPv6 (that's
> nice, and not what we're talking about here).
> 
> ** - I still continue to see open-source software committing major fixes
> to AF_INET6 related code bits.  Major pieces of software include curl,
> wget, Busybox, DNS servers (pick one!), and ntp... just for starters.
> 

Let's get on the long version, but that one is the most useful for me ;), and
skipping the free trolling because it brings nothing to the discussion we are
have here.

The main problem with the ipv6 option right now, is that it does not really make
sense anymore, as most of the application are friendly with both and do not
provide anymore a build switch to disable v6 at build time. Actually plenty
of them don't know they can and they do use both at the same time, as it
is transparent to them. Leaving to the administrator/users the ability to
disable ipv6 at the OS level (runtime) and nothing as to be done at the
application level.. Other than that the ipv6 option is not spread correctly
over the ports tree, depending the maintainer they do add the option or not.

The goal of removing this option if we do (and nothing has been decided yet
here). is to stop misleading users who disable it by making them think this
option is actually entirely disabling ipv6 support in ports which is it clearly
not.

Side note that if you do disable ipv6 at runtime on your os, you won't hit the
ipv6 bugs in the software you do use, so you will reach the same point as if you
had disable entirely at build time ipv6 in every of the portswhere it is
possible.

Best regards,
Bapt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20191011/00f9f9fb/attachment.sig>