IETF Logo Mail Archive

Re: Link addressing

Erik Nordmark <nordmark@acm.org> Thu, 27 March 2014 18:20 UTC

Return-Path: <nordmark@acm.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17D571A0729 for <ipv6@ietfa.amsl.com>; Thu, 27 Mar 2014 11:20:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YH7XNrlveKPn for <ipv6@ietfa.amsl.com>; Thu, 27 Mar 2014 11:20:54 -0700 (PDT)
Received: from d.mail.sonic.net (d.mail.sonic.net [64.142.111.50]) by ietfa.amsl.com (Postfix) with ESMTP id C300D1A0724 for <ipv6@ietf.org>; Thu, 27 Mar 2014 11:20:54 -0700 (PDT)
Received: from [172.22.38.33] ([12.154.11.242]) (authenticated bits=0) by d.mail.sonic.net (8.14.4/8.14.4) with ESMTP id s2RIH87t032106 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 27 Mar 2014 11:17:09 -0700
Message-ID: <53346B24.4000106@acm.org>
Date: Thu, 27 Mar 2014 11:17:08 -0700
From: Erik Nordmark <nordmark@acm.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Ole Troan <otroan@employees.org>, Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
Subject: Re: Link addressing
References: <E2C06D73-99FF-42B5-A3BE-337C307BCB0E@gmail.com> <84411F3C-455C-4382-88E2-8EE397A907B9@gdt.id.au> <0E222788-7CDA-4962-B03B-BD069956A471@employees.org> <5AFA59A4-A4F1-48C4-B402-0CAA1E752ED1@gdt.id.au> <862E0FF1-09B6-46DE-83E2-BA3AF3512895@employees.org> <1395734236.95811.YahooMailNeo@web162205.mail.bf1.yahoo.com> <242C4677-874B-463B-BB67-AE6EA1E6BF38@employees.org>
In-Reply-To: <242C4677-874B-463B-BB67-AE6EA1E6BF38@employees.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Sonic-ID: C;oJdTAty14xGaDtKVOBdzQA== M;MmR8Aty14xGaDtKVOBdzQA==
Archived-At: http://mailarchive.ietf.org/arch/msg/ipv6/-9uufdCBqtnx4jDqpCWWYd2UKgo
Cc: 6man WG <ipv6@ietf.org>, RJ Atkinson <rja.lists@gmail.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Mar 2014 18:20:56 -0000

On 3/25/14 2:00 AM, Ole Troan wrote:
> Mark,
>
> [...]
>
>>> routers (as defined in RFC4861) don't autoconfigure addresses using SLAAC.
>>> that's a host function.
>> Being pedantic, the SLAAC RFC (RFC4862) says that "it is expected that routers will generate link-local addresses using the mechanism described in this document."
> perhaps we need better terminology here. it is useful to have a distinction between addresses that are formed based on appending an interface-identifier to a well-known prefix (link-local) or manually configured prefix, and how an address is formed based on receiving a /64 prefix in an RA and forming an address from that.
>
> I prefer to use the term SLAAC for the latter. i.e. a host following the procedure in RFC4862 section 5.5.
Ole,

Agreed that the terminology we have isn't detailed enough to cover the 
finer details. It makes using SLAAC to refer to the reception of a 
prefix in a PIO with A=1. That leaves link-local address formation out 
of that definition.

We have some IID assignment and generation (modified EUI-64, static 
assignment, CGA, stable-privacy).
Then we have some set of prefixes that are already known on the router 
(fe80::/64, and also prefixes the router is configured to advertise to 
others for SLAAC).

I don't know how folks have implemented this on routers.
When we implemented this in Solaris it seemed helpful (even on a Solaris 
box configured as a router) to configure the IID separately (or get it 
from the MAC address), and then by default form the router's global 
addresses based on the prefixes the router is configured to advertise 
for SLAAC. (But NOT do anything with prefixes received in PIOs.)

The alternative would be to configure the router's advertised prefixes 
separately from the global addresses assigned to the router's 
interfaces, and that might be what other implementations do.

    Erik

>
>> The question I've wondered a bit about is what is the common operational or implementation practice when configuring manual addresses on routers.
>>
>> For people who configure static addresses on router interfaces, do they actively switch SLAAC off for either individual prefixes, or for the whole interface? Switching SLAAC off for the whole interface means that if there is no static LL address, then the interface doesn't comply with the RFC4291 requirement for all IPv6 interfaces to have an LL address, and can't use any functions/protocols that rely on LLs. An interface probably shouldn't be able to be used for IPv6 if there are no LL addresses present.
> I don't understand what you mean by "switching SLAAC off" on an interface. on a router does that mean sending RAs with the A-flag in PIO off? or do you mean that a link-local or global address isn't formed based on an automatically generated interface-id (EUI-64, privacy, stable, ...)?
>
>> Alternatively, if SLAAC is left enabled for the LL prefix, then there is likely to now be two LLs on the interface. Static configuration of an LL address would usually indicate preference for its use for all LL traffic over the SLAAC LL address, which may be a problem, because IIRC, RFC6724 doesn't place any preference for static addresses over SLAAC addresses.
> typically applications using link-local addresses, do their own source address selection.
>
> for the implementation I'm most familiar with, we only allow a single link-local address per interface. by default that's based on the modified EUI-64 interface-identifier, but it can be manually set to whatever you like.
> the same for global addresses. including a short-hand for specifying the length of the on-link prefix.
>
> there is nothing stopping an implementation having multiple link-locals for an interface, e.g. there was at some point someone advocating that every global address should have a corresponding link-local. it isn't clear what the benefit of having multiple link-locals on an interface would be though.
>
> cheers,
> Ole
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email