draft-ietf-v6ops-happy-eyeballs-05.txt   draft-ietf-v6ops-happy-eyeballs-06.txt 
v6ops D. Wing v6ops D. Wing
Internet-Draft A. Yourtchenko Internet-Draft A. Yourtchenko
Intended status: Standards Track Cisco Intended status: Standards Track Cisco
Expires: April 29, 2012 October 27, 2011 Expires: June 10, 2012 December 8, 2011
Happy Eyeballs: Success with Dual-Stack Hosts Happy Eyeballs: Success with Dual-Stack Hosts
draft-ietf-v6ops-happy-eyeballs-05 draft-ietf-v6ops-happy-eyeballs-06
Abstract Abstract
When the IPv4 server and path is working but the IPv6 server or IPv6 When a server's IPv4 path and protocol is working but the server's
path is down, a dual-stack client application experiences significant IPv6 path and protocol are not working, a dual-stack client
connection delay compared to an IPv4-only client. This is application experiences significant connection delay compared to an
undesirable because it causes the dual-stack client to have a worse IPv4-only client. This is undesirable because it causes the dual-
user experience. This document specifies requirements for algorithms stack client to have a worse user experience. This document
that reduce this delay, and provides an example algorithm. specifies requirements for algorithms that reduce this user-visible
delay, and provides an example algorithm.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 29, 2012. This Internet-Draft will expire on June 10, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Additional Network and Host Traffic . . . . . . . . . . . 3
2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 3 2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 3
3. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3 3. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 3
3.1. URIs and hostnames . . . . . . . . . . . . . . . . . . . . 4 3.1. URIs and hostnames . . . . . . . . . . . . . . . . . . . . 4
3.2. IPv6 connectivity . . . . . . . . . . . . . . . . . . . . 4 3.2. Delay When IPv6 is not Accessible . . . . . . . . . . . . 4
4. Algorithm Requirements . . . . . . . . . . . . . . . . . . . . 5 4. Algorithm Requirements . . . . . . . . . . . . . . . . . . . . 5
4.1. Delay IPv4 . . . . . . . . . . . . . . . . . . . . . . . . 6 4.1. Delay IPv4 . . . . . . . . . . . . . . . . . . . . . . . . 7
4.2. Stateful Behavior when IPv6 Fails . . . . . . . . . . . . 7 4.2. Stateful Behavior when IPv6 Fails . . . . . . . . . . . . 8
4.3. Reset on Network (re-)Initialization . . . . . . . . . . . 8 4.3. Reset on Network (re-)Initialization . . . . . . . . . . . 9
4.4. Abandon Non-Winning Connections . . . . . . . . . . . . . 8 4.4. Abandon Non-Winning Connections . . . . . . . . . . . . . 9
5. Additional Considerations . . . . . . . . . . . . . . . . . . 9 5. Additional Considerations . . . . . . . . . . . . . . . . . . 10
5.1. Additional Network and Host Traffic . . . . . . . . . . . 9 5.1. Determining Address Type . . . . . . . . . . . . . . . . . 10
5.2. Determining Address Type . . . . . . . . . . . . . . . . . 9 5.2. Debugging and Troubleshooting . . . . . . . . . . . . . . 10
5.3. Debugging and Troubleshooting . . . . . . . . . . . . . . 9 5.3. Three or More Interfaces . . . . . . . . . . . . . . . . . 10
5.4. Three or More Interfaces . . . . . . . . . . . . . . . . . 9 5.4. A and AAAA Resource Records . . . . . . . . . . . . . . . 10
5.5. A and AAAA Resource Records . . . . . . . . . . . . . . . 10 5.5. Connection time out . . . . . . . . . . . . . . . . . . . 11
5.6. A6 Resource Records . . . . . . . . . . . . . . . . . . . 10 5.6. Interaction with Same Origin Policy . . . . . . . . . . . 11
5.7. Connection time out . . . . . . . . . . . . . . . . . . . 10 5.7. Happy Eyeballs in an Operating System . . . . . . . . . . 11
5.8. Interaction with Same Origin Policy . . . . . . . . . . . 10 6. Example Algorithm . . . . . . . . . . . . . . . . . . . . . . 12
5.9. Happy Eyeballs in an Operating System . . . . . . . . . . 11 7. Security Considerations . . . . . . . . . . . . . . . . . . . 12
6. Example Algorithm . . . . . . . . . . . . . . . . . . . . . . 11 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 12
7. Security Considerations . . . . . . . . . . . . . . . . . . . 11 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 10.1. Normative References . . . . . . . . . . . . . . . . . . . 13
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12 10.2. Informational References . . . . . . . . . . . . . . . . . 13
10.1. Normative References . . . . . . . . . . . . . . . . . . . 12 Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . . 14
10.2. Informational References . . . . . . . . . . . . . . . . . 12 A.1. changes from -05 to -06 . . . . . . . . . . . . . . . . . 14
Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . . 13 A.2. changes from -04 to -05 . . . . . . . . . . . . . . . . . 15
A.1. changes from -03 to -04 . . . . . . . . . . . . . . . . . 14 A.3. changes from -03 to -04 . . . . . . . . . . . . . . . . . 15
A.2. changes from -03 to -04 . . . . . . . . . . . . . . . . . 14 A.4. changes from -03 to -04 . . . . . . . . . . . . . . . . . 15
A.3. changes from -02 to -03 . . . . . . . . . . . . . . . . . 14 A.5. changes from -02 to -03 . . . . . . . . . . . . . . . . . 15
A.4. changes from -01 to -02 . . . . . . . . . . . . . . . . . 14 A.6. changes from -01 to -02 . . . . . . . . . . . . . . . . . 15
A.5. changes from -00 to -01 . . . . . . . . . . . . . . . . . 15 A.7. changes from -00 to -01 . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 15 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 16
1. Introduction 1. Introduction
In order to use applications over IPv6, it is necessary that users In order to use applications over IPv6, it is necessary that users
enjoy nearly identical performance as compared to IPv4. A enjoy nearly identical performance as compared to IPv4. A
combination of today's applications, IPv6 tunneling, IPv6 service combination of today's applications, IPv6 tunneling, IPv6 service
providers, and some of today's content providers all cause the user providers, and some of today's content providers all cause the user
experience to suffer (Section 3). For IPv6, a content provider may experience to suffer (Section 3). For IPv6, a content provider may
ensure a positive user experience by using a DNS white list of IPv6 ensure a positive user experience by using a DNS white list of IPv6
service providers who peer directly with them (e.g., [whitelist]). service providers who peer directly with them (e.g., [whitelist]).
However, this does not scale well (to the number of DNS servers However, this does not scale well (to the number of DNS servers
worldwide or the number of content providers worldwide), and does not worldwide or the number of content providers worldwide), and does not
react to intermittent network path outages. react to intermittent network path outages.
Instead, applications can improve the user experience themselves, by Instead, applications reduce connection setup delays themselves, by
more aggressively making connections on IPv6 and IPv4. There are a more aggressively making connections on IPv6 and IPv4. There are a
variety of algorithms that can be envisioned. This document variety of algorithms that can be envisioned. This document
specifies requirements for any such algorithm, with the goals that specifies requirements for any such algorithm, with the goals that
the network and servers are not inordinately harmed with a simple the network and servers are not inordinately harmed with a simple
doubling of traffic on IPv6 and IPv4, and the host's address doubling of traffic on IPv6 and IPv4, and the host's address
preference is honored (e.g., [RFC3484]). preference is honored (e.g., [RFC3484]).
1.1. Additional Network and Host Traffic
Additional network traffic and additional server load is created due
to the recommendations in this document, especially when connections
to the preferred address family (usually IPv6) are not completing
quickly.
The procedures described in this document retain a quality user
experience while transitioning from IPv4-only to dual stack, while
still giving IPv6 a slight preference over IPv4 (in order to remove
load from IPv4 networks, most importantly to reduce the load on IPv4
network address translators). The improvement in the user experience
benefits the user to only a small detriment of the network, DNS
server, and server that are serving the user.
2. Notational Conventions 2. Notational Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
3. Problem Statement 3. Problem Statement
The basis of the IPv6/IPv4 selection problem was first described in The basis of the IPv6/IPv4 selection problem was first described in
1994 in [RFC1671], 1994 in [RFC1671],
skipping to change at page 4, line 6 skipping to change at page 4, line 20
which DNS claims to know an IPng address may in fact not be which DNS claims to know an IPng address may in fact not be
running IPng at a particular moment; thus an IPng packet to that running IPng at a particular moment; thus an IPng packet to that
host will be discarded on delivery. Knowing that a host has both host will be discarded on delivery. Knowing that a host has both
IPv4 and IPng addresses gives no information about black holes. A IPv4 and IPng addresses gives no information about black holes. A
solution to this must be proposed and it must not depend on solution to this must be proposed and it must not depend on
manually maintained information. (If this is not solved, the dual manually maintained information. (If this is not solved, the dual
stack approach is no better than the packet translation stack approach is no better than the packet translation
approach.)" approach.)"
As discussed in more detail in Section 3.1, it is important that the As discussed in more detail in Section 3.1, it is important that the
same URI and hostname be used for IPv4 and IPv6. Using separate same URI and hostname be used for IPv4 and IPv6.
namespaces (e.g., "ipv6.example.com") causes namespace fragmentation
and reduces the ability for users to share URIs and hostnames, and
complicates printed material that includes the URI or hostname.
As discussed in more detail in Section 3.2, IPv6 connectivity is As discussed in more detail in Section 3.2, IPv6 connectivity is
broken to specific prefixes or specific hosts, or slower than native broken to specific prefixes or specific hosts, or slower than native
IPv4 connectivity. IPv4 connectivity.
The mechanism described in this document is directly applicable to
connection-oriented transports (e.g., TCP, SCTP), which is the scope
of this document. For connectionless transport protocols (e.g.,
UDP), a similar mechanism can be used if the application has request/
response semantics (e.g., as done by ICE to select a working IPv6 or
IPv4 media path [RFC6157]).
3.1. URIs and hostnames 3.1. URIs and hostnames
URIs are often used between users to exchange pointers to content -- URIs are often used between users to exchange pointers to content --
such as on social networks, email, instant messaging, or other such as on social networks, email, instant messaging, or other
systems. Thus, production URIs and production hostnames containing systems. Using separate namespaces (e.g., "ipv6.example.com") only
references to IPv4 or IPv6 will only function if the other party is accessible with certain technology (e.g., with an IPv6 client and a
also using an application, OS, and a network that can access the URI working IPv6 path) causes namespace fragmentation and reduces the
or the hostname. ability for users to share URIs and hostnames, and complicates
printed material that includes the URI or hostname.
3.2. IPv6 connectivity The algorithm described in this document allows production URIs to
avoid these problematic references to IPv4 or IPv6.
When IPv6 connectivity is impaired, today's IPv6-capable web browsers 3.2. Delay When IPv6 is not Accessible
incur many seconds of delay before falling back to IPv4. This harms
the user's experience with IPv6, which will slow the acceptance of When IPv6 connectivity is impaired, today's IPv6-capable applications
IPv6, because IPv6 is frequently disabled in its entirety on the end (e.g., web browsers, email clients, xmpp clients) incur many seconds
systems to improve the user experience. of delay before falling back to IPv4. This delays overall
application operation, including harming the user's experience with
IPv6, which will slow the acceptance of IPv6, because IPv6 is
frequently disabled in its entirety on the end systems to improve the
user experience.
Reasons for such failure include no connection to the IPv6 Internet, Reasons for such failure include no connection to the IPv6 Internet,
broken 6to4 or Teredo tunnels, and broken IPv6 peering. The broken 6to4 or Teredo tunnels, and broken IPv6 peering. The
following diagram shows this behavior. following diagram shows this behavior.
The algorithm described in this document allows clients to connect to
servers without significant delay, even if a path or the server is
slow or down.
DNS Server Client Server DNS Server Client Server
| | | | | |
1. |<--www.example.com A?-----| | 1. |<--www.example.com A?-----| |
2. |<--www.example.com AAAA?--| | 2. |<--www.example.com AAAA?--| |
3. |---192.0.2.1------------->| | 3. |---192.0.2.1------------->| |
4. |---2001:db8::1----------->| | 4. |---2001:db8::1----------->| |
5. | | | 5. | | |
6. | |--TCP SYN, IPv6--->X | 6. | |==TCP SYN, IPv6===>X |
7. | |--TCP SYN, IPv6--->X | 7. | |==TCP SYN, IPv6===>X |
8. | |--TCP SYN, IPv6--->X | 8. | |==TCP SYN, IPv6===>X |
9. | | | 9. | | |
10. | |--TCP SYN, IPv4------->| 10. | |--TCP SYN, IPv4------->|
11. | |<-TCP SYN+ACK, IPv4----| 11. | |<-TCP SYN+ACK, IPv4----|
12. | |--TCP ACK, IPv4------->| 12. | |--TCP ACK, IPv4------->|
Figure 1: Existing behavior message flow Figure 1: Existing behavior message flow
The client obtains the IPv4 and IPv6 records for the server (1-4). The client obtains the IPv4 and IPv6 records for the server (1-4).
The client attempts to connect using IPv6 to the server, but the IPv6 The client attempts to connect using IPv6 to the server, but the IPv6
path is broken (6-8), which consumes several seconds of time. path is broken (6-8), which consumes several seconds of time.
skipping to change at page 5, line 49 skipping to change at page 6, line 32
Figure 2: Happy Eyeballs flow 1, IPv6 broken Figure 2: Happy Eyeballs flow 1, IPv6 broken
In the diagram above, the client sends two TCP SYNs at the same time In the diagram above, the client sends two TCP SYNs at the same time
over IPv6 (6) and IPv4 (7). In the diagram, the IPv6 path is broken over IPv6 (6) and IPv4 (7). In the diagram, the IPv6 path is broken
but has little impact to the user because there is no long delay but has little impact to the user because there is no long delay
before using IPv4. The IPv6 path is retried until the application before using IPv4. The IPv6 path is retried until the application
gives up (10). gives up (10).
After performing the above procedure, the client learns if After performing the above procedure, the client learns if
connections to the host's IPv6 or IPv4 address were successful. The connections to the host's IPv6 or IPv4 address was successful. The
client MUST cache that information to avoid thrashing the network client MUST cache that information to avoid thrashing the network
with excessive subsequent connection attempts. For example, in the with excessive subsequent connection attempts. For example, in the
diagram above, the client has noticed that IPv6 to that address diagram above, the client has noticed that IPv6 to that address
failed, and it should provide a greater preference to using IPv4 failed, and it should provide a greater preference to using IPv4
instead. instead.
DNS Server Client Server DNS Server Client Server
| | | | | |
1. |<--www.example.com A?-----| | 1. |<--www.example.com A?-----| |
2. |<--www.example.com AAAA?--| | 2. |<--www.example.com AAAA?--| |
skipping to change at page 6, line 41 skipping to change at page 7, line 38
Over time, as most content is available via IPv6, the amount of IPv4 Over time, as most content is available via IPv6, the amount of IPv4
traffic will decrease. This means that the IPv4 infrastructure will, traffic will decrease. This means that the IPv4 infrastructure will,
over time, be sized to accommodate that decreased (and decreasing) over time, be sized to accommodate that decreased (and decreasing)
amount of traffic. It is critical that a Happy Eyeballs algorithm amount of traffic. It is critical that a Happy Eyeballs algorithm
not cause a surge of unnecessary traffic on that IPv4 infrastructure. not cause a surge of unnecessary traffic on that IPv4 infrastructure.
To meet that goal, compliant Happy Eyeballs algorithms must adhere to To meet that goal, compliant Happy Eyeballs algorithms must adhere to
the requirements in this section. the requirements in this section.
4.1. Delay IPv4 4.1. Delay IPv4
In the near future, there will be a mix of different hosts at The transition to IPv6 is likely to produce a mix of different hosts
individual subscribers homes -- hosts that are IPv4-only, hosts that within a subnetwork -- hosts that are IPv4-only, hosts that are IPv6-
are IPv6-only (e.g., sensors), and dual-stack. This mix of hosts only (e.g., sensors), and dual-stack. This mix of hosts will exist
will exist both within a single home and between subscribers. For both within an administrative domain (a single home, enterprise,
example an IPv4-only television or video streaming device purchased hotel, or coffee shop) and between administrative domains. For
last year and moved from the living room to a bedroom. As another example, a single home might have an IPv4-only television in one room
example, another subscriber might have hosts that are all capable of and a dual-stack television in another room. As another example,
dual-stack operation. another subscriber might have hosts that are all capable of dual-
stack operation.
Due to IPv4 exhaustion, it is likely that a subscriber's hosts (both Due to IPv4 exhaustion, it is likely that a subscriber's hosts (both
IPv4-only hosts and dual-stack hosts) will be sharing an IPv4 address IPv4-only hosts and dual-stack hosts) will be sharing an IPv4 address
with other subscribers. The dual-stack hosts have an advantage: with other subscribers. The dual-stack hosts have an advantage:
they can utilize IPv6 or IPv4. The IPv4-only hosts have a they can utilize IPv6 or IPv4, which means it can utilize the
technique described in this document. The IPv4-only hosts have a
disadvantage: they can only utilize IPv4. If all hosts (dual-stack disadvantage: they can only utilize IPv4. If all hosts (dual-stack
and IPv4-only) are using IPv4, there is additional contention for the and IPv4-only) are using IPv4, there is additional contention for the
shared IPv4 address. The IPv4-only hosts cannot avoid that shared IPv4 address. The IPv4-only hosts cannot avoid that
contention (as they can only use IPv4) while the dual-stack hosts can contention (as they can only use IPv4) while the dual-stack hosts can
avoid that contention by using IPv6. avoid that contention by using IPv6.
As dual-stack hosts proliferate and content becomes available over As dual-stack hosts proliferate and content becomes available over
IPv6, there will be less and less IPv4 traffic. This is true IPv6, there will be proportionally less IPv4 traffic. This is true
especially for dual-stack hosts that do not implement Happy Eyeballs, especially for dual-stack hosts that do not implement Happy Eyeballs,
because those dual-stack hosts have a very strong preference to use because those dual-stack hosts have a very strong preference to use
IPv6 (with timeouts in the tens of seconds before they will attempt IPv6 (with timeouts in the tens of seconds before they will attempt
to use IPv4). to use IPv4).
When deploying IPv6, both content providers and Internet Service When deploying IPv6, both content providers and Internet Service
Providers (who supply IPv4 address sharing mechanisms such as Carrier Providers (who supply IPv4 address sharing mechanisms such as Carrier
Grade NAT (CGN)) will want to reduce their investment in IPv4 Grade NAT (CGN)) will want to reduce their investment in IPv4
equipment -- load balancers, peering links, and address sharing equipment -- load balancers, peering links, and address sharing
devices. If a Happy Eyeballs implementation treats IPv6 and IPv4 devices. If a Happy Eyeballs implementation treats IPv6 and IPv4
skipping to change at page 7, line 39 skipping to change at page 8, line 37
This means that costs to migrate to IPv6 are increased, because the This means that costs to migrate to IPv6 are increased, because the
investment in IPv4 cannot be reduced. Furthermore, using only a investment in IPv4 cannot be reduced. Furthermore, using only a
metric that measures connection speed ignores the value of IPv6 over metric that measures connection speed ignores the value of IPv6 over
IPv4 address sharing, such as shared penalty boxes and geo-location IPv4 address sharing, such as shared penalty boxes and geo-location
[RFC6269]. [RFC6269].
Thus, to avoid harming IPv4-only hosts which can only utilize IPv4, Thus, to avoid harming IPv4-only hosts which can only utilize IPv4,
implementations MUST prefer the first IP address family returned by implementations MUST prefer the first IP address family returned by
the host's address preference policy, unless implementing a stateful the host's address preference policy, unless implementing a stateful
algorithm described in Section 4.2. This usually means giving algorithm described in Section 4.2. This usually means giving
preferring IPv6 over IPv4, although that preference can be over- preference to IPv6 over IPv4, although that preference can be over-
ridden by user configuration or by network configuration ridden by user configuration or by network configuration
[I-D.ietf-6man-addr-select-opt]. If the host's policy is unknown or [I-D.ietf-6man-addr-select-opt]. If the host's policy is unknown or
not attainable, implementations MUST prefer IPv6 over IPv4. not attainable, implementations MUST prefer IPv6 over IPv4.
4.2. Stateful Behavior when IPv6 Fails 4.2. Stateful Behavior when IPv6 Fails
Some Happy Eyeballs algorithms are stateful -- that is, the algorithm Some Happy Eyeballs algorithms are stateful -- that is, the algorithm
will remember that IPv6 always fails, or that IPv6 to certain will remember that IPv6 always fails, or that IPv6 to certain
prefixes always fails, and so on. This section describes such prefixes always fails, and so on. This section describes such
algorithms. Stateless algorithms, which do not remember the success/ algorithms. Stateless algorithms, which do not remember the success/
failure of previous connections, are not discussed in this section. failure of previous connections, are not discussed in this section.
After making a connection attempt on the preferred address family After making a connection attempt on the preferred address family
(e.g., IPv6), and failing to establish a connection within a certain (e.g., IPv6), and failing to establish a connection within a certain
time period (see Section 5.7), a Happy Eyeballs implementation will time period (see Section 5.5), a Happy Eyeballs implementation will
decide to initiate a second connection attempt using the same address decide to initiate a second connection attempt using the same address
family or the other address family. family or the other address family.
Such an implementation MAY make subsequent connection attempts (to Such an implementation MAY make subsequent connection attempts (to
the same host or to other hosts) on the successful address family the same host or to other hosts) on the successful address family
(e.g., IPv4). Such an implementation MUST occasionally make (e.g., IPv4). So long as new connections are being attempted by the
connection attempts using the host's preferred address family, as it host, such an implementation MUST occasionally make connection
may have become functional again, and is RECOMMENDED to do so every attempts using the host's preferred address family, as it may have
10 minutes. Implementation note: this can be achieved by attempting become functional again, and it SHOULD do so every 10 minutes. The
to connect to both address families at the same time every 10 10 minute delay before re-trying a failed address family avoids the
minutes, which does not significantly harm the application's simple doubling of connection attempts on both IPv6 and IPv4.
connection setup time. If connections using the preferred address Implementation note: this can be achieved by flushing Happy Eyeballs
family are again successful, the preferred address family SHOULD be state every every 10 minutes, which does not significantly harm the
used for subsequent connections. Because this implementation is application's subsequent connection setup time. If connections using
stateful, it MAY track connection success (or failure) based on IPv6 the preferred address family are again successful, the preferred
or IPv4 prefix (e.g., connections to the same prefix assigned to the address family SHOULD be used for subsequent connections. Because
interface are successful whereas connections to other prefixes are this implementation is stateful, it MAY track connection success (or
failing). failure) based on IPv6 or IPv4 prefix (e.g., connections to the same
prefix assigned to the interface are successful whereas connections
to other prefixes are failing).
4.3. Reset on Network (re-)Initialization 4.3. Reset on Network (re-)Initialization
Because every network has different characteristics (e.g., working or Because every network has different characteristics (e.g., working or
broken IPv6 or IPv4 connectivity), a Happy Eyeballs algorithm SHOULD broken IPv6 or IPv4 connectivity), a Happy Eyeballs algorithm SHOULD
re-initialize when the host is connected to a new network. Hosts can re-initialize when the host is connected to a new network. Hosts can
determine network (re-)initialization by a variety of mechanisms determine network (re-)initialization by a variety of mechanisms
(e.g., DNAv4 [RFC4436], DNAv6 [RFC6059]). (e.g., DNAv4 [RFC4436], DNAv6 [RFC6059]).
If the client application is a web browser, see also Section 5.8. If the client application is a web browser, see also Section 5.6.
4.4. Abandon Non-Winning Connections 4.4. Abandon Non-Winning Connections
It is RECOMMENDED that the non-winning connections be abandoned, even It is RECOMMENDED that the non-winning connections be abandoned, even
though they could -- in some cases -- be put to reasonable use. though they could -- in some cases -- be put to reasonable use.
Justification: This reduces the load on the server (file Justification: This reduces the load on the server (file
descriptors, TCP control blocks), stateful middleboxes (NAT and descriptors, TCP control blocks), stateful middleboxes (NAT and
firewalls) and, if the abandoned connection is IPv4, reduces IPv4 firewalls) and, if the abandoned connection is IPv4, reduces IPv4
address sharing contention. address sharing contention.
HTTP: The design of some sites can break because of HTTP cookies HTTP: The design of some sites can break because of HTTP cookies
that incorporate the client's IP address and require all that incorporate the client's IP address and require all
connections be from the same IP address. If some connections from connections be from the same IP address. If some connections from
the same client are arriving from different IP addresses (or the same client are arriving from different IP addresses (or
worse, different IP address families), such applications will worse, different IP address families), such applications will
break. Additionally for HTTP, using the non-winning connection break. Additionally for HTTP, using the non-winning connection
can interfere with the browser's Same Origin Policy (see can interfere with the browser's Same Origin Policy (see
Section 5.8). Section 5.6).
5. Additional Considerations 5. Additional Considerations
This section discusses considerations related to Happy Eyeballs. This section discusses considerations related to Happy Eyeballs.
5.1. Additional Network and Host Traffic 5.1. Determining Address Type
Additional network traffic and additional server load is created due
to the recommendations in this document, especially when connections
to the preferred address family (usually IPv6) are not completing
quickly.
The procedures described in this document retain a quality user
experience while transitioning from IPv4-only to dual stack, while
still giving IPv6 a slight preference over IPv4 (in order to remove
load from IPv4 networks, most importantly to reduce the load on IPv4
network address translators). The improvement in the user experience
benefits the user to only a small detriment of the network, DNS
server, and server that are serving the user.
5.2. Determining Address Type
For some transitional technologies such as a dual-stack host, it is For some transitional technologies such as a dual-stack host, it is
easy for the application to recognize the native IPv6 address easy for the application to recognize the native IPv6 address
(learned via a AAAA query) and the native IPv4 address (learned via (learned via a AAAA query) and the native IPv4 address (learned via
an A query). While IPv6/IPv4 translation makes that difficult, an A query). While IPv6/IPv4 translation makes that difficult, IPv6/
fortunately IPv6/IPv4 translators are not deployed on networks with IPv4 translators do not need to be deployed on networks with dual
dual stack clients. stack clients, because dual stack clients can use their native IP
address family.
5.3. Debugging and Troubleshooting 5.2. Debugging and Troubleshooting
This mechanism is aimed at ensuring a reliable user experience This mechanism is aimed at ensuring a reliable user experience
regardless of connectivity problems affecting any single transport. regardless of connectivity problems affecting any single transport.
However, this naturally means that applications employing these However, this naturally means that applications employing these
techniques are by default less useful for diagnosing issues with a techniques are by default less useful for diagnosing issues with a
particular address family. To assist in that regard, the particular address family. To assist in that regard, the
implementations MAY also provide a mechanism to disable their Happy implementations MAY also provide a mechanism to disable their Happy
Eyeballs behavior via a user setting. Eyeballs behavior via a user setting.
5.4. Three or More Interfaces 5.3. Three or More Interfaces
A dual-stack host might have more than two interfaces because of a A dual-stack host normally has two logical interfaces: an IPv6
VPN (where a third interface is the tunnel address, often assigned by interface and an IPv4 interface. However, a dual-stack host might
the remote corporate network), because of multiple physical have more than two logical interfaces because of a VPN (where a third
interfaces such as wired and wireless Ethernet, because the host interface is the tunnel address, often assigned by the remote
belongs to multiple VLANs, or other reasons. The interaction of corporate network) or because of multiple physical interfaces such as
Happy Eyeballs with more than two interfaces is for further study. wired and wireless Ethernet, because the host belongs to multiple
VLANs, or other reasons. The interaction of Happy Eyeballs with more
than two logical interfaces is for further study.
5.5. A and AAAA Resource Records 5.4. A and AAAA Resource Records
It is possible that an DNS query for an A or AAAA resource record It is possible that an DNS query for an A or AAAA resource record
will return more than one A or AAAA address. When this occurs, it is will return more than one A or AAAA address. When this occurs, it is
RECOMMENDED that a Happy Eyeballs implementation order the responses RECOMMENDED that a Happy Eyeballs implementation order the responses
following the host's address preference policy and then try the first following the host's address preference policy and then try the first
address. If that fails after a certain time (see Section 5.7), the address. If that fails after a certain time (see Section 5.5), the
next address SHOULD be the IPv4 address. next address SHOULD be the IPv4 address.
If that fails to connect after a certain time (see Section 5.7), a If that fails to connect after a certain time (see Section 5.5), a
Happy Eyeballs implementation SHOULD try the other addresses Happy Eyeballs implementation SHOULD try the other addresses
returned; the order of these connection attempts is not important. returned; the order of these connection attempts is not important.
5.6. A6 Resource Records On the Internet today, servers commonly have multiple A records to
provide load balancing across their servers. This same technique
The A6 resource record SHOULD NOT be queried [RFC3363]. would be useful for AAAA records, as well. However, if multiple AAAA
records are returned to a non-Happy Eyeballs client that has broken
IPv6 connectivity, it will further increase the delay to fall back to
IPv4. Thus, web site operators with native IPv6 connectivity SHOULD
NOT offer multiple AAAA records. If Happy Eyeballs is widely
deployed in the future, this recommendation might be revisited.
5.7. Connection time out 5.5. Connection time out
The primary purpose of Happy Eyeballs is to reduce the wait time for The primary purpose of Happy Eyeballs is to reduce the wait time for
a dual stack connection to complete, especially when the IPv6 path is a dual stack connection to complete, especially when the IPv6 path is
broken and IPv6 is preferred. Aggressive time outs (on the order of broken and IPv6 is preferred. Aggressive time outs (on the order of
tens of milliseconds) achieve this goal, but at the cost of network tens of milliseconds) achieve this goal, but at the cost of network
traffic. This network traffic may be billable on certain networks, traffic. This network traffic may be billable on certain networks,
will create state on some middleboxes (e.g., firewalls, IDS, NAT), will create state on some middleboxes (e.g., firewalls, IDS, NAT),
and will consume ports if IPv4 addresses are shared. For these and will consume ports if IPv4 addresses are shared. For these
reasons, it is RECOMMENDED that connection attempts be paced to give reasons, it is RECOMMENDED that connection attempts be paced to give
connections a chance to complete. It is RECOMMENDED that connections connections a chance to complete. It is RECOMMENDED that connections
attempts be paced 150-250ms apart. Stateful algorithms are expected attempts be paced 150-250ms apart. Stateful algorithms are expected
to be more aggressive (that is, make connection attempts closer to be more aggressive (that is, make connection attempts closer
together), as stateful algorithms maintain an estimate of the together), as stateful algorithms maintain an estimate of the
expected connection completion time. expected connection completion time.
5.8. Interaction with Same Origin Policy 5.6. Interaction with Same Origin Policy
Web browsers implement a Same Origin Policy [I-D.ietf-websec-origin] Web browsers implement a Same Origin Policy [I-D.ietf-websec-origin]
which causes subsequent connections to the same hostname to go to the which causes subsequent connections to the same hostname to go to the
same IPv4 (or IPv6) address as the previous successful connection. same IPv4 (or IPv6) address as the previous successful connection.
This is done to prevent certain types of attacks. This is done to prevent certain types of attacks.
The same-origin policy harms user-visible responsiveness if a new The same-origin policy harms user-visible responsiveness if a new
connection fails (e.g., due to a transient event such as router connection fails (e.g., due to a transient event such as router
failure or load balancer failure). While it is tempting to use Happy failure or load balancer failure). While it is tempting to use Happy
Eyeballs to maintain responsiveness, web browsers MUST NOT change Eyeballs to maintain responsiveness, web browsers MUST NOT change
their Same Origin Policy because of Happy Eyeballs, as that would their Same Origin Policy because of Happy Eyeballs, as that would
create an additional security exposure. create an additional security exposure.
5.9. Happy Eyeballs in an Operating System 5.7. Happy Eyeballs in an Operating System
Applications would have to change in order to use the mechanism Applications would have to change in order to use the mechanism
described in this document, by either implementing the mechanism described in this document, by either implementing the mechanism
directly, or by calling APIs made available to them. To improve IPv6 directly, or by calling APIs made available to them. To improve IPv6
connectivity experience for legacy applications (e.g., applications connectivity experience for legacy applications (e.g., applications
which simply rely on the operating system's address preference which simply rely on the operating system's address preference
order), operating systems may consider more sophisticated approaches. order), operating systems may consider more sophisticated approaches.
These can include changing address sorting based on configuration These can include changing default address selection sorting
received from the network, or observing connection failures to IPv6 ([RFC3484]) based on configuration received from the network, or
and IPV4 destinations. observing connection failures to IPv6 and IPV4 destinations.
6. Example Algorithm 6. Example Algorithm
What follows is the algorithm implemented in Google Chrome and What follows is the algorithm implemented in Google Chrome and
Mozilla Firefox. Mozilla Firefox.
1. Call getaddinfo(), which returns a list of IP addresses sorted by 1. Call getaddinfo(), which returns a list of IP addresses sorted by
the host's address preference policy. the host's address preference policy.
2. Initiate a connection attempt with the first address in that list 2. Initiate a connection attempt with the first address in that list
skipping to change at page 11, line 40 skipping to change at page 12, line 33
time (e.g., 200-300ms), initiate a connection attempt with the time (e.g., 200-300ms), initiate a connection attempt with the
first address belonging to the other address family (e.g., IPv4) first address belonging to the other address family (e.g., IPv4)
4. The first connection that is established is used. The other 4. The first connection that is established is used. The other
connection is discarded. connection is discarded.
Other example algorithms include [Perreault] and [Andrews]. Other example algorithms include [Perreault] and [Andrews].
7. Security Considerations 7. Security Considerations
See Section 4.4 and Section 5.8. See Section 4.4 and Section 5.6.
8. Acknowledgements 8. Acknowledgements
The mechanism described in this paper was inspired by Stuart The mechanism described in this paper was inspired by Stuart
Cheshire's discussion at the IAB Plenary at IETF72, the author's Cheshire's discussion at the IAB Plenary at IETF72, the author's
understanding of Safari's operation with SRV records, Interactive understanding of Safari's operation with SRV records, Interactive
Connectivity Establishment (ICE [RFC5245]), the current IPv4/IPv6 Connectivity Establishment (ICE [RFC5245]), the current IPv4/IPv6
behavior of SMTP mail transfer agents, and the implementation of behavior of SMTP mail transfer agents, and the implementation of
Happy Eyeballs in Google Chrome and Mozilla Firefox. Happy Eyeballs in Google Chrome and Mozilla Firefox.
Thanks to Fred Baker, Jeff Kinzli, Christian Kuhtz, and Iljitsch van Thanks to Fred Baker, Jeff Kinzli, Christian Kuhtz, and Iljitsch van
Beijnum for fostering the creation of this document. Beijnum for fostering the creation of this document.
Thanks to Scott Brim, Rick Jones, Stig Venaas, Erik Kline, Bjoern Thanks to Scott Brim, Rick Jones, Stig Venaas, Erik Kline, Bjoern
Zeeb, Matt Miller, Dave Thaler, Dmitry Anipko, and Brian Carpenter Zeeb, Matt Miller, Dave Thaler, Dmitry Anipko, Brian Carpenter, and
for their feedback. David Crocker for their feedback.
Thanks to Javier Ubillos, Simon Perreault and Mark Andrews for the Thanks to Javier Ubillos, Simon Perreault and Mark Andrews for the
active feedback and the experimental work on the independent active feedback and the experimental work on the independent
practical implementations that they created. practical implementations that they created.
Also the authors would like to thank the following individuals who Also the authors would like to thank the following individuals who
participated in various email discussions on this topic: Mohacsi participated in various email discussions on this topic: Mohacsi
Janos, Pekka Savola, Ted Lemon, Carlos Martinez-Cagnazzo, Simon Janos, Pekka Savola, Ted Lemon, Carlos Martinez-Cagnazzo, Simon
Perreault, Jack Bates, Jeroen Massar, Fred Baker, Javier Ubillos, Perreault, Jack Bates, Jeroen Massar, Fred Baker, Javier Ubillos,
Teemu Savolainen, Scott Brim, Erik Kline, Cameron Byrne, Daniel Teemu Savolainen, Scott Brim, Erik Kline, Cameron Byrne, Daniel
skipping to change at page 13, line 24 skipping to change at page 14, line 18
October 2011. October 2011.
[Perreault] [Perreault]
Perreault, S., "Happy Eyeballs in Erlang", February 2011, Perreault, S., "Happy Eyeballs in Erlang", February 2011,
<http://www.viagenie.ca/news/ <http://www.viagenie.ca/news/
index.html#happy_eyeballs_erlang>. index.html#happy_eyeballs_erlang>.
[RFC1671] Carpenter, B., "IPng White Paper on Transition and Other [RFC1671] Carpenter, B., "IPng White Paper on Transition and Other
Considerations", RFC 1671, August 1994. Considerations", RFC 1671, August 1994.
[RFC3363] Bush, R., Durand, A., Fink, B., Gudmundsson, O., and T.
Hain, "Representing Internet Protocol version 6 (IPv6)
Addresses in the Domain Name System (DNS)", RFC 3363,
August 2002.
[RFC4436] Aboba, B., Carlson, J., and S. Cheshire, "Detecting [RFC4436] Aboba, B., Carlson, J., and S. Cheshire, "Detecting
Network Attachment in IPv4 (DNAv4)", RFC 4436, March 2006. Network Attachment in IPv4 (DNAv4)", RFC 4436, March 2006.
[RFC5245] Rosenberg, J., "Interactive Connectivity Establishment [RFC5245] Rosenberg, J., "Interactive Connectivity Establishment
(ICE): A Protocol for Network Address Translator (NAT) (ICE): A Protocol for Network Address Translator (NAT)
Traversal for Offer/Answer Protocols", RFC 5245, Traversal for Offer/Answer Protocols", RFC 5245,
April 2010. April 2010.
[RFC6059] Krishnan, S. and G. Daley, "Simple Procedures for [RFC6059] Krishnan, S. and G. Daley, "Simple Procedures for
Detecting Network Attachment in IPv6", RFC 6059, Detecting Network Attachment in IPv6", RFC 6059,
November 2010. November 2010.
[RFC6157] Camarillo, G., El Malki, K., and V. Gurbani, "IPv6
Transition in the Session Initiation Protocol (SIP)",
RFC 6157, April 2011.
[RFC6269] Ford, M., Boucadair, M., Durand, A., Levis, P., and P. [RFC6269] Ford, M., Boucadair, M., Durand, A., Levis, P., and P.
Roberts, "Issues with IP Address Sharing", RFC 6269, Roberts, "Issues with IP Address Sharing", RFC 6269,
June 2011. June 2011.
[whitelist] [whitelist]
Google, "Google IPv6 DNS Whitelist", January 2009, Google, "Google IPv6 DNS Whitelist", January 2009,
<http://www.google.com/intl/en/ipv6>. <http://www.google.com/intl/en/ipv6>.
Appendix A. Changes Appendix A. Changes
A.1. changes from -03 to -04
A.1. changes from -05 to -06
o Added paragraph describing current AAAA practice on the Internet
(one AAAA record) due to non-Happy Eyeballs implementations, per
opsdir review.
o fixed "=" in Figure 1.
o Removed text discussing A6. A6 is being deprecated in another
document, and querying A6 is not a significant operational problem
on the Internet.
A.2. changes from -04 to -05
o Updated citations.
A.3. changes from -03 to -04
o Make RFC3363 a non-normative reference. o Make RFC3363 a non-normative reference.
A.2. changes from -03 to -04 A.4. changes from -03 to -04
o Better explained why IPv6 needs to be preferred o Better explained why IPv6 needs to be preferred
o Don't query A6. o Don't query A6.
A.3. changes from -02 to -03 A.5. changes from -02 to -03
o Re-casted this specification as a list of requirements for a o Re-casted this specification as a list of requirements for a
compliant algorithm, rather than trying to dictate a One True compliant algorithm, rather than trying to dictate a One True
algorithm. algorithm.
A.4. changes from -01 to -02 A.6. changes from -01 to -02
o Now honors host's address preference (RFC3484 and friends) o Now honors host's address preference (RFC3484 and friends)
o No longer requires thread-safe DNS library. It uses getaddrinfo() o No longer requires thread-safe DNS library. It uses getaddrinfo()
o No longer describes threading. o No longer describes threading.
o IPv6 is given a 200ms head start (Initial Headstart variable). o IPv6 is given a 200ms head start (Initial Headstart variable).
o If the IPv6 and IPv4 connection attempts were made at nearly the o If the IPv6 and IPv4 connection attempts were made at nearly the
skipping to change at page 15, line 4 skipping to change at page 16, line 10
serious affect to Smoothed P. serious affect to Smoothed P.
o encourages that every 10 minutes the exception cache and Smoothed o encourages that every 10 minutes the exception cache and Smoothed
P be reset. This allows IPv6 to be attempted again, so we don't P be reset. This allows IPv6 to be attempted again, so we don't
get 'stuck' on IPv4. get 'stuck' on IPv4.
o If we didn't get both A and AAAA, abandon all Happy Eyeballs o If we didn't get both A and AAAA, abandon all Happy Eyeballs
processing (thanks to Simon Perreault). processing (thanks to Simon Perreault).
o added discussion of Same Origin Policy o added discussion of Same Origin Policy
o Removed discussion of NAT-PT and address learning; those are only o Removed discussion of NAT-PT and address learning; those are only
used with IPv6-only hosts whereas this document is about dual- used with IPv6-only hosts whereas this document is about dual-
stack hosts contacting dual-stack servers. stack hosts contacting dual-stack servers.
A.5. changes from -00 to -01 A.7. changes from -00 to -01
o added SRV section (thanks to Matt Miller) o added SRV section (thanks to Matt Miller)
Authors' Addresses Authors' Addresses
Dan Wing Dan Wing
Cisco Systems, Inc. Cisco Systems, Inc.
170 West Tasman Drive 170 West Tasman Drive
San Jose, CA 95134 San Jose, CA 95134
USA USA
 End of changes. 48 change blocks. 
136 lines changed or deleted 181 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/