Re: Objection to draft-ietf-6man-rfc4291bis-07.txt

Lorenzo Colitti <> Thu, 02 March 2017 10:19 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 66880129473 for <>; Thu, 2 Mar 2017 02:19:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, NORMAL_HTTP_TO_IP=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4fI90ey9KRvr for <>; Thu, 2 Mar 2017 02:19:56 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:400c:c08::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8480E129687 for <>; Thu, 2 Mar 2017 02:19:56 -0800 (PST)
Received: by with SMTP id q7so39314098uaf.2 for <>; Thu, 02 Mar 2017 02:19:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=uWDLw3w8YRgEf3vJmXmIchUaaZU7DxbEQ1YeuCvvRs4=; b=aurKZC4zoLBmXlPXqyi/TY/E3NWA1W18EVhX/uGjRURMIUvB4VSPxHtAR2g4LKq12r eSCH5ri+gn799S2kCLSyxRMLesDaS6lELcynJZqT/H0sv4ktNQGoL5v0O3uSXmJWRZXj KTtNd+5bDeMT2Ag8+njdnHGdE/6Iq6M6nKL2a6WxOaBAKo0uLTocuzaZXtAbW2bi3Qxd rhQvHzXFbwtjD+FHO34XONtI4APS6kOw6HvIcm6/Vmrc6Yq+nL+y8gtE+kFM9yLRu6SU ptmLmZfsXSoQhqqjz02liHEpIeGgX8T+O69gRZ8M5GieGOp6R6w7nsufCB0UuuicCUth EU7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=uWDLw3w8YRgEf3vJmXmIchUaaZU7DxbEQ1YeuCvvRs4=; b=bLW5XR0Z+KJNGZAVWXZCqfpgg3I0eQzIDKXEYaRJgCoK6nkwQxRgyI4pe1DYgk7JA5 Ix4asrzugx2tqh+Tb7VqBmUQEdTohUMwwvVQAUdKkqUa0plLdNCMV2fDbGfqQWT4mLWA +e72gLbSU61Gw1SL5axSHmR5tAMyW9KUO8GEIfLLzIDWAchN2G+/pr+qd3Tv3EfQfQJh gJ+jSv2yHkTZOyys5a8lRr026YzHMvMZ1muw+I8LKZWt1S4WcDfNt/OT6Z87LZmbImlI n+DcgFI0a5pHkA3P7jM6MDVtm/R09fZ+NjnjPslzsxi7SM+WCfN4vdouYRyMC1Z/faru 000w==
X-Gm-Message-State: AMke39nk7EvsPwB5jS3cZ5bJslw8x2xenrIjFlzcM+xYCZp2cc9MbO8gDTy5Z2TzdZdNflP3nKQW+9kdmtys33gS
X-Received: by with SMTP id a4mr6856568uaf.171.1488449995209; Thu, 02 Mar 2017 02:19:55 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Thu, 2 Mar 2017 02:19:34 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <>
From: Lorenzo Colitti <>
Date: Thu, 2 Mar 2017 19:19:34 +0900
Message-ID: <>
Subject: Re: Objection to draft-ietf-6man-rfc4291bis-07.txt
To: Tore Anderson <>
Content-Type: multipart/alternative; boundary=f403045ee7783b4be60549bcc51b
Archived-At: <>
Cc: 6man WG <>, james woodyatt <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 02 Mar 2017 10:19:58 -0000

On Thu, Mar 2, 2017 at 6:52 PM, Tore Anderson <> wrote:

> 1) 2001:db8::
> 2) 2001:db8::
> 3) 2001:db8::
> These are all in the same /64 but if these tree hosts assume the /120
> prefix length is incorrect and "helpfully correct" it to /64, then they
> can no longer communicate with each other.

I think you and I have already covered this case. I don't see how we can
define the IID in any meaningful way for RFC 6052 addresses. In the limited
case of /96 it might work, but in the general case it won't.

Consider a translation prefix of 2001:db8::/56. In this case
becomes (I think) 2001:db8:0:c0:2:100::/80. But if you configure
2001:db8:0:c0:2:100::/80 on an interface, that really won't work the way
you'd like it to. For example, suppose the node gets a packet whose
destination address is 2001:db8:0:c0:2:100::1. It won't match any of the IP
addresses configured it on the system. So it will either drop it, forward
it on-link (if L=1) or forward it back to the router it came from,
potentially causing a routing loop.

So really, you can't express this type of configuration using only an IPv6
address and a prefix length, because they don't provide enough information
to do that. "2001:db8:0:c0:2:100::/80" by itself is not enough: you need
one more piece of information, which is the length of the NAT64 prefix.

As I said before, I think we should have an exception for IPv6 addresses
where the only non-zero bits in the IID are an IPv4 address. Those aren't
really IPv6 addresses anyway, they're just convenient representations for
IPv4 addresses.