IETF Logo Mail Archive

Re: L=0 [was draft-pioxfolks-6man-pio-exclusive-bit-02.txt]

Mikael Abrahamsson <swmike@swm.pp.se> Thu, 01 February 2018 09:02 UTC

Return-Path: <swmike@swm.pp.se>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02545131697 for <ipv6@ietfa.amsl.com>; Thu, 1 Feb 2018 01:02:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=swm.pp.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ABBkjMdB0ld2 for <ipv6@ietfa.amsl.com>; Thu, 1 Feb 2018 01:02:16 -0800 (PST)
Received: from uplift.swm.pp.se (ipv6.swm.pp.se [IPv6:2a00:801::f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8DB5131685 for <ipv6@ietf.org>; Thu, 1 Feb 2018 01:02:07 -0800 (PST)
Received: by uplift.swm.pp.se (Postfix, from userid 501) id C4587B1; Thu, 1 Feb 2018 10:02:04 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=swm.pp.se; s=mail; t=1517475724; bh=Ok+MWw5+PCCiFPHuDBtIUWnOjPmBxY49UsyJR5lZdZ4=; h=Date:From:To:cc:Subject:In-Reply-To:References:From; b=nbO6rd5haAjeg0WbVc1kTJoXvqIUYSWJ7wQlRoPBtHfezV++gGYFnK5nu0KWE4b0p 5gbTX/flf91Or/xxR0OQZESJp92lu3ypb+Fa0dGXYLR6y7ed7WvqAebid7JSq1s3tG c4WZ7DmOMFCxMSus8I3iP/gbQfJvVRL86yl5z8ms=
Received: from localhost (localhost [127.0.0.1]) by uplift.swm.pp.se (Postfix) with ESMTP id C1EACB0; Thu, 1 Feb 2018 10:02:04 +0100 (CET)
Date: Thu, 01 Feb 2018 10:02:04 +0100
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: Mark Smith <markzzzsmith@gmail.com>
cc: 6man WG <ipv6@ietf.org>
Subject: Re: L=0 [was draft-pioxfolks-6man-pio-exclusive-bit-02.txt]
In-Reply-To: <CAO42Z2zRRnV-Uc2PAg3KOYGyDTer7beWMXev_jYn1Lx5uRi9vw@mail.gmail.com>
Message-ID: <alpine.DEB.2.20.1802010956570.8884@uplift.swm.pp.se>
References: <91953634-9B4A-405B-AB36-FBB2079A0A40@gmail.com> <CAN-Dau3dVKG_Dfg6ttWJEvd+VF_kzAC84Gu6dpZTVWXvY1NB1w@mail.gmail.com> <A0E57571-045C-4BA0-85D1-6BD41CE47BBE@google.com> <1cb807ddcfb7402681d3361c7f0cf7b9@XCH15-06-08.nw.nos.boeing.com> <CAKD1Yr3fSUt0jf71m+v6MBfxadsiUtemJKhpazFbZFk1a1DASw@mail.gmail.com> <1CBC2CBA-8076-46BC-A24D-5920C32111F0@google.com> <205AB90F-2B9A-4E3E-B2C9-792E4FAEFEEB@google.com> <18854.1517233055@obiwan.sandelman.ca> <1345.1517236806@obiwan.sandelman.ca> <a57696ee-47c3-5de1-c5b4-223c8b11d912@gmail.com> <CAO42Z2w0gd6C7qGpF2rhRAPaMG1nZMU9cPm0yRD6cZBr53EhgA@mail.gmail.com> <44C1900B-5CAA-4EF8-A405-EBE87871DCAC@employees.org> <CAO42Z2worXnmmTEx7_g_R1kuoywc40O0Yo7b6Bf4cdLJ70=rFA@mail.gmail.com> <alpine.DEB.2.20.1801300611070.8884@uplift.swm.pp.se> <CAO42Z2ydjfsvL0ita9TW8Hgrqfd30E6BSPAf0DmLn0cZaCt3tg@mail.gmail.com> <alpine.DEB.2.20.1801311042240.8884@uplift.swm.pp.se> <CAO42Z2zRRnV-Uc2PAg3KOYGyDTer7beWMXev_jYn1Lx5uRi9vw@mail.gmail.com>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
Organization: People's Front Against WWW
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Vbt31waIDyi8d-yKMb8a5tTf018>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Feb 2018 09:02:18 -0000

I can only guess what you wrote down here. So I'm going to guess that you 
wrote "You're saying hosts that have a common LL prefix *aren't* on the 
same link?" and answer that.

Your definition if "link" is too rigid. There can be lots of things done 
on L2 that would mean the answer to your question is "well, kind of".

If two hosts can't talk to each other directly over L2 (all traffic is 
forwarded via the router), the router (perhaps) defends their respective 
LLA and does forwarding between these LLA addresses, the L2 (perhaps) 
enforces LLA/MAC address mapping (using SAVI) etc, are they on the same 
link? The router sees all their traffic coming in on the same interface.

The answer is: "Well, kind of, but not really".

It's complicated.

On Thu, 1 Feb 2018, Mark Smith wrote:

> On 31 Jan 2018 20:49, "Mikael Abrahamsson" <swmike@swm.pp.se> wrote:
>
> On Wed, 31 Jan 2018, Mark Smith wrote:
>
> RFC8273 fails the proper layer 2 isolation/per-host link/LAN requirement
>> too.
>>
>
> No, it doesn't. It just doesn't specify how this is to be achieved. I am of
> the opinion that it doesn't need to, and it shouldn't. Yes, someone
> implementing this should make sure that L2 assures that customers can't
> spoof each other, that source validation etc is in place, but I am of the
> opinion that RFC8273 doesn't need to specify how that should be done.
>
>
> The hosts are all sharing the same Link-Local prefix, rather than each host
>> having its own instance of the Link-Local prefix. They're all using the
>> same router interface, rather than each host having its own dedicated
>> router interface. There is sharing of IP layer resources between multiple
>> hosts, so the hosts are not on separate links.
>>
>
> Sure.
>
>
> Per RFC4291, in the Addressing Model section,
>>
>> "Currently, IPv6 continues the IPv4 model in that a subnet prefix is
>>   associated with one link."
>>
>> multiple hosts that share just one common IPv6 subnet of possibly a
>> number on the link are members of the same one link.
>>
>
> But the GUA prefix isn't the same, just the LLA.
>
>
>
> You're saying hosts that have a common LL prefix *aren't* on the same link?
>
>
>
>
> So when a host attaches to a port, the layer 2 device allocates a new
>> virtual link, dedicated to the host, and then signals the router, which
>> then allocates a new Link-Local prefix, new GUA and possibly ULA prefix,
>> and then creates a new router interface for that individual host?
>>
>
> No. Those are your requirements, it's you who are saying all of those are
> needed. Not me.
>
>
> I don't have any experience or detailed knowledge of it , however I'm
>> reminded of Access Node Control Protocol - RFC6320. Perhaps a generalised
>> version of that for other types of layer 2 edge devices might be an option.
>>
>
> PPPoE doesn't solve the mac address duplication problem, either. Only
> separate L2 per user solves that.
>
> So what I have been proposing for lots of years is to keep the 1:N model
> for IPv4 (because that's what a lot of people do), but create
> one-vlan-per-user for IPv6, using ethertype based vlans. This requires no
> host changes.
>

-- 
Mikael Abrahamsson    email: swmike@swm.pp.se

v2.23.0 | Report a Bug | By Email