IETF Logo Mail Archive

Re: [BEHAVE] Modified EUI-64 format

Dave Thaler <dthaler@windows.microsoft.com> Fri, 03 July 2009 17:00 UTC

Return-Path: <dthaler@windows.microsoft.com>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 09DB43A6CC5 for <behave@core3.amsl.com>; Fri, 3 Jul 2009 10:00:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.297
X-Spam-Level:
X-Spam-Status: No, score=-110.297 tagged_above=-999 required=5 tests=[AWL=0.002, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 18zdvK06HSfB for <behave@core3.amsl.com>; Fri, 3 Jul 2009 10:00:48 -0700 (PDT)
Received: from smtp.microsoft.com (mail3.microsoft.com [131.107.115.214]) by core3.amsl.com (Postfix) with ESMTP id 041FA3A6C9E for <behave@ietf.org>; Fri, 3 Jul 2009 10:00:47 -0700 (PDT)
Received: from TK5EX14MLTC104.redmond.corp.microsoft.com (157.54.79.159) by TK5-EXGWY-E803.partners.extranet.microsoft.com (10.251.56.169) with Microsoft SMTP Server (TLS) id 8.2.99.4; Fri, 3 Jul 2009 10:01:11 -0700
Received: from TK5EX14MLTW652.wingroup.windeploy.ntdev.microsoft.com (157.54.71.68) by TK5EX14MLTC104.redmond.corp.microsoft.com (157.54.79.159) with Microsoft SMTP Server id 14.0.601.1; Fri, 3 Jul 2009 10:01:11 -0700
Received: from TK5EX14MBXW651.wingroup.windeploy.ntdev.microsoft.com ([169.254.1.90]) by TK5EX14MLTW652.wingroup.windeploy.ntdev.microsoft.com ([157.54.71.68]) with mapi; Fri, 3 Jul 2009 10:01:10 -0700
From: Dave Thaler <dthaler@windows.microsoft.com>
To: Rémi Després <remi.despres@free.fr>
Thread-Topic: [BEHAVE] Modified EUI-64 format
Thread-Index: AQHJ+9+fodNXhvAl40mLU4cvisEf1ZBkBkhg
Date: Fri, 03 Jul 2009 17:01:08 +0000
Message-ID: <E4561B14EE2A3E4E9D478EBFB5416E1B0A5745@TK5EX14MBXW651.wingroup.windeploy.ntdev.microsoft.com>
References: <E4561B14EE2A3E4E9D478EBFB5416E1B0A2F5A@TK5EX14MBXW651.wingroup.windeploy.ntdev.microsoft.com> <18256DC3-184D-48FE-B37C-2F9867597304@free.fr>
In-Reply-To: <18256DC3-184D-48FE-B37C-2F9867597304@free.fr>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: Behave WG <behave@ietf.org>, Xing Li <xing@cernet.edu.cn>
Subject: Re: [BEHAVE] Modified EUI-64 format
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jul 2009 17:00:49 -0000

> -----Original Message-----
> From: Rémi Després [mailto:remi.despres@free.fr]
> Sent: Friday, July 03, 2009 6:10 AM
> To: Dave Thaler
> Cc: Xing Li; Behave WG
> Subject: Re: [BEHAVE] Modified EUI-64 format
>
>
> Le 2 juil. 09 à 06:06, Dave Thaler a écrit :
>
> > Section 5.2.5 of draft-xli-behave-v4v6-prefix-00 says:
> >> The selection of the prefix length may affect the EUI-64 format,
> >> since the subnet may not be in the 64 bit boundary.  However, there
> >> is no contradiction to [RFC4291], which states that first, an
> >> interface identifier has to be unique on the LAN-or-whatever it is
> >> on.  And second, when the interface identifier is a MAC address it
> >> should be in a format related to a MAC Address - except that it is
> >> different.  So, especially given privacy addressing, we can't really
> >> assume that the router or neighboring host is going to extract a MAC
> >> address from the interface identifier and directly use it to direct
> a
> >> datagram to another host; rather, the relationship between a MAC
> >> address and an interface identifier has a level of indirection
> >> managed by Neighbor Discovery.
> >
> > While it's true there's no "contradiction" per se, there is a
> definite
> > constraint.  Specifically RFC 4291 section 2.5.1 states:
> >
> >> For all unicast addresses, except those that start with the binary
> >> value 000, Interface IDs are required to be 64 bits long and to be
> >> constructed in Modified EUI-64 format.
>
> True.
> However, this in a section on Interface Identifiers which starts with:
> "Interface identifiers in IPv6 unicast addresses are used to identify
> interfaces on a link."
> In the case of an embedded IPv4 address translated by an SIIT, the
> last 64 bits are never used "identify an interface on a link".
> Rules specified for addresses processed at the link layer need not to
> be extended to addresses that are not.
> Especially since RFC 4291 also says:
> "Except for the knowledge of the subnet boundary discussed in the
> previous paragraphs, nodes should not make any assumptions about the
> structure of an IPv6 address."
> In my understanding, this means that, unless a node is exploiting an
> IID for a link layer function, it should not constrain in any way the
> format of IPv6 addresses beyond prefixes it exploits locally.

This is rebutted in the paragraph quoted below about future technology.

> > The Modified EUI-64 format reserves the universal/local bit for that
> > use.   This is then restated in that RFC both in section 2.5.1:
> >
> >> The use of the universal/local bit in the Modified EUI-64 format
> >> identifier is to allow development of future technology that can
> take
> >> advantage of interface identifiers with universal scope.
> >
> > as well as in Appendix A, which explains that there are a number
> > of approaches, but all of them adhere to the universal/local
> > bit.
> >
> > Similarly, with privacy addresses referred to in the draft quote
> > at top, RFC 3041 section 3.2.1 point 3 forces the randomized
> > interface identifier to adhere to this requirement, so that it's
> > a 63-bit random number, not a 64-bit random number.  And with
> > CGAs, RFC 3972 section 4 point 6 similarly forces a generated
> > interface identifier to adhere to this requirement. (As an aside,
> > it also reserves the "g" bit which is actually unnecessary
> > since it's not IEEE EUI-64-derived.  RFC 4291 only discusses
> > the "g" bit for addresses derived from IEEE EUI-64's, which
> > is why RFC 3041 and a translation format can still use that bit).
> >
> > Hence it is not legal for an embedded IPv4 address to span
> > this bit unless the prefix starts with binary 000.  So either
> > a well-known prefix can be used that starts with binary 000,
> > or else any embedded (or obscured) IPv4 address has to end
> > before the 71st bit (i.e. LIR prefix length <= 38) or start
> > after it (i.e. LIR prefix length >= 71).
>
> If despite the discussion above it is concluded that embedded
> addresses that span IID "u" and "g" bits are "formally" illegal, an
> action should imho be taken to make it formally legal.
> Reasons are:
> - it is useful to keep SIIT as simple and flexible as it can be
> - there is no identified technical or operational harm (if one would
> know one, it would be worth knowing).

This would be a change to the IPv6 addressing architecture, and
_cannot_ be done by the Behave WG, only by 6man.  And it would
prevent the possibility mentioned above, which is the "identified"
issue.  It's not at all clear there'd be consensus on this, given
there are groups (like HIP?) which may actually want to use the
bit as suggested.

-Dave

v2.23.0 | Report a Bug | By Email