Re: [Bloat] mDNS

Re: [Bloat] mDNS

[Rich Brown]

[-- Attachment #1: Type: text/plain, Size: 774 bytes --]


> Avoid the WAN port's DHCP assigned subnet (what if the ISP uses 
> 192.168.1.0/24?)
> 
> ...
> 
> Exactly! There are no rules about what subnet range an ISP's gear will assign to DHCP devices.


@Mark Andrews and @Kenneth Porter... I apologize for any confusion caused by my slightly ambiguous language. In both cases, I was referring to the DHCP address/subnet assigned to the OpenWrt router's WAN port, by the ISP's gear. This will be an RFC1918 address by default.

But my point is that the OpenWrt router has no way to predict what address/subnet will be assigned to its WAN port. Consequently, at boot-time, OpenWrt should simply choose some different subnet for its LAN subnet(s), and then advertise an mDNS name.

Does this make sense? Thanks.

Rich

[-- Attachment #2: Type: text/html, Size: 2003 bytes --]

Re: [Bloat] mDNS

[Juliusz Chroboczek]

> But my point is that the OpenWrt router has no way to predict what
> address/subnet will be assigned to its WAN port.

In principle, the ISP should assign either a global address, or an address in
the range 100.64.0.0/10 (RFC 6598).  This range was deliberately chosen to
not collide with RFC 1918 space, so that the NAT box can choose any RFC 1918
prefix on its downstream interfaces.

In practice, however, ISPs don't necessarily obey the RFCs, and people do
chain NAT boxes, so none of the above is guaranteed.

> Consequently, at boot-time, OpenWrt should simply choose some different
> subnet for its LAN subnet(s), and then advertise an mDNS name.

I'm not sure how that could happen at boot time, it would need to happen
whenever a DHCPv4 lease changes.  This implies that the router might need
to renumber if the ISP changes its allocation, and there are no
renumbering procedures for IPv4 (I'm not sure if anyone implements RFC 3203).

It would also make addressing non-deterministic, which would make
debugging slightly more difficult.  But then, we already have
non-deterministic addressing in IPv6, so I guess that's something we can
live with.

-- Juliusz

Re: [Bloat] mDNS

[David Lang]

On Wed, 28 Feb 2024, Juliusz Chroboczek via Bloat wrote:

>> But my point is that the OpenWrt router has no way to predict what
>> address/subnet will be assigned to its WAN port.
>
> In principle, the ISP should assign either a global address, or an address in
> the range 100.64.0.0/10 (RFC 6598).  This range was deliberately chosen to
> not collide with RFC 1918 space, so that the NAT box can choose any RFC 1918
> prefix on its downstream interfaces.
>
> In practice, however, ISPs don't necessarily obey the RFCs, and people do
> chain NAT boxes, so none of the above is guaranteed.

chaining NAT boxes is very common, too many ISPs don't give you anything other 
than a NAT address from their router

>> Consequently, at boot-time, OpenWrt should simply choose some different
>> subnet for its LAN subnet(s), and then advertise an mDNS name.
>
> I'm not sure how that could happen at boot time, it would need to happen
> whenever a DHCPv4 lease changes.  This implies that the router might need
> to renumber if the ISP changes its allocation, and there are no
> renumbering procedures for IPv4 (I'm not sure if anyone implements RFC 3203).

it's unusual for the network block to change on a renewal, and in that rare case 
you could reboot the router.

> It would also make addressing non-deterministic, which would make
> debugging slightly more difficult.  But then, we already have
> non-deterministic addressing in IPv6, so I guess that's something we can
> live with.

remember, you don't need to randomly pick something, you just need to have a 
couple networks, figure out if one is in use by the WAN and if so pick the 
other.

I will say that 192.168.0 and 192.168.1 are very commonly used, so anything 
other than those a better default

personally, I like 192.168.255 as people tend to forget that's a valid network.

David Lang

> -- Juliusz
> _______________________________________________
> Bloat mailing list
> Bloat@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/bloat

Re: [Bloat] mDNS

[Rich Brown]

[-- Attachment #1: Type: text/plain, Size: 1283 bytes --]

I'm not advocating that we change the default OpenWrt address from 192.168.1.1 That's welded too deeply into our synapses (and documentation). But this proposal will benefit newcomers for the reasons described below.

> On Feb 28, 2024, at 7:17 AM, David Lang <david@lang.hm> wrote:
> 
> remember, you don't need to randomly pick something, you just need to have a couple networks, figure out if one is in use by the WAN and if so pick the other.

Remember, too, that this proposal is designed to solve problems for first-time users. This lets them avoid reading an entire page of documentation that explains how to find their ISP's assigned subnet, and then set their new OpenWrt device LAN to use a different subnet.

This won't affect experienced OpenWrt users. On an initial flash/configuration, they'll know they can use 192.168.1.0/24 because they know their upstream device configuration. Or they can log in using the mDNS name and configure it themselves.

> I will say that 192.168.0 and 192.168.1 are very commonly used, so anything other than those a better default
> 
> personally, I like 192.168.255 as people tend to forget that's a valid network.

So... Is there any reason not to incorporate this into the OpenWrt default build? Thanks again.

-- Rich

[-- Attachment #2: Type: text/html, Size: 4017 bytes --]

Re: [Bloat] mDNS

[Juliusz Chroboczek]

>> I'm not sure how that could happen at boot time, it would need to
>> happen whenever a DHCPv4 lease changes.  This implies that the router
>> might need to renumber if the ISP changes its allocation, and there are
>> no renumbering procedures for IPv4 (I'm not sure if anyone implements
>> RFC 3203).

> it's unusual for the network block to change on a renewal,

At any rate, boot time is too early, since you don't know your
ISP-assigned address at that point.  You really need to delay until DHCPv4
gets a lease.

> and in that rare case you could reboot the router.

You don't need to reboot the router, it can renumber just fine.  You need
to reboot all the client devices (unless they implement DHCPv4 force renew
with nonce authentication, aka RFC 3203).

I'm not saying it's a bad idea, just pointing out some of the edge-cases
that you will need to consider in order to get a robust implementation.

-- Juliusz

Re: [Bloat] mDNS

[Kenneth Porter]

On 2/27/2024 6:31 PM, Matt Taggart via Bloat wrote:
> Also... starting back in the old CeroWRT days I switched to using the 
> 172.16 rfc1918 ranges when I realized that nobody else uses them, and 
> that has been a good way to avoid collisions (but wouldn't work as an 
> openwrt default). 

A customer of my company uses 172.16 subnets at their various locations, 
so it was good that I used a /16 from 10/8 for ours when we need to VPN 
in to work on a customer machine.

At home I use 172.16 subnets for the LAN side of my ISP CPEs with my own 
router in front of them. So my home LAN can be in a 10/8 subnet in spite 
of ATT's restriction.

I reserve 192.168/16 for when I need to plug in some new piece of 
hardware that defaults to that address block.

Re: [Bloat] mDNS

[Matt Taggart]

On 2/27/24 10:52, Rich Brown via Bloat wrote:

> Exactly! There are no rules about what subnet range an ISP's gear will 
> assign to DHCP devices.
> 
> So (I believe) it becomes incumbent on OpenWrt to be smarter than the 
> ISP's router (shouldn't be hard) and pick a separate subnet for its LAN 
> & wireless interface. (Clearly, OpenWrt could default to 192.168.1.0/24, 
> but if that's that range the ISP is using, it could switch to 
> 192.168.2.0/24. I think that's all the flexibility that's required...)

Independent of which orgs are and are not allowed to use rfc1918 
addresses...

I sometimes find myself setting up openwrt routers behind other ISP 
provided NAT'ing routers that use rfc1918 addresses. Example: take a 
travel router on vacation and connect it to a network where I don't have 
any control over the ISP router, but I still want to get the advantages of:
* my ESSID with my password, all my family's wifi devices "just work"
* SQM for all the wifi/wired things I connect to it. Still could 
experience bufferbloat if there are things upstream of my router, but 
often that is zero devices, or just a "smart" tv.
* firewalling all my devices together and away from other suspect stuff

BTW the openwrt bcp38 packages have some automatic rfc1918 detection in 
order to make sure they don't setup a config that breaks in the case 
where WAN is rfc1918.

Also... starting back in the old CeroWRT days I switched to using the 
172.16 rfc1918 ranges when I realized that nobody else uses them, and 
that has been a good way to avoid collisions (but wouldn't work as an 
openwrt default).

-- 
Matt Taggart
matt@lackof.org

Re: [Bloat] mDNS

[Mark Andrews]

> On 28 Feb 2024, at 05:52, Rich Brown via Bloat <bloat@lists.bufferbloat.net> wrote:
> 
> 
> 
>> On Feb 27, 2024, at 12:00 PM, bloat-request@lists.bufferbloat.net wrote:
>> 
>> On 2/26/2024 6:28 AM, Rich Brown via Bloat wrote:
>>> - Avoid the WAN port's DHCP assigned subnet (what if the ISP uses 
>>> 192.168.1.0/24?)
>> 
>> I recently got ATT fiber and its modem won't let me assign from 
>> 10.0.0.0/8! So I put a Raspberry Pi 4 in front of it.
> 
> Exactly! There are no rules about what subnet range an ISP's gear will assign to DHCP devices.

Actually there are rules.  Go read RFC 1918 and you will see it specifically excludes this use.  RFC 1918 addresses are for intra enterprise devices.  CPE devices, by function, are not intra enterprise.  CPE devices are shared devices used by both the ISP and the customer regardless of who owns the hardware.

100.64/10 is an example of a shared space for numbering CPE devices.  It was allocated specifically because RFC 1918 addresses are inappropriate for numbering CPE devices by ISPs.

Mark

> So (I believe) it becomes incumbent on OpenWrt to be smarter than the ISP's router (shouldn't be hard) and pick a separate subnet for its LAN & wireless interface. (Clearly, OpenWrt could default to 192.168.1.0/24, but if that's that range the ISP is using, it could switch to 192.168.2.0/24. I think that's all the flexibility that's required...)
> 
> And then advertise a mDNS name to make it easy for humans to connect. Who would notice?
> 
> - Newcomers wouldn't - they'd just connect and configure as described in the Wiki
> - Grizzled OpenWrt old-timers wouldn't notice either, because they will have set their ISP device to use some other address range.
> 
> Any reason not to build this into OpenWrt? Thanks.
> 
> Rich
> _______________________________________________
> Bloat mailing list
> Bloat@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/bloat

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka@isc.org

Re: [Bloat] mDNS

[Kenneth Porter]

The ISP shouldn't be using an RFC 1918 address for the WAN port, anyway. 
For the management net, one would hope they'd use an IPv6 private link. 
Which should leave all of RFC 1918 available for the customer.

Re: [Bloat] mDNS

[Aaron Wood]

[-- Attachment #1: Type: text/plain, Size: 1740 bytes --]

On Tue, Feb 27, 2024 at 10:52 AM Rich Brown via Bloat <
bloat@lists.bufferbloat.net> wrote:

>
>
> On Feb 27, 2024, at 12:00 PM, bloat-request@lists.bufferbloat.net wrote:
>
> On 2/26/2024 6:28 AM, Rich Brown via Bloat wrote:
>
> - Avoid the WAN port's DHCP assigned subnet (what if the ISP uses
> 192.168.1.0/24?)
>
>
> I recently got ATT fiber and its modem won't let me assign from
> 10.0.0.0/8! So I put a Raspberry Pi 4 in front of it.
>
>
> Exactly! There are no rules about what subnet range an ISP's gear will
> assign to DHCP devices.
>
> So (I believe) it becomes incumbent on OpenWrt to be smarter than the
> ISP's router (shouldn't be hard) and pick a separate subnet for its LAN &
> wireless interface. (Clearly, OpenWrt could default to 192.168.1.0/24,
> but if that's that range the ISP is using, it could switch to
> 192.168.2.0/24. I think that's all the flexibility that's required...)
>

I did exactly this for a product that needed to create its own subnet
inside a house.  It worked well at scale (>1M homes).


And then advertise a mDNS name to make it easy for humans to connect. Who
> would notice?
>

Unfortunately, it can be hard to convince browsers that you’re connecting
to a local DNS name instead of a doing a search.


- Newcomers wouldn't - they'd just connect and configure as described in
> the Wiki
> - Grizzled OpenWrt old-timers wouldn't notice either, because they will
> have set their ISP device to use some other address range.
>
> Any reason not to build this into OpenWrt? Thanks.
>
> Rich
> _______________________________________________
> Bloat mailing list
> Bloat@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/bloat
>

[-- Attachment #2: Type: text/html, Size: 5873 bytes --]

Re: [Bloat] mDNS

[Rich Brown]

[-- Attachment #1: Type: text/plain, Size: 1175 bytes --]



> On Feb 27, 2024, at 12:00 PM, bloat-request@lists.bufferbloat.net wrote:
> 
> On 2/26/2024 6:28 AM, Rich Brown via Bloat wrote:
>> - Avoid the WAN port's DHCP assigned subnet (what if the ISP uses 
>> 192.168.1.0/24?)
> 
> I recently got ATT fiber and its modem won't let me assign from 
> 10.0.0.0/8! So I put a Raspberry Pi 4 in front of it.

Exactly! There are no rules about what subnet range an ISP's gear will assign to DHCP devices.

So (I believe) it becomes incumbent on OpenWrt to be smarter than the ISP's router (shouldn't be hard) and pick a separate subnet for its LAN & wireless interface. (Clearly, OpenWrt could default to 192.168.1.0/24, but if that's that range the ISP is using, it could switch to 192.168.2.0/24. I think that's all the flexibility that's required...)

And then advertise a mDNS name to make it easy for humans to connect. Who would notice?

- Newcomers wouldn't - they'd just connect and configure as described in the Wiki
- Grizzled OpenWrt old-timers wouldn't notice either, because they will have set their ISP device to use some other address range.

Any reason not to build this into OpenWrt? Thanks.

Rich

[-- Attachment #2: Type: text/html, Size: 4467 bytes --]