IETF Logo Mail Archive

Re: [Ila] [5gangip] Fwd: New Version Notification for draft-herbert-ipv6-prefix-address-privacy-00.txt

Dino Farinacci <farinacci@gmail.com> Thu, 22 February 2018 04:13 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: ila@ietfa.amsl.com
Delivered-To: ila@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47FE2124B0A; Wed, 21 Feb 2018 20:13:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QpXKuKlV5KX8; Wed, 21 Feb 2018 20:13:15 -0800 (PST)
Received: from mail-pf0-x234.google.com (mail-pf0-x234.google.com [IPv6:2607:f8b0:400e:c00::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1FC012E8D7; Wed, 21 Feb 2018 20:13:14 -0800 (PST)
Received: by mail-pf0-x234.google.com with SMTP id z14so1611249pfe.10; Wed, 21 Feb 2018 20:13:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=K/Bj8d/xNlWROAhgBlYd1UrKk4TGvXPiLgOSLdsPa1A=; b=W6QluSaKNN792gObA7abtN4t90KPR16Es+L+IF8btd/gZtv059AvseSDqdXbz0ZrTS aPM6ARPjpkKFsqO5bErVZgSowEkWMRUJq+SxSbvVNEyd6sMm6plOMspqBmvz8lbhLUV1 a/Yrxj5qk31JMXtMqPmtIb9XxIvsJkhqikl2e0h5ZBguiH9cbWxK+4BEDkdj7AMpif7e n5au1C9wRaXXGuR0f6g2j5qqNs5i0upKkT4srFgxo13ct8sycA2Lp7DV6xKz4vvU9IrF sJpl4HGnEl36TEGKxXc1klvLAY9Ic1QV33mNH8wNmYODXKRkZJd8aKZV54avMqBGx3Vj aObg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=K/Bj8d/xNlWROAhgBlYd1UrKk4TGvXPiLgOSLdsPa1A=; b=DzKlYjlGlp92AiMkfupbCBT8CWEqDUdJ7Dy+g61Ev3NEi+/gpJ5uSk6G81DZC1eyDg hk5lu3+rh5bAP1uxIlbC/c0BGmHFvrtmVoiU6VTI2ZJqzN8xikEQnuFR9LubAQblXf7B 14/cAoXjMJebJSLN9N+5t9jxHYI8JNFz3GVkbbytmpq0ciiOtMLSmiJRT4hkY3BSMAXn gnnHHgvOBElNbwXUJjHW+vGkcuMXEAjBjl4o53BTaWDzoU7QSZ+MFsUH/mpWxHALpOyW /l3RZK/4+0lpaIYjGO91FxAcefCwaVZLK1qGcZEQ2BIegnr4Yx/8T8LMwjkYgtZVq9JS 6APw==
X-Gm-Message-State: APf1xPDvgbBYqUeOZXx3G4xUQaxtLxjliq6DMDZYIjDIzv2ZzaS3QyMp ekEz1dCehrRgd3ZaU3YsbuU=
X-Google-Smtp-Source: AH8x224+Z9x7/oIZ5F4FSi9nvso2x/N8skf2/hytLrWe1191aySHrlzO+Z8rozziD8Gj95LzsxiIoA==
X-Received: by 10.98.18.70 with SMTP id a67mr5520946pfj.213.1519272794086; Wed, 21 Feb 2018 20:13:14 -0800 (PST)
Received: from dino-macbook.wp.comcast.net (173-8-188-29-SFBA.hfc.comcastbusiness.net. [173.8.188.29]) by smtp.gmail.com with ESMTPSA id 12sm73508094pfr.147.2018.02.21.20.13.12 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Feb 2018 20:13:12 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: Dino Farinacci <farinacci@gmail.com>
In-Reply-To: <CAKD1Yr3p0P3zC_QFzQrGKAh+0eO3-rTG6_ZkWsO36dFHmk8rfQ@mail.gmail.com>
Date: Wed, 21 Feb 2018 20:12:57 -0800
Cc: Tom Herbert <tom@quantonium.net>, int-area@ietf.org, ila@ietf.org, 5GANGIP <5gangip@ietf.org>, Mikael Abrahamsson <swmike@swm.pp.se>
Content-Transfer-Encoding: quoted-printable
Message-Id: <71A0B6CB-ADF2-4D76-9DA5-6BC350AA75A8@gmail.com>
References: <151906718318.18731.8986618406430268357.idtracker@ietfa.amsl.com> <CAPDqMeqajavRJ85fUkrdxg1Bjz54kHuWfqbnGgpM7Br7T6MVmQ@mail.gmail.com> <alpine.DEB.2.20.1802211549260.3478@uplift.swm.pp.se> <CAPDqMerU9k4DEQrMi8qyneYB=i=1qnuwRiUf8FQoGrd_QxUmZQ@mail.gmail.com> <alpine.DEB.2.20.1802211654010.3478@uplift.swm.pp.se> <CAPDqMepCnAniuCFPu+TGPJ=qOO9khXUJw3RECPvPDtU8HEAOxw@mail.gmail.com> <CAKD1Yr3p0P3zC_QFzQrGKAh+0eO3-rTG6_ZkWsO36dFHmk8rfQ@mail.gmail.com>
To: Lorenzo Colitti <lorenzo@google.com>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ila/tDB3hESbVkhMs67MpsYSc5tjRsY>
Subject: Re: [Ila] [5gangip] Fwd: New Version Notification for draft-herbert-ipv6-prefix-address-privacy-00.txt
X-BeenThere: ila@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Identifier Locator Addressing <ila.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ila>, <mailto:ila-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ila/>
List-Post: <mailto:ila@ietf.org>
List-Help: <mailto:ila-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ila>, <mailto:ila-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Feb 2018 04:13:24 -0000

The Internet works today with billions of nodes connected. Why is that? Because not all of them are in single routing hardware. I realize aggregation allows for billions of individual addresses, but let’s compare this to DNS where an entry equals an individual address.

Maybe “mapping entries globally” does not equal “mapping entries in a given table”.

Dino

> On Feb 21, 2018, at 7:38 PM, Lorenzo Colitti <lorenzo@google.com> wrote:
> 
> On Thu, Feb 22, 2018 at 10:51 AM, Tom Herbert <tom@quantonium.net> wrote:
> The hidden aggregation method is intended to make scaling possible.
> Each assigned block results in on entry in mapping system so total
> amount of state is num_hosts*num_blocks per host. e.g. in a network of
> 10M nodes with 100 blocks per host that's 1B entries in the mapping
> system-- should be able to scale that.
> 
> I have a fundamental problem with the assertion "should be able to scale to 1B mapping entries" given that a) current routing hardware capabilities are three orders of magnitude away from that, and b) anyone on the Internet can mount a state exhaustion attack on the mapping system simply by originating a packet to any IPv6 address in the domain.
> 
> Personally I don't think this work should progress until we have line of sight to a system that can actually do that.
> _______________________________________________
> 5gangip mailing list
> 5gangip@ietf.org
> https://www.ietf.org/mailman/listinfo/5gangip

v2.23.0 | Report a Bug | By Email