Re: [Cbor] changes in draft-ietf-cbor-network-addresses-05.txt

Brian E Carpenter <> Mon, 02 August 2021 20:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id CF9643A1A0A; Mon, 2 Aug 2021 13:00:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id cIqW1f3f9Iwa; Mon, 2 Aug 2021 13:00:31 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::633]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7809A3A1A0B; Mon, 2 Aug 2021 13:00:31 -0700 (PDT)
Received: by with SMTP id u16so12414599ple.2; Mon, 02 Aug 2021 13:00:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=/LRKNY+7UN39/JfOe7fvGDFoGJjcJwLkqRasLbEzN0Y=; b=nE6qXyr3N4+6eKbrQ088i1bf0rVU0gzzKT1BtiwYymiHkB5FWUKjAMDR7t8vowbhXv xbSwVBJAFjyst75G6C6qfaoJ0rOVX17hSwqNZipampmd9Re5Qum3zwy6Fw3IG/jxVfhm RFip9cohEh1ZCaFh56MZp9+ZPqZzsSTlCcrcsBSjSney+4uzlLbiebL7AG/K5qPQr6Fk mIrLK9S9+X9IrevARXDdXNRkHDnD5yq+ZN5fCJ6ihZ9ojQR+n9yX5v94mS5/TWUiBps8 2Y0GFy6VFV0oiR0lpueJpbkzy8HepIv/jrGGfA1/QhNGxV28mW7PF03r6/6nQr3+pS2p hviA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=/LRKNY+7UN39/JfOe7fvGDFoGJjcJwLkqRasLbEzN0Y=; b=uP9BHszP1e9wqN7KJg+m8G6hSQsyS3iMIM7CVM0BCda6Q0MaFjrtODQssJInSaqaZU bFvdF6FaNtg3Xk5t12/6WyxreS8e6UUKkxLxC9UKP2yYIpYjdMMVYnAXQrfZdeXfMLb0 b9u6TSnHSQM5fN2jPUD1nsQ44G+ZV9pRa+77RojfYOfhULLols++3k4lrxXzhw9vGYon kor7m0/xsqAdFejEFPRnRVv6aWSi6SSkSSOe8GeNf8kPPiulrINR51VT8nJtkthH6vA4 AKW/UvQ9XXvC3x80j/lWicvTPgOSQDbh/mn7MuqAoELlbvQjeuRbfplHmN4t4nZ9xCtZ ewNg==
X-Gm-Message-State: AOAM533ZfGch0xWtc1GWUSsFPvuY41pWdO6PubrUADKnT8vC8ju7XY1k hy1FjobONXBiQQlQntBnRh4s6aLbyEDYZg==
X-Google-Smtp-Source: ABdhPJxu9lJOzwZb3W34gFv2WCSRGHGyUKqRiiGPMQO0S7HVH+ZQiqfWulgsx0qKbthMqxKbEvte6Q==
X-Received: by 2002:a17:902:ecc6:b029:12c:791d:261 with SMTP id a6-20020a170902ecc6b029012c791d0261mr15308733plh.55.1627934430274; Mon, 02 Aug 2021 13:00:30 -0700 (PDT)
Received: from ?IPv6:2406:e003:1188:5b01:80b2:5c79:2266:e431? ([2406:e003:1188:5b01:80b2:5c79:2266:e431]) by with ESMTPSA id o20sm14373371pgv.80.2021. (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 02 Aug 2021 13:00:29 -0700 (PDT)
To: tom petch <>, Erik Kline <>, "" <>, 6MAN <>
References: <> <29067.1626090045@localhost> <> <> <> <> <> <> <> <> <>
From: Brian E Carpenter <>
Message-ID: <>
Date: Tue, 03 Aug 2021 08:00:26 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [Cbor] changes in draft-ietf-cbor-network-addresses-05.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 02 Aug 2021 20:00:35 -0000

On 02-Aug-21 19:08, Jürgen Schönwälder wrote:
> Brian,
> let me see whether I understand your concern. You seem to be concerned
> that assigning the name "5" to an interface with interface index 7
> leads to an ambiguity. Well, thats likely true since we do not
> syntactically distinguish between the number 5 and the name "5". I
> would expect that implementations interpret fe80::1%5 as referring to
> interface 5 and not 7 (but this perhaps deserves to be clarified, if
> it is a number the number is interpreted as an interface index and not
> as an interface name). I assume the same 'ambiguity' may exist on CLI
> tools, I would have to go and try out what they actually do.

Michael Richardson already gave some examples for Linux. 
> Regarding your statement "Remotely, there is no way to know that on my
> Linux machine, %wlp2s0 and %3 are the same thing.", please note that
> applications having access to the IF-MIB or the ietf-interfaces YANG
> module or a proprietary API exposing interface information will
> understand how interface names map to interface indexes.

But not if the user has chosen to change some interface names, surely?
The mapping is not algorithmic in that case, and any names held
remotely in the management plane could be out of date. IMHO it remains
very inadvisable to export the names. I'd advocate making the use of
interface numbers mandatory rather than "canonical".

> /js
> On Mon, Aug 02, 2021 at 09:15:43AM +1200, Brian E Carpenter wrote:
>> On 01-Aug-21 23:30, Jürgen Schönwälder wrote:
>>> The description statements in RFC 6991 talk about a zone index, i.e.,
>>> they assume the zone index is numeric (which kind of follows from my
>>> reading of RFC 4007).
>>> The pattern is flexible enough to accept a string as well (e.g., an
>>> interface name). In other words, a server may accept 'fe80::1%lo0' as
>>> valid input on an edit-config put it will return 'fe80::1%0' on a
>>> get-config since the numeric zone index is the canonical format
>>> (assuming the lo0 interface has the interface index 0).
>> This still makes me uncomfortable. The zone identifier syntax definition.
>> in RFC4007 is pretty vague. If an implementer chooses to ignore the
>> SHOULD on page 16, it seems that a valid name for interface index 7
>> could be "6". That's why "canonical" is a bit weak. (Neither Windows
>> nor Linux allow anything that silly, of course.)
>> To be precise, consider these statements in RFC4007 page 16:
>>    An implementation SHOULD support at least numerical indices that are
>>    non-negative decimal integers as <zone_id>.
>>    ...
>>    An implementation MAY support other kinds of non-null strings as
>>    <zone_id>.
>>    ... the format MUST be used only within a
>>    node and MUST NOT be sent on the wire unless every node that
>>    interprets the format agrees on the semantics.
>> Remotely, there is no way to know that on my Linux machine,
>> %wlp2s0 and %3 are the same thing.
>>    Brian
>>> /js
>>> On Wed, Jul 28, 2021 at 10:00:23AM +1200, Brian E Carpenter wrote:
>>>> Jürgen,
>>>> We are not disagreeing. These are exactly the sort of use cases that 
>>>> motivate RFC6874 and RFC6874bis. 
>>>> But I have a question. In the management plane, do you think that the
>>>> zone index (an integer) is the item of interest, or a zone identifier
>>>> (a string)? The description at
>>>> only says that the numerical format is "canonical".
>>>> Regards
>>>>    Brian
>>>> On 28-Jul-21 09:07, Jürgen Schönwälder wrote:
>>>>> On Wed, Jul 28, 2021 at 08:04:16AM +1200, Brian E Carpenter wrote:
>>>>>> On 26-Jul-21 23:49, tom petch wrote:
>>>>>>> From: ipv6 <> on behalf of Brian E Carpenter 
>>>>>>> Sent: 25 July 2021 00:44
>>>>>>> There's an "interesting" issue there, especially for IPv6, which is 
>> that the interface ID (or "zone index", per RFC4007) has no meaning outside the host. So it really shouldn't need to be sent on the wire in normal 
>> circumstances.
>>>>>>> (The conversation around RFC6874bis is slightly relevant.)
>>>>>>> <tp>
>>>>>>> Brian
>>>>>>> As I may have said before, the YANG Types RFC6991 provides types for IPv4 and IPv6 addresses both with a zone index.  It also provides no-zone 
>>>> types with a suffix 'no-zone' on the type name.  I see evidence that 
>>>> authors of YANG modules do not realise that a reference to 'ip-address' per se is a reference to the format that includes the zone and so have specified that format in many if not most cases.  Thus it seems likely that many of the addresses on the wire are in the zone format, even if the zone is rarely present.  With hindsight, it might have been better to have specified 'ip-address' and 'ip-address-zone' rather than ip-address' and io-address-no-zone'.
>>>>>> Makes sense. The reply I just sent to Christian Amsüss probably 
>> applies to YANG too. Sending a zone index to another host is rarely meaningful or useful.
>>>>> YANG was designed for network management purposes and there are quite
>>>>> some use cases where communicating the zone index is somewhat essential:
>>>>> - If you want to debug a problem, you likely need to know to which
>>>>>   link a link-local address belongs.
>>>>> - If you want to generate statistics for protocols using link-local
>>>>>   addresses, you likely need to know to which links the link-local
>>>>>   addresses belongs.
>>>>> - If you want to configure a service to use a certain link-local
>>>>>   address on a certain link, you may have to include the proper zone
>>>>>   index.
>>>>> - If an IP address is used to index lists, things can fall apart if
>>>>>   you end up with duplicate link-local addresses on different links.
>>>>> Whether we should have picked different names for the types may be
>>>>> debatable but at the end it is the YANG module author's responsibility
>>>>> to pick the appropriate types.
>>>>> In other words, network management applications often need to be aware
>>>>> of zone indexes in order to do the right thing. This is different from
>>>>> end user applications (that usually have no topological awareness).
>>>>> /js
>>>> --------------------------------------------------------------------
>>>> IETF IPv6 working group mailing list
>>>> Administrative Requests:
>>>> --------------------------------------------------------------------
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> Administrative Requests:
>> --------------------------------------------------------------------