Re: [dhcwg] Next step(s) for draft-ietf-dhc-stable-privacy-addresses -> abandon work? / IA_NA applicability
Fernando Gont <fgont@si6networks.com> Wed, 15 April 2015 16:35 UTC
Return-Path: <fgont@si6networks.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 791131B3626 for <dhcwg@ietfa.amsl.com>; Wed, 15 Apr 2015 09:35:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ga2cVae2wL0m for <dhcwg@ietfa.amsl.com>; Wed, 15 Apr 2015 09:35:12 -0700 (PDT)
Received: from web01.jbserver.net (web01.jbserver.net [IPv6:2a00:8240:6:a::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F6611B362B for <dhcwg@ietf.org>; Wed, 15 Apr 2015 09:35:12 -0700 (PDT)
Received: from cl-1071.udi-01.br.sixxs.net ([2001:1291:200:42e::2]) by web01.jbserver.net with esmtpsa (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.85) (envelope-from <fgont@si6networks.com>) id 1YiQHO-0006tc-B4; Wed, 15 Apr 2015 18:35:10 +0200
Message-ID: <552E9307.6010205@si6networks.com>
Date: Wed, 15 Apr 2015 13:34:15 -0300
From: Fernando Gont <fgont@si6networks.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Lorenzo Colitti <lorenzo@google.com>
References: <489D13FBFA9B3E41812EA89F188F018E1CA32071@xmb-rcd-x04.cisco.com> <CAKD1Yr0ojVmk-ctUO313zvAx01P=B-A2zVuwDm73+dLgVwDLOw@mail.gmail.com> <55250DF2.8050001@si6networks.com> <CAKD1Yr33wFmjjqjYu8YEpqYvnn=kh9oJhe1YAC7UEzacQFBaWg@mail.gmail.com> <55251EFA.4000204@si6networks.com> <CAKD1Yr0XK-DQkcJKwTYmiWzCzZs4pubCme9rAgoZ_ig-P5MgsQ@mail.gmail.com> <55253F14.6000706@si6networks.com> <CAKD1Yr0Q2634Rfw0_9NiU+-S_yfD2RwPs7uPWAbTuOADyx8bHg@mail.gmail.com> <5526B5F9.9090707@si6networks.com> <489D13FBFA9B3E41812EA89F188F018E1CA499A7@xmb-rcd-x04.cisco.com> <5526D45A.9020701@si6networks.com> <CAKD1Yr2g9sc8Y3URBMt=yNkD61-iG37rpNc5ZXJHjLfghD3KJA@mail.gmail.com> <5527FA77.5070301@si6networks.com> <CAKD1Yr3M0gbbbE6a=DfT1SW7jeXoHX1EQMbDagtF-+n13sAQ0w@mail.gmail.com> <552C679E.4020305@si6networks.com> <489D13FBFA9B3E41812EA89F188F018E1CA66028@xmb-rcd-x04.cisco.com> <552D6343.9050404@si6networks.com> <CAKD1Yr1v7Rf+uKCcYwsCKkSTuRUegQVMuPDfefR71Xb836LqaA@mail.gmail.com>
In-Reply-To: <CAKD1Yr1v7Rf+uKCcYwsCKkSTuRUegQVMuPDfefR71Xb836LqaA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dhcwg/ZfmOUmXaWCW31aJOObj6I3LyV-Y>
Cc: "dhcwg@ietf.org" <dhcwg@ietf.org>, "Bernie Volz (volz)" <volz@cisco.com>
Subject: Re: [dhcwg] Next step(s) for draft-ietf-dhc-stable-privacy-addresses -> abandon work? / IA_NA applicability
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Apr 2015 16:35:13 -0000
On 04/14/2015 10:09 PM, Lorenzo Colitti wrote: > On Wed, Apr 15, 2015 at 3:58 AM, Fernando Gont <fgont@si6networks.com > <mailto:fgont@si6networks.com>> wrote: > > That is true. In the first version of the I-D we didn't support ranges. > Now we do, and we should certainly put a huge warning that the address > space should be huge, or things don't work as expected. > > Supporting stateless allocation in anything smaller than a /64 is harmful. > > You are creating the risk that people coming from outdated IPv4 > assumptions will take a /112, think, "That's big enough for everyone, > right? I only have a few hundred hosts. And I want to limit my subnet > size to avoid these ND cache DoS attacks I've heard about," and get > burned by the fact that there's a 50% chance of collision when there are > 250 hosts in the network. Because your algorithm doesn't support > collisions well, they'll be completely stuck. The only reason for which ranges are supported is such that you can reserve a small part of the address space for static allocations. Reserving ~100-1000 out of the 2**64 addresses is more than enough for that purpose, and does not affect the collision rate. > Before you argue that it makes sense to support stateless allocation > when the subnet is "large enough" - how large is large enough? People > used to fully-stateful IPv4 deployments with forced forwarding (e.g., > large conference networks that force 1 IPv4 address = 1 MAC address and > don't use broadcast ARP because the wifi chipset filters it out for > them) may well do something like /96 (That's large enough, right? It's > the size of the whole of the IPv4 Internet!) and put 20,000 hosts on it > and fall over in the same way. Yes - large conferences like MWC do have > 20k hosts on the same subnet. Sorry, I don't follow. I never argued in favor of non-/64 subnets. And, as noted above, the only reason for which our I-D supports ranges is so that you can reserver a tiny bit of the address space for static allocations. That's it. > Also - if you change the range size, do all the addresses change? That > would make it an even worse idea. They don't. It's the Prefix that we include in F(). -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- [dhcwg] Next step(s) for draft-ietf-dhc-stable-pr… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… STARK, BARBARA H
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… 神明達哉
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Christian Huitema
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… 神明達哉
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Bernie Volz (volz)
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Lorenzo Colitti
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Ted Lemon
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont
- Re: [dhcwg] Next step(s) for draft-ietf-dhc-stabl… Fernando Gont