IETF Logo Mail Archive

Re: [arch-d] Treating "private" address ranges specially

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 31 March 2021 20:27 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD2003A3636 for <architecture-discuss@ietfa.amsl.com>; Wed, 31 Mar 2021 13:27:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QL2PI1r5XpS8 for <architecture-discuss@ietfa.amsl.com>; Wed, 31 Mar 2021 13:27:12 -0700 (PDT)
Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com [IPv6:2607:f8b0:4864:20::632]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54B1F3A3632 for <architecture-discuss@ietf.org>; Wed, 31 Mar 2021 13:27:12 -0700 (PDT)
Received: by mail-pl1-x632.google.com with SMTP id h8so8507788plt.7 for <architecture-discuss@ietf.org>; Wed, 31 Mar 2021 13:27:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=fL9S6blrfaEzBnZ09maxVNH6CwlSAwsp+iBw3+iJmVQ=; b=t45nsGD+sRIhjPMJ+ZlF4pzErnJuDBdwoXaP7VVMOCFi2HJEvaILCkXyvX9Bl5GqVr +zvt26rM/QWv+a9Xep/XZy6L6BrO5BYXBOJcK6iiA3v2RxriJoRR8/MiH7zqTqqb82Mg UaywffYxhqAPsr7UwGt7Zwk6Z61tz6NoWDrjGVUzEsDgIT+grIPlD4TxZ9k+UNsDohV/ DQGEBshgmS15AsXq2w5VTzahOvCeq0E/4ubbWVi0GhkPxCzQsvjX2os9IfqgxdU6exsB y3eaCAi78LaeTJJ8IV9V5cPxwXcJWnSHvz1+FO+IyUwXxYXopX2szzZ0lrPMcrAobCKn xNVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=fL9S6blrfaEzBnZ09maxVNH6CwlSAwsp+iBw3+iJmVQ=; b=IPCNkIknusnLgKt9J1Im9BqpfpIsVxO1QVu3DCsW3lp3o0AZJA6wHI38LPv+ag8+3d BwXoLYz+auu/Ic9JVEqaBMlSh+4Vxa3uk9f7x5uuI36rYs4928jFoUnl2vdsFoDWzNqu WcUsR7YJQ+aWNpuY6GIigzccK7OtjSAT8MnaCMG4voiCjtr7RQE2XW8uHJWUa9mpAHtz AKjYrXeYYPhOpz7AqOF9KAr8hf9GYJuizzJsWA407ih/Xtm28KOuZQwVPttMNumSqeQa fLmywZm3nCJ5+OaxEc/DXeVW48ukpbcb3Mv0ZoeGOSgtCyPU/q2BnGLnYQL5lIy87dQ3 nUIw==
X-Gm-Message-State: AOAM531MphkfWv7eiSeUI6Qpio9lDHznZbLZulE8lhVfa3M/7uTyNTzZ puVmHv4KNyXTajJrnBOus6NVmJcT3e0HCA==
X-Google-Smtp-Source: ABdhPJy/5TL6VNZgpMK/zWUW3Ayj8bpELQ3lqgtPamM7XmuPezaLZWDg+/PXV38qyo9soSXq4IkVIw==
X-Received: by 2002:a17:90a:e60b:: with SMTP id j11mr5007115pjy.42.1617222430265; Wed, 31 Mar 2021 13:27:10 -0700 (PDT)
Received: from [192.168.178.20] ([151.210.131.14]) by smtp.gmail.com with ESMTPSA id k19sm3560197pgl.1.2021.03.31.13.27.08 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Mar 2021 13:27:09 -0700 (PDT)
To: Ted Hardie <ted.ietf@gmail.com>, Erik Kline <ek.ietf@gmail.com>
Cc: architecture-discuss@ietf.org
References: <4329d51a-d5ba-45b3-9fb0-6795dc6fccd3@www.fastmail.com> <CAMGpriWA4B8AThNKBOHo-bfAdQ2s5iYv8rBOB7X8UVc5GsqENA@mail.gmail.com> <CAMGpriUJkWYPyw7=oAj_GnGu2J14T3=VZYNWPZtAs870P=x0sg@mail.gmail.com> <a68636c2-5df0-46eb-8147-79ec6a992f8a@www.fastmail.com> <CAMGpriU_L8HbLFX_mMBtBXxy=XOc5BAnYgVR9R8TQO=DPvRD_g@mail.gmail.com> <F59E2FC3-19CE-4D14-9F1C-9F7125D89455@mnot.net> <CAMGpriVJCsird15oBfT=gSDTr59_yf9TkLmOSO7a9DGX0VRjOg@mail.gmail.com> <CA+9kkMB2iOA-QaCidJHVN=qqZ8TtPXV=xyfuKh+i44VzZLWG3w@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <0cfae1b5-378d-1b28-9a60-89ef15cd793a@gmail.com>
Date: Thu, 01 Apr 2021 09:27:05 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <CA+9kkMB2iOA-QaCidJHVN=qqZ8TtPXV=xyfuKh+i44VzZLWG3w@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/GMK9pYOaNzg05YOusQcEKPFew7k>
Subject: Re: [arch-d] Treating "private" address ranges specially
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Mar 2021 20:27:14 -0000

Hi,

On 31-Mar-21 22:07, Ted Hardie wrote:

<snip>

> The document's description of the address space architecture is:
> 
> 
>       2.1. IP Address Space
> 
> Every IP address belongs to an IP address space, which can be one of three different values:
> 
>  1. local: contains the local host only. In other words, addresses whose target differs for every device.
> 
>  2. private: contains addresses that have meaning only within the current network. In other words, addresses whose target differs based on network position.
> 
>  3. public: contains all other addresses. In other words, addresses whose target is the same for all devices globally on the IP network.

The problem is that this classification is worse than heresy; it's nonsense.

1) local. That seems trivially true (assuming that it covers virtual hosts, not just physical ones). Or is it? If a device has multiple interfaces (physical or virtual) which might lie in different administrative domains, each of which has several IP addresses, including but not limited to loopback addresses, are they all equally "local"?

2) private. There is no definition of "private" address in any IETF document. There is no way of looking at the bits in an address and determining that it's private, because there's no definition of private.

3) public. Ditto. Globally reachable != public. "Globally reachable" itself is an over-simplification. See recent very loud discussions in IPv6-land about ULA addresses.

The attempt to use the IANA registry to determine things that are undefined is just nonsense. It's an attempt to over-simplify something that is inherently complex. The ground truth about address scope exists only in the entire Internet's routing tables, and simply *cannot* be deduced from the bits in an address.

BTW, whoever designed the Python ipaddress module got this wrong too.

So IMHO this whole effort is fundamentally misguided and should be scrapped.

   Brian

v2.23.0 | Report a Bug | By Email