Re: [dhcwg] Next step(s) for draft-ietf-dhc-stable-privacy-addresses -> abandon work? / IA_NA applicability
Lorenzo Colitti <lorenzo@google.com> Wed, 15 April 2015 01:09 UTC
Return-Path: <lorenzo@google.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 665841B2AED for <dhcwg@ietfa.amsl.com>; Tue, 14 Apr 2015 18:09:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.388
X-Spam-Level:
X-Spam-Status: No, score=-1.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 98nE2k74Wttq for <dhcwg@ietfa.amsl.com>; Tue, 14 Apr 2015 18:09:55 -0700 (PDT)
Received: from mail-ie0-x22a.google.com (mail-ie0-x22a.google.com [IPv6:2607:f8b0:4001:c03::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F02961B2AEC for <dhcwg@ietf.org>; Tue, 14 Apr 2015 18:09:54 -0700 (PDT)
Received: by iejt8 with SMTP id t8so29588582iej.2 for <dhcwg@ietf.org>; Tue, 14 Apr 2015 18:09:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=0BSNwsxSmw9aCiiK9MxUmg0RJJo2u/B7+U8w6ZCLgHI=; b=oJNwBZ8+L8crTStOsB6/u+AYb55As+KEGBMcZK8w6Zxinj2GU2ls0pH7AZWDym2QRJ 4UX8whaPtnnPcVvIhOXbq5KjDMbZeI87m2VUKvrcN2n9f1OtswDTM1jdxBYw9+ZeRCJC SzwsNyFUGawgjGcmvGQ88m4b9e9zDJlDb4HP2W10hql0n1aKp2+sy9zBJg2YK7pZLrwX 9d0JhYURzzfIXv/h1bxeeniJ4mZSjJhftC0QUm2yR59HkWnLoIHIJ+ehv9XxBLaBHD7Q xZMh4LHSNIkQwlLxN9eerThYrN1EYdx362gLlxrV+7iiG9tRDAVzrYmrXSuC0a6hrZRt LAJQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=0BSNwsxSmw9aCiiK9MxUmg0RJJo2u/B7+U8w6ZCLgHI=; b=A0uXYiG9etfraUEzuO9xXv9KU1tGKLcGmRXQxmLESD+wLNB/KRFtuWoucYdoI6w3gc /umQXET6g0c7iF+uMYbggX0yyMtZieqn3S7OwygGWZnIM0ZIL2JyRxSTpPwtKFFm8cCB 0RHkgAAYu9K15hq2OvCDPc3cCa85rdqYH63KgdEA4JR7FG4s2J788gwoP66ERdMo7BvR qOdvfidtoNdZVeTzASrs/H9sHR0971YjoC5JgMWep3rsiftuIXej2dogwLnTlTK24R58 2NmAV40X/h+87RPOoPVdptR5EwfRMpp0+vi9pEv481Zyum7IWyxXo3e4fN3XXmWf+xTN WHbA==
X-Gm-Message-State: ALoCoQk9vXJLu7dLjg6iAe4HpWvIWsEVvEzOM9PMIHZp0T8aawMXJhAHylEajsPZ+dkt6pZ4EBQo
X-Received: by 10.42.207.206 with SMTP id fz14mr29137994icb.34.1429060194286; Tue, 14 Apr 2015 18:09:54 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.73.2 with HTTP; Tue, 14 Apr 2015 18:09:33 -0700 (PDT)
In-Reply-To: <552D6343.9050404@si6networks.com>
References: <489D13FBFA9B3E41812EA89F188F018E1CA32071@xmb-rcd-x04.cisco.com> <CAKD1Yr2Ztzoys+xKBzsEHU5hqJmfGpn-GeWPEqNCHRuWOTgsJQ@mail.gmail.com> <55250911.30100@si6networks.com> <CAKD1Yr0ojVmk-ctUO313zvAx01P=B-A2zVuwDm73+dLgVwDLOw@mail.gmail.com> <55250DF2.8050001@si6networks.com> <CAKD1Yr33wFmjjqjYu8YEpqYvnn=kh9oJhe1YAC7UEzacQFBaWg@mail.gmail.com> <55251EFA.4000204@si6networks.com> <CAKD1Yr0XK-DQkcJKwTYmiWzCzZs4pubCme9rAgoZ_ig-P5MgsQ@mail.gmail.com> <55253F14.6000706@si6networks.com> <CAKD1Yr0Q2634Rfw0_9NiU+-S_yfD2RwPs7uPWAbTuOADyx8bHg@mail.gmail.com> <5526B5F9.9090707@si6networks.com> <489D13FBFA9B3E41812EA89F188F018E1CA499A7@xmb-rcd-x04.cisco.com> <5526D45A.9020701@si6networks.com> <CAKD1Yr2g9sc8Y3URBMt=yNkD61-iG37rpNc5ZXJHjLfghD3KJA@mail.gmail.com> <5527FA77.5070301@si6networks.com> <CAKD1Yr3M0gbbbE6a=DfT1SW7jeXoHX1EQMbDagtF-+n13sAQ0w@mail.gmail.com> <552C679E.4020305@si6networks.com> <489D13FBFA9B3E41812EA89F188F018E1CA66028@xmb-rcd-x04.cisco.com> <552D6343.9050404@si6networks.com>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Wed, 15 Apr 2015 10:09:33 +0900
Message-ID: <CAKD1Yr1v7Rf+uKCcYwsCKkSTuRUegQVMuPDfefR71Xb836LqaA@mail.gmail.com>
To: Fernando Gont <fgont@si6networks.com>
Content-Type: multipart/alternative; boundary="20cf30426df63e7abf0513b901c1"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/2Cg9280eGdl86ytjwAQj1LGhewI>
Cc: "dhcwg@ietf.org" <dhcwg@ietf.org>, "Bernie Volz (volz)" <volz@cisco.com>
Subject: Re: [dhcwg] Next step(s) for draft-ietf-dhc-stable-privacy-addresses -> abandon work? / IA_NA applicability
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Apr 2015 01:09:56 -0000
On Wed, Apr 15, 2015 at 3:58 AM, Fernando Gont <fgont@si6networks.com> wrote: > That is true. In the first version of the I-D we didn't support ranges. > Now we do, and we should certainly put a huge warning that the address > space should be huge, or things don't work as expected. > Supporting stateless allocation in anything smaller than a /64 is harmful. You are creating the risk that people coming from outdated IPv4 assumptions will take a /112, think, "That's big enough for everyone, right? I only have a few hundred hosts. And I want to limit my subnet size to avoid these ND cache DoS attacks I've heard about," and get burned by the fact that there's a 50% chance of collision when there are 250 hosts in the network. Because your algorithm doesn't support collisions well, they'll be completely stuck. Before you argue that it makes sense to support stateless allocation when the subnet is "large enough" - how large is large enough? People used to fully-stateful IPv4 deployments with forced forwarding (e.g., large conference networks that force 1 IPv4 address = 1 MAC address and don't use broadcast ARP because the wifi chipset filters it out for them) may well do something like /96 (That's large enough, right? It's the size of the whole of the IPv4 Internet!) and put 20,000 hosts on it and fall over in the same way. Yes - large conferences like MWC do have 20k hosts on the same subnet. Also - if you change the range size, do all the addresses change? That would make it an even worse idea.
- [dhcwg] Next step(s) for draft-ietf-dhc-stable-pr… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… STARK, BARBARA H
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… 神明達哉
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Christian Huitema
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… 神明達哉
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont