Re: Extending a /64
Tony Whyman <tony.whyman@mccallumwhyman.com> Tue, 17 November 2020 17:20 UTC
Return-Path: <tony.whyman@mccallumwhyman.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11F6D3A0E01 for <ipv6@ietfa.amsl.com>; Tue, 17 Nov 2020 09:20:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G0LYK0YPHmSU for <ipv6@ietfa.amsl.com>; Tue, 17 Nov 2020 09:20:34 -0800 (PST)
Received: from mail2.mwassocs.co.uk (mail2.mwassocs.co.uk [IPv6:2a00:da00:1800:8030::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E8773A1613 for <ipv6@ietf.org>; Tue, 17 Nov 2020 09:19:42 -0800 (PST)
Received: from [IPv6:2a02:390:813f:1:69d0:fcb0:c90e:f108] ([IPv6:2a02:390:813f:1:69d0:fcb0:c90e:f108]) (authenticated bits=0) by mail2.mwassocs.co.uk (8.15.2/8.15.2/Debian-3) with ESMTPSA id 0AHHJcAg026517 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Tue, 17 Nov 2020 17:19:39 GMT
Subject: Re: Extending a /64
To: David Farmer <farmer@umn.edu>
Cc: 6man WG <ipv6@ietf.org>
References: <202011151920.0AFJKN9U003337@mail2.mwassocs.co.uk> <3d26bffe-b6c9-4ed7-6135-a515f9902fd7@gmail.com> <m1keOTi-0000EGC@stereo.hq.phicoh.net> <CAO42Z2wZkXryhw1u5WAFdtCvXHyyz1zeM22FP_gRxjurjsG-Jw@mail.gmail.com> <CAN-Dau2XTRJpR9S=ZXOXOD6PkxLTD7KAzN-CwoGhMUmSQTp0Zg@mail.gmail.com> <2b54eeb9-0b8a-8c29-11f9-e50673a7fb85@mccallumwhyman.com> <CAN-Dau0opvOAjOGn_UAg=3mzjxuoSUPS7_01gSGQH742z0zZKw@mail.gmail.com>
From: Tony Whyman <tony.whyman@mccallumwhyman.com>
Message-ID: <a784ef95-8e37-0ca6-ea42-163fe72ef8e2@mccallumwhyman.com>
Date: Tue, 17 Nov 2020 17:19:32 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <CAN-Dau0opvOAjOGn_UAg=3mzjxuoSUPS7_01gSGQH742z0zZKw@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------20EC79865D7FA31CB37AA02C"
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/97FjsEwCM2t4Rt_psTduR-KIWgQ>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Nov 2020 17:20:37 -0000
On 17/11/2020 15:48, David Farmer wrote: > > > On Tue, Nov 17, 2020 at 3:44 AM Tony Whyman > <tony.whyman@mccallumwhyman.com > <mailto:tony.whyman@mccallumwhyman.com>> wrote: > > On 17/11/2020 02:55, David Farmer wrote: > > ou mention that airplanes can fall out of the sky, it would be > really > > bad if an airplane every fell out of the sky, or collided with > another > > airplane, because of an address conflict. > > I should probably make it clear that irrespective of whatever > addressing > plan we come up with - this will never happen. There is strength in > depth in the system. > > I don't actually think something as simple as an address conflict > would ever be the primary cause of an aircraft incident. However, it > is not that difficult to conceive of situations where such an address > conflict, causing a communication failure, could be a contributory > cause to an incident. If you combined a communications outage with > multiple other human or systems failures it is difficult to exclude > the possibility of such an issue being a contributory cause of an > incident. So, it would seem inappropriate to have an addressing scheme > like ULA were the possibility, however small, of an address conflict > is part of normal operation. > > David, This is an interesting subject and covered at length in the Safety and Performance Requirements (SPR) for ATN Baseline 2. This is a joint RTCA/Eurocae document (ref DO-350A/ED228A). The SPR is intended to be a complete hazard analysis for all the ATS Applications in order to identify the Safety Objectives and to allocate them to various functions. All Safety Objectives have to be satisfied in order to gain Safety Approval for operational use. The Safety Objective for the Network itself is expressed as an availability requirement and a confidence level to which it must be shown that the availability requirement is met. The end-to-end availability requirement for the current generation of ATS Applications is that in high density airspace (lots of aircraft) there has to be a 99.9% probability that a message is delivered to its intended recipient and the response returned, without loss of integrity and within the required transaction time and per Flight Hour. Using the wrong network address will result in mis-delivery, a discarded packet and is one of the many possible reasons that can result in a failure to meet the availability requirement. The confidence level at present is required to be appropriate for what is known as a Severity Class 4 hazard. This is defined as a hazard which if realised implies: “A slight reduction in separation or slight reduction in air traffic control capability. Significant increase in air traffic controller workload. There may also be a Slight Increase in workload for the flight crew resulting from having to perform tasks that may have otherwise been automated." You translate that as "if the data comms goes down, the airspace has to be re-configured to reflect the lower airspace capacity due to having to revert to using voice comms only" i.e. aircraft have to fly around circles, stay or the ground or get diverted until ATC is ready to cope with them. Generally, this does not take that long and it is something they train for. You don't want it to happen too often given the resulting flight delays, but these kind of problems should not result a serious incident. In order to demonstrate that an SC4 hazard has been mitigated to the required confidence level, you need to demonstrate that the acceptable risk that the availability target has not been met is less than 1 in 10^-3. This is just about feasible with black box testing, but still takes a lot of effort. Its also why mainstream COTS network nodes are so important a resource given that "in service experience" can get you a long way to demonstrating correct operation. When it comes to ensuring that you are using the correct Network Address, as you would expect, this part of the system is subject to considerable analysis, testing and audit given the SC4 hazard level. At present, two independent proofs (that you have the correct network address for a given Flight) are required. One is provided by the aircraft when it reports its Flight Identifier/Network Address binding and the other is in the Flight Plan provided separately by the airline's Flight Despatcher. At the core of the ATC Centre's Flight Data Processor is a function that brings this all together and validates the identity of an aircraft. This a key safety function and is subject to considerable analysis and testing. And long term testing is required to demonstrate the necessary confidence level. This is also why, in the migration to the ATN/IPS, no one wants to propose any semantic change to the addressing plan that would force a revision of this function. The IPv6 address of an application on board an aircraft has to be canonical with the existing NSAP Address if we are to avoid any change. Those arguing for a "better" addressing plan really do not appreciate how saving a few bits could result in years of delay in introducing the ATN/IPS. This is not just a consequence of the time it takes to test out such a function, but if you look at any ATC Centre's system development plan, they will have mapped out a plan for a whole sequence of improvements, and if you want a change to any function, you have to slot in to the current development plan - they might not even start work on this for a few years. The next generation of applications will probably require a higher confidence level appropriate for Severity Class 3. How to achieve this with COTS networks is an active research area for myself and is taking me down the path of having more than one end-to-end independent (no common failure modes) internetwork between aircraft and the ATC Centre. But that is another story. Regards Tony
- Extending a /64 otroan
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 otroan
- Re: Extending a /64 otroan
- Re: Extending a /64 Mark Smith
- Re: Extending a /64 Alexandre Petrescu
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Ca By
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Gyan Mishra
- Re: Extending a /64 otroan
- Re: Extending a /64 JORDI PALET MARTINEZ
- RE: [EXTERNAL] Re: Extending a /64 Manfredi (US), Albert E
- Re: [EXTERNAL] Re: Extending a /64 Mark Smith
- RE: [EXTERNAL] Re: Extending a /64 Manfredi (US), Albert E
- Re: Extending a /64 Brian E Carpenter
- Re: [EXTERNAL] Re: Extending a /64 Gyan Mishra
- Re: [EXTERNAL] Re: Extending a /64 Mark Smith
- Re: Extending a /64 otroan
- Re: [EXTERNAL] Extending a /64 otroan
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 otroan
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 otroan
- Re: Extending a /64 Philip Homburg
- Re: [EXTERNAL] Extending a /64 Gyan Mishra
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 JORDI PALET MARTINEZ
- Re: Extending a /64 Pascal Thubert (pthubert)
- Re: Extending a /64 George Michaelson
- Re: Extending a /64 Gyan Mishra
- Re: Extending a /64 Gyan Mishra
- Re: Extending a /64 Christopher Morrow
- Re: Extending a /64 Mark Smith
- Re: Extending a /64 otroan
- Re: Extending a /64 Christopher Morrow
- Re: Extending a /64 Brian E Carpenter
- Re: Extending a /64 Gyan Mishra
- Re: Extending a /64 Gyan Mishra
- Re: Extending a /64 Alexandre Petrescu
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Mikael Abrahamsson
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Mikael Abrahamsson
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 otroan
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 otroan
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 S Moonesamy
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Brian E Carpenter
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Mark Smith
- Re: Extending a /64 Brian E Carpenter
- Re: Extending a /64 Nick Hilliard
- Re: Extending a /64 Mark Smith
- Re: Extending a /64 Nick Hilliard
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Gyan Mishra
- Re: Extending a /64 Brian E Carpenter
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Brian E Carpenter
- Re: Extending a /64 JORDI PALET MARTINEZ
- RE: [EXTERNAL] Re: Extending a /64 Manfredi (US), Albert E
- Re: Extending a /64 Gyan Mishra
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Nick Hilliard
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Nick Hilliard
- Re: Extending a /64 JORDI PALET MARTINEZ
- Re: Extending a /64 Simon Hobson
- Re: Extending a /64 Joel M. Halpern
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Joel M. Halpern
- Re: Extending a /64 Alexandre Petrescu
- Re: Extending a /64 Alexandre Petrescu
- RE: Extending a /64 Da Silva, Saulo
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Templin (US), Fred L
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Alexandre Petrescu
- Re: Extending a /64 Behcet Sarikaya
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Joel M. Halpern
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Templin (US), Fred L
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Templin (US), Fred L
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Tony Whyman
- RE: Extending a /64 Da Silva, Saulo
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Mark Smith
- Re: Extending a /64 Mark Smith
- Why this is broken [was Re: Extending a /64] Brian E Carpenter
- RE: [EXTERNAL] Why this is broken [was Re: Extend… Templin (US), Fred L
- Re: [EXTERNAL] Why this is broken [was Re: Extend… Matthew Petach
- Re: Why this is broken [was Re: Extending a /64] Tony Whyman
- RE: [EXTERNAL] Re: Extending a /64 Manfredi (US), Albert E
- Re: Why this is broken [was Re: Extending a /64] Brian E Carpenter
- Re: Extending a /64 David Farmer
- Re: Extending a /64 Brian E Carpenter
- Re: Extending a /64 (ATN/IPS worked example) Tony Whyman
- Re: Extending a /64 Tony Whyman
- Re: Why this is broken [was Re: Extending a /64] Tony Whyman
- Re: Extending a /64 (ATN/IPS worked example) Philip Homburg
- Re: Extending a /64 (ATN/IPS worked example) Tony Whyman
- Re: Extending a /64 David Farmer
- Re: Extending a /64 (ATN/IPS worked example) Philip Homburg
- Re: Extending a /64 Tony Whyman
- Re: [EXTERNAL] Why this is broken [was Re: Extend… Behcet Sarikaya
- Re: Extending a /64 Simon Hobson
- Re: Cellphones in aircraft [was: Why this is brok… Simon Hobson
- RE: [EXTERNAL] Why this is broken [was Re: Extend… Templin (US), Fred L
- Re: [EXTERNAL] Why this is broken [was Re: Extend… Behcet Sarikaya
- Re: Extending a /64 Mark Smith
- Re: Extending a /64 (ATN/IPS worked example) Brian E Carpenter
- Re: Why this is broken [was Re: Extending a /64] Matthew Petach
- RE: [EXTERNAL] Re: Why this is broken [was Re: Ex… Templin (US), Fred L
- Re: Extending a /64 (ATN/IPS worked example) Templin (US), Fred L
- Re: Extending a /64 (ATN/IPS worked example) Brian E Carpenter
- Re: Extending a /64 (ATN/IPS worked example) Brian E Carpenter
- RE: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Templin (US), Fred L
- Re: Extending a /64 (ATN/IPS worked example) Templin (US), Fred L
- Re: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Brian E Carpenter
- Re: Extending a /64 (ATN/IPS worked example) Brian E Carpenter
- RE: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Templin (US), Fred L
- RE: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Templin (US), Fred L
- RE: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Templin (US), Fred L
- RE: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Manfredi (US), Albert E
- RE: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Templin (US), Fred L
- Re: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Philip Homburg
- RE: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Manfredi (US), Albert E
- RE: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Templin (US), Fred L
- RE: [EXTERNAL] Re: Extending a /64 (ATN/IPS worke… Templin (US), Fred L
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 (ATN/IPS worked example) Michael Richardson
- Re: Extending a /64 (ATN/IPS worked example) Michael Richardson
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 (The most welcome comment) Tony Whyman
- Re: Why this is broken [was Re: Extending a /64] Behcet Sarikaya
- Re: Extending a /64 (The most welcome comment) Brian E Carpenter
- RE: [EXTERNAL] Re: Extending a /64 (The most welc… Manfredi (US), Albert E
- Re: Extending a /64 Michael Richardson
- Re: Extending a /64 (The most welcome comment) Templin (US), Fred L
- RE: Extending a /64 (The most welcome comment) Manfredi (US), Albert E
- Re: Extending a /64 (The most welcome comment) Brian E Carpenter
- RE: [EXTERNAL] Re: Extending a /64 (The most welc… Templin (US), Fred L
- Re: Extending a /64 (The most welcome comment) David Farmer
- Re: Extending a /64 Michael Richardson
- Re: Why this is broken [was Re: Extending a /64] Michael Richardson
- Re: Extending a /64 Mark Smith
- Re: Extending a /64 Mark Smith
- Re: [EXTERNAL] Re: Extending a /64 (The most welc… Tony Whyman
- RE: [EXTERNAL] Re: Extending a /64 (The most welc… Pascal Thubert (pthubert)
- Re: [EXTERNAL] Re: Extending a /64 (The most welc… Tony Whyman
- Re: Extending a /64 Nick Hilliard
- Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Tony Whyman
- Re: [**EXTERNAL**] Re: Extending a /64 Mudric, Dusan
- Re: [**EXTERNAL**] Re: Extending a /64 Tony Whyman
- Re: Extending a /64 Nick Hilliard
- Re: Extending a /64 (The most welcome comment) Templin (US), Fred L
- Re: [**EXTERNAL**] Re: Extending a /64 tom petch
- Re: Extending a /64 Mark Smith
- Re: Extending a /64 Mark Smith
- Re: Extending a /64 Nick Hilliard
- RE: [EXTERNAL] Re: Extending a /64 Manfredi (US), Albert E
- Re: Extending a /64 Mark Smith
- Re: Extending a /64 Philip Homburg
- Re: Extending a /64 Nick Hilliard