Re: Extending a /64

[Mark Smith <markzzzsmith@gmail.com>]

Hi Michael,

On Wed, 18 Nov 2020 at 14:30, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>
>
> Mark Smith <markzzzsmith@gmail.com> wrote:
>     > Asking for GUA space implies attached to the big-I Internet when the ULA
>     > space exists for non-Internet connected devices.
>
> No, This is JUST SO WRONG. This is IPV4 SCARCITY THINK.
>

No, it is safety and security thinking.

Some things should have no or extremely little possibility of working
over the Internet even if they're attached to it accidentally. I think
planes are one of those things, because if they're attacked in one way
or another and they fall out of the sky people can die.

ULA space isn't intended to work on the Internet, and the people
running Internet routing aren't trying to make ULAs work over the
Internet.

"Private" GUA space has more likelihood of working over the Internet
should the devices with it be attached to the Internet, because people
are trying to make GUA routing work as well as it possibly can.

At work, if I'm told a GUA prefix can't be reached over the Internet,
that's a fault until I find out otherwise. I will work on fixing an
apparent routing fault.

On the other hand, if I'm told a ULA prefix can't be reached over the
Internet, I'll say immediately "Of course, it isn't isn't supposed to.
No fault found, working as intended."

> IPv6 is for all users, not just those in some entities routing table.
>
> ULA is second class in many ways: no reverse, no RPKI, no whois, etc.
> ULA-C would be slightly less wrong.   Would you support doing that?
>

Yes, although I think for large private networks something like this,
the RFC4193 ULA-Cs might not be the correct format because they can't
be aggregated at a prefix length shorter than a /48.

I'd be thinking something like a new "large private network" ULA
address space from a different /8 prefix than fc::/7, where the a
shorter global ID is managed by the registry or registries rather than
being pseudo random per RFC4193 and say between /32s and /40s are
provided, requiring typical RIR justification and annual fees. That
would provide 24 bits of /32s or 16 million, which I think would be
enough for the foreseeable number of large private networks that would
be willing to register and pay annual fees for this large private
address space.

(Or perhaps the current ULA-C format could be redefined with a shorter
Global ID and registry ID management since current ULA-C isn't in
use.)

Regards,
Mark.




>     > It is when GUAs are being requested, and the RFC4291 address format is
>     > being ignored. It's not IPv6 and can't be called "IPv6" if it doesn't
>     > comply with the IPv6 specifications.
>
>     > GUAs have two properties:
>
>     > - globally unique address
>     > - provide potential global reachability to any and all global Internet
>     > destinations
>
> - show up in databases like whois
> - can have RPKI credentials
> - can have RPSL policies attached
> - can be announced in BGP to consenting peers without prior arrangement
>
> When we designed IPv6, we assumed that everyone would get some, even if they
> didn't connect.
>
>     > ULAs only have the first property.
>     > If a device doesn't need the second property, the device doesn't need a GUA.
>
> Again, what is this business of trying to ration IPv6?
> Do they really need 39 bits? I don't know.
>
> Our entire Ipv6 architecture ENCOURAGES entities to ask for the amount of space
> that they think they might need over the lifetime of their effort and NEVER
> COME BACK for more.
>
> That's why /64 for IIDs, and /48s for every site.
>
> --
> Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
>            Sandelman Software Works Inc, Ottawa and Worldwide