Re: IPv6 Link Local Addresses
Alexandre Petrescu <alexandre.petrescu@gmail.com> Sat, 15 June 2019 15:34 UTC
Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93A21120041 for <ipv6@ietfa.amsl.com>; Sat, 15 Jun 2019 08:34:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.632
X-Spam-Level:
X-Spam-Status: No, score=-2.632 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id baeSx9TIMHO5 for <ipv6@ietfa.amsl.com>; Sat, 15 Jun 2019 08:34:35 -0700 (PDT)
Received: from oxalide-smtp-out.extra.cea.fr (oxalide-smtp-out.extra.cea.fr [132.168.224.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EFB5D12001B for <ipv6@ietf.org>; Sat, 15 Jun 2019 08:34:34 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by oxalide-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id x5FFYWoo182635; Sat, 15 Jun 2019 17:34:32 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 1EC98202610; Sat, 15 Jun 2019 17:34:32 +0200 (CEST)
Received: from muguet2-smtp-out.intra.cea.fr (muguet2-smtp-out.intra.cea.fr [132.166.192.13]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 10805200BA8; Sat, 15 Jun 2019 17:34:32 +0200 (CEST)
Received: from [132.166.86.23] ([132.166.86.23]) by muguet2-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id x5FFYVui012825; Sat, 15 Jun 2019 17:34:31 +0200
Subject: Re: IPv6 Link Local Addresses
To: Gyan Mishra <hayabusagsm@gmail.com>
References: <DM6PR15MB2506E62560613C85F74A1FF8BB100@DM6PR15MB2506.namprd15.prod.outlook.com> <CALx6S36vVpD9bAPSBQmhV+daR0Yr4heQ-LaiB4hABAs8ofVfNQ@mail.gmail.com> <DM6PR15MB25063BAF058C1825E2B63E30BB130@DM6PR15MB2506.namprd15.prod.outlook.com> <CAKQ4NaW-QRZDO52zDZTSqz_MsfrS1uQHdz6zFjo+gXvtYVnFxA@mail.gmail.com> <DM6PR15MB2506E06165EA22E66BBB9524BB130@DM6PR15MB2506.namprd15.prod.outlook.com> <7E03089C-8429-4B56-96D6-441490C850B2@gmail.com> <B3D43A45-5E90-4D04-BA64-17150EE6D2AA@gmail.com> <0138C92A-A95A-488D-8851-9F3227D2B8B8@employees.org> <CABNhwV1hy5S-GUK-MY7OcudaYJB0j1PVgF1CG6cGa7s7Qez63w@mail.gmail.com> <C278A105-13D3-4035-AB6E-785A8E2C095D@employees.org> <CABNhwV2848Csn=5xy29Rbe_4E1fD0HSeXonBY4M+=21cK11GOA@mail.gmail.com> <CAKQ4NaWTO=+aHSmBdBZv_Op0zD6iffExAHvOgzNFp5QVhahQiw@mail.gmail.com> <70B40D57-4162-4A13-AAC8-CE11E9E7BE5B@gmail.com>
Cc: 6man WG <ipv6@ietf.org>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <83ea9bad-3d83-4fd1-9b8d-f61acfb142f9@gmail.com>
Date: Sat, 15 Jun 2019 17:34:31 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0
MIME-Version: 1.0
In-Reply-To: <70B40D57-4162-4A13-AAC8-CE11E9E7BE5B@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/4hrNW3tdyxcuLyYb8_mR7PTq5Yw>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Jun 2019 15:34:39 -0000
Le 12/06/2019 à 23:08, Gyan Mishra a écrit : > Hi Alex > > In your next update can you add comment about mix vendor I can add it. We already have something about mixed vendor interop, but I can add more. Also, I wonder whether there can be some perspective for this draft, and how. Alex > interoperability in that today not all vendors abide by the RFC 4291 > which has happed day 1 by Cisco and you mentioned another Linux flavor > as well but now the major use case benefit the draft provides is mix > vendor interoperability with vendors that don’t follow the RFC as > written today and those that do which is a huge impetus for this change > as well as allows the next hop for OSPF and ISIS to now be intuitive. > The gain in the intuitive next hops is deciding of the default EUI64 > iid multi step process which having an intuitive next hop is the > advertising node from which routes have been learned is known > immediately similar to IPv4. > > With respect to going to the vendor to change their behavior to follow > the RFC is not necessarily the issue as being able to modify the all 0s > subnet portion of the LL is a benefit for Cisco to Cisco networks so > there is no reason for that to change as the next hop is now 100% > intuitive as is with IPv4 in that regard and only mix environments do we > have to follow the RFC for neighbor adjacencies to form. > > Which really is the major reason that the draft I think really should > get consensus approval from the WG to move forward. > > Thank you > > Gyan > > Sent from my iPhone > > On Jun 12, 2019, at 2:37 PM, Yucel Guven <yucel.guven@gmail.com > <mailto:yucel.guven@gmail.com>> wrote: > >> I agree with Ole. >> >> >> Referring with the setups in the Lab. with Cisco, or Nokia, or other >> vendors >> >> should not be taken as a reference or criteria to change the standards. >> >> This type of software modifications are generally called as 'DCR, >> Design Change Request', >> >> and requires modification/tailoring of the device software with >> respect to >> >> what customer requests from vendors. >> >> >> On Wed, Jun 12, 2019 at 6:43 PM Gyan Mishra <hayabusagsm@gmail.com >> <mailto:hayabusagsm@gmail.com>> wrote: >> >> Hi Ole >> >> My reasoning which I gave Alex in assisting in authoring the draft >> as what I implemented with my IPv6 customers as our deployment >> standard was to have an intuitive link local for next hop >> adjacencies which we embedded the global unicast into the link >> local after the :: but what happened in the original >> implementation 16 bits bled over into the all 0s portion of link >> local and the ospf adjacencies would not come up with a Citrix >> Netscaler lb in 2 arm setup so we went back to our standard >> realized that Citrix was following the rfc 4291 and CISCO was not >> so we had to update our deployment standard to follow the rfc for >> mixed vendor environment. >> >> So in this case as some vendors like CISCO chose not to follow the >> rfc while others do for the use case of intuitive next hop is the >> reason to change the rfc so that the entire global unicast address >> can be embedded into the link local and the 16bit or more fields >> don’t have to be shaved off making the goal of intuitive next hop >> slightly better but still not as desired with the restriction of >> the all Os field not allowed to be used. >> >> Gyan >> >> On Wed, Jun 12, 2019 at 12:27 PM Ole Troan <otroan@employees.org >> <mailto:otroan@employees.org>> wrote: >> >> Hi Gyan, >> >> > I went through this test in the lab a few months ago about >> verifying across all Cisco platforms if you can specify non >> zero values in the all 0's field in the Link Local prefix >> hardcoding the prefix and if the OSPF neighbor would come up >> and it did come up in an all Cisco environment. >> > >> > So the main thing this draft accomplishes in my opinion and >> I think is necessary gap that it is fixing is interoperability >> between vendors for the use case of making the link local >> intuitive for the next hop by embedding the entire global >> unicast address into the iid & 54 bit 0s field. >> > >> > Cisco happens to all the Link Local to be set and set all >> the 0s in the prefix fe80::/10 up to 64 which is a violation >> of the RFC but it does allow on all platforms and all codes. >> I think we found that some unix flavors allow the same. >> >> Bias warning: I was heavily involved in one of the >> implementations you mention and the choice of how to implement >> link-local addresses. >> >> That one vendor has chosen to allow the operator to chose if >> she wants to override the RFC behaviour, isn't in my view an >> argument for why we should change the standards. >> >> Cheers, >> Ole >> >> >> > >> > So now the change to the RFC 4291 is making it official that >> it now can be allowed across all platforms to help with mixed >> vendor environments where you can now embedd the entire global >> unicast address into the station id making the default EUI64 >> station-id now intuitive. >> > >> > >> https://datatracker.ietf..org/doc/html/draft-petrescu-6man-ll-prefix-len >> <https://datatracker.ietf.org/doc/html/draft-petrescu-6man-ll-prefix-len> >> >> > **This is a copy/paste from a test I did in the lab a few >> months ago to prove my point** >> > >> > I did a test in the lab for that one use case of making the >> default link local EUI64 more intuitive in the lab and Id id a >> worst case scenario test populating all the 16 bit nibbles and >> all hex digits within each nibble so no :: 0's compression on >> a Cisco IOS XE router running 16.x code and confirmed the OSPF >> neighbor still comes up even though the entire 54 bit all 0's >> field per the RFC is populated in effect violating the current >> RFC but because its like-like intra-vendor the OSPF adjacency >> forms. >> > >> > So I have tested this concept and it works across all Cisco >> platforms IOS, XE, XR, NXOS that you can populate the entire >> 54 bit all 0's field.. >> > >> > So the big caveat with this and justification for this draft >> is "mix vendor" environment inter-operability" which is one of >> the reasons for the IETF and to have RFC's and standards that >> allows any device from any vendor to communicate that supports >> the RFC. I think that is a MAJOR point to add to the >> justification behind the draft in the use cases where on a >> managed IPv6 network that the administrator can now hardcode >> the IPv6 address fully populating entire 54 bit subnet-id & >> station-id and routing protocols will now work and OSPF, ISIS, >> EIGRP adjacency can now work in a mix vendor environment. >> > >> > R1 >> > ipv6 addr fe80:1111:1111:1111:1111:1111:1111:1111 link-local >> > >> > R2 >> > ipv6 addr fe80:1111:1111:1111:1111:1111:1111:2222 link-local >> > >> > R1#sh ipv6 ospf nei >> > >> > OSPFv3 Router with ID (1.1.1.1) (Process ID 6000) >> > >> > Neighbor ID Pri State Dead Time Interface >> ID Interface >> > 2.2.2.2 1 FULL/DR 00:00:35 18 >> GigabitEthernet1/0/2 >> > >> > R1#sh ipv6 ospf int g1/0/2 >> > GigabitEthernet1/0/2 is up, line protocol is up >> > Link Local Address >> FE80:1111:1111:1111:1111:1111:1111:1111, Interface ID 18 >> > Area 2.2.2.2, Process ID 6000, Instance ID 0, Router ID >> 1.1.1.1 >> > Network Type BROADCAST, Cost: 1 >> > SHA-1 authentication SPI 666661, secure socket UP (errors: 0) >> > Transmit Delay is 1 sec, State BDR, Priority 1 >> > Designated Router (ID) 2.2.2.2, local address >> FE80:1111:1111:1111:1111:1111:1111:2222 >> > Backup Designated router (ID) 1.1.1.1, local address >> FE80:1111:1111:1111:1111:1111:1111:1111 >> > Timer intervals configured, Hello 10, Dead 40, Wait 40, >> Retransmit 5 >> > Hello due in 00:00:03 >> > Graceful restart helper support enabled >> > Index 1/5/14, flood queue length 0 >> > Next 0x0(0)/0x0(0)/0x0(0) >> > Last flood scan length is 2, maximum is 9 >> > Last flood scan time is 0 msec, maximum is 1 msec >> > Neighbor Count is 1, Adjacent neighbor count is 1 >> > Adjacent with neighbor 2.2.2.2 (Designated Router) >> > Suppress hello for 0 neighbor(s) >> > >> > R2#sh ipv6 ospf nei >> > >> > OSPFv3 Router with ID (2.2.2.2) (Process ID 6000) >> > >> > Neighbor ID Pri State Dead Time Interface >> ID Interface >> > 1.1.1.1 1 FULL/BDR 00:00:37 18 >> GigabitEthernet1/0/2 >> > >> > R2#sh ipv6 ospf int g1/0/2 >> > GigabitEthernet1/0/2 is up, line protocol is up >> > Link Local Address >> FE80:1111:1111:1111:1111:1111:1111:2222, Interface ID 18 >> > Area 2.2.2.2, Process ID 6000, Instance ID 0, Router ID >> 104.255.32.2 >> > Network Type BROADCAST, Cost: 1 >> > SHA-1 authentication SPI 666661, secure socket UP (errors: 0) >> > Transmit Delay is 1 sec, State DR, Priority 1 >> > Designated Router (ID) 2.2.2.2, local address >> FE80:1111:1111:1111:1111:1111:1111:2222 >> > Backup Designated router (ID) 1.1.1.1, local address >> FE80:1111:1111:1111:1111:1111:1111:1111 >> > Timer intervals configured, Hello 10, Dead 40, Wait 40, >> Retransmit 5 >> > Hello due in 00:00:05 >> > Graceful restart helper support enabled >> > Index 1/5/14, flood queue length 0 >> > Next 0x0(0)/0x0(0)/0x0(0) >> > Last flood scan length is 0, maximum is 7 >> > Last flood scan time is 0 msec, maximum is 1 msec >> > Neighbor Count is 1, Adjacent neighbor count is 1 >> > Adjacent with neighbor 1.1.1.1 (Backup Designated Router) >> > Suppress hello for 0 neighbor(s) >> > >> > >> > On Tue, Jun 11, 2019 at 4:44 AM Ole Troan >> <otroan@employees.org <mailto:otroan@employees.org>> wrote: >> > >> This means that link local addresses have a 10 bit prefix >> (1111111010) followed by 54 bits of zeros. That is it, >> nothing more. Address with different prefixes or with a >> 1111111010 prefix followed by non-zero 54 bits are not link >> local addresses. >> > >> >> > >> This is not ambiguous. >> > > >> > > So if an application asks my implementation to send a >> packet addressed to fe80:1::1 out a particular link what >> should the implementation do with it? It seems like there are >> only 3 choices: >> > > >> > > 1. Run ND on that link to see if it can find a neighbor >> there with that address to send the packet to. >> > > >> > > 2. Send the packet to the current default router. >> > > >> > > 3. Something else (what?). >> > > >> > > I had though 1. was the answer since that is what is done >> with packets addressed to link-local unicast destinations >> (which is what that address is according to RFC4191 section >> 2.4), but that now seems to be ambiguous. >> > >> > Let me illustrate with a typical per-interface FIB: >> > >> > fe80::/10 -> drop >> > fe80::/64 -> glean >> > fe80::abcd -> neighbor abcd >> > >> > Cheers, >> > Ole >> > >> -------------------------------------------------------------------- >> > IETF IPv6 working group mailing list >> > ipv6@ietf.org <mailto:ipv6@ietf.org> >> > Administrative Requests: >> https://www.ietf.org/mailman/listinfo/ipv6 >> > >> -------------------------------------------------------------------- >> > >> > >> > -- >> > Gyan S. Mishra >> > IT Network Engineering & Technology >> > Verizon Communications Inc. (VZ) >> > 13101 Columbia Pike FDC1 3rd Floor >> > Silver Spring, MD 20904 >> > United States >> > Phone: 301 502-1347 >> > Email: gyan.s.mishra@verizon.com >> <mailto:gyan.s.mishra@verizon.com> >> > www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT >> <http://www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT> >> > >> >> -- >> >> Gyan S. Mishra >> >> IT Network Engineering & Technology >> >> Verizon Communications Inc. (VZ) >> >> 13101 Columbia Pike FDC1 3rd Floor >> >> Silver Spring, MD 20904 >> >> United States >> >> Phone: 301 502-1347 >> >> Email: gyan.s.mishra@verizon.com <mailto:gyan.s.mishra@verizon.com> >> >> www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT >> <http://www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT> >> >> >> -------------------------------------------------------------------- >> IETF IPv6 working group mailing list >> ipv6@ietf.org <mailto:ipv6@ietf.org> >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >> -------------------------------------------------------------------- >>
- Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Bob Hinden
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Tom Herbert
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Sander Steffann
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Warren Kumari
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Fred Baker
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Karl Auer
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Bless, Roland (TM)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Fred Baker
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Tom Herbert
- Re: Is 1111 1110 10 equal to 0xfe80 or... Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or... James R Cutler
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Tom Herbert
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- IPv6 Link Local Addresses [was Re: Is 1111 1110 1… Bob Hinden
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Erik Kline
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Dennis Ferguson
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Ross Finlayson
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Ole Troan
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Fred Baker
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Dennis Ferguson
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Ole Troan
- Re: IPv6 Link Local Addresses Alexandre Petrescu
- Re: IPv6 Link Local Addresses Kerry Lynn
- Re: IPv6 Link Local Addresses Erik Kline
- Re: IPv6 Link Local Addresses Brian E Carpenter
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Gyan Mishra
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Ole Troan
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Gyan Mishra
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Yucel Guven
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Gyan Mishra
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Mark Smith
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Ola Thoresen
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Yucel Guven
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or Alexandre Petrescu
- Re: 1111 1110 10 equals 0xfe80 to 0xfebf Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or... Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: IPv6 Link Local Addresses Alexandre Petrescu
- Re: IPv6 Link Local Addresses Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Warren Kumari
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Warren Kumari
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Sander Steffann
- Re: 1111 1110 10 equals 0xfe80 to 0xfebf Simon Hobson
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Manfredi (US), Albert E
- Re: IPv6 Link Local Addresses Gyan Mishra
- Re: IPv6 Link Local Addresses Gyan Mishra
- Re: correct Alexandre Petrescu