IETF Logo Mail Archive

Re: Generic anycast addresses...

Sander Steffann <sander@steffann.nl> Thu, 30 May 2019 12:49 UTC

Return-Path: <sander@steffann.nl>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A96412006F for <ipv6@ietfa.amsl.com>; Thu, 30 May 2019 05:49:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=steffann.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q3bCFPzDnPg0 for <ipv6@ietfa.amsl.com>; Thu, 30 May 2019 05:49:27 -0700 (PDT)
Received: from mail.sintact.nl (mail.sintact.nl [IPv6:2001:9e0:803::6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93E7A12006A for <6man@ietf.org>; Thu, 30 May 2019 05:49:26 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.sintact.nl (Postfix) with ESMTP id 8431271; Thu, 30 May 2019 14:49:24 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=steffann.nl; h= x-mailer:references:in-reply-to:date:date:subject:subject :mime-version:content-type:content-type:message-id:from:from :received:received; s=mail; t=1559220562; bh=n0fqFknJ2GiXbVo10QZ 7sq789xbd18rqOvktma6KDaA=; b=dxy0zg+bljby+rCMDCtRoKXeFNPDwWquGsw 6rjFHBJupRV3kdCwFNFnmvvFjIyEvCIjBaQ2bZTqRNIayKCIQipP9MeLGsJzyYBC nh7u6cSZpNX8gdsczwSuLDc3q2dN1f0Rs/X+pGlWw7z9ZB3kXveyZvfmc9Xns6Ye TkIMQhzg=
X-Virus-Scanned: Debian amavisd-new at mail.sintact.nl
Received: from mail.sintact.nl ([127.0.0.1]) by localhost (mail.sintact.nl [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id NfGG9j43gMNU; Thu, 30 May 2019 14:49:22 +0200 (CEST)
Received: from [IPv6:2a02:a213:a300:ce80:3cac:a6d:c809:5674] (unknown [IPv6:2a02:a213:a300:ce80:3cac:a6d:c809:5674]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail.sintact.nl (Postfix) with ESMTPSA id 80B786F; Thu, 30 May 2019 14:49:21 +0200 (CEST)
X-Clacks-Overhead: GNU Terry Pratchett
From: Sander Steffann <sander@steffann.nl>
Message-Id: <4F466F57-1705-4C1A-9FEA-D781C746D5E2@steffann.nl>
Content-Type: multipart/signed; boundary="Apple-Mail=_BF310AC2-A615-4686-BE67-82EB247E7099"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Subject: Re: Generic anycast addresses...
Date: Thu, 30 May 2019 14:49:20 +0200
In-Reply-To: <CAO42Z2wCG+C9sqbbhT3EcJQpa_GLEqacs3tFBycqMW37Z4Datg@mail.gmail.com>
Cc: Ted Lemon <mellon@fugue.com>, 6MAN <6man@ietf.org>
To: Mark Smith <markzzzsmith@gmail.com>
References: <D22E680C-3EE3-4AD7-90C0-9339DA2E5A29@fugue.com> <CAO42Z2wCG+C9sqbbhT3EcJQpa_GLEqacs3tFBycqMW37Z4Datg@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Bek9SL5t7fYKaSWRkFLygx5mstc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 May 2019 12:49:30 -0000

Hi Mark,

> "IPv6 Formal Anycast Addresses and Functional Anycast Addresses"
> https://tools.ietf.org/html/draft-smith-6man-form-func-anycast-addresses-00
> 
> - well known anycast address prefix - "aa00::" suggested
> - scopes that match those of multicast (note there is a scope position
> error throughout the above draft, the scope nibble is the 3rd rather
> than the 4th i.e. the upper 16 bits are "aa<scope><subformat>::/16"

I think I'd prefer "aa<subformat><scope>::/16" for consistency with multicast addresses. OTOH your format is much easier to filter at scope boundaries, but I guess it's too late to change the multicast specs ;)

> - supports subformats for the lower 112 bits
> - first subformat is a functional address space which supports 24 bit
> function identifiers, possibly 32 bit function identifiers, and embeds
> up to a /64 prefix to identify an "anycast domain", and flags e.g.
> transient or permanent function identifiers.
> 
> All very much inspired by many of the IPv6 multicast capabilities and
> features - it seems to me that anycast has properties common with both
> unicast and multicast, so its actually a distinct class of addresses,
> rather than being an informal type of unicast address.

I agree.

> I've been working on another update which I can probably push out in
> the next day or so:
> 
> - introduces an "Network Service Provider" scope, which is greater
> than organisation scope and global scope, to suit an ISP DNS resolver
> use case, protecting the DNS resolver from a DDoS from the Internet.

Very good idea. The same scope can be used for multicast as well. It would fit things like live TV streams in a service provider network to provide them to their customers rather well.

> - suggests the use of anycast addresses for hop by hop processing of
> packets as an alternative to the HbH EH - when a intermediate packet
> processing node (i.e. doing more than pure IPv6 forwarding) submits
> the packet for further forwarding post processing, the local instance
> of the anycast address is ignored (the "is it my DA" check is
> skipped), and RPF is applied on the source address so the packet keeps
> moving away from the packet's origin (i.e. the multicast RPF check).
> This type of forwarding probably could be applied to "informal
> anycast" as well as the "formal anycast" I've suggested above, so
> maybe it should be a separate ID.

I don't understand the use case for this one yet.

Anyway: I think this can be very useful! Easily recognisable addresses, explicit scope. I like it :)

Cheers,
Sander

v2.23.0 | Report a Bug | By Email