IETF Logo Mail Archive

Re: A common problem with SLAAC in "renumbering" scenarios

Alexandre Petrescu <alexandre.petrescu@gmail.com> Fri, 15 February 2019 10:53 UTC

Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06D28130FA0 for <ipv6@ietfa.amsl.com>; Fri, 15 Feb 2019 02:53:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.633
X-Spam-Level:
X-Spam-Status: No, score=-2.633 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.665] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ViyK-eYTFNRy for <ipv6@ietfa.amsl.com>; Fri, 15 Feb 2019 02:53:23 -0800 (PST)
Received: from sainfoin-smtp-out.extra.cea.fr (sainfoin-smtp-out.extra.cea.fr [132.167.192.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF6B912D4E9 for <ipv6@ietf.org>; Fri, 15 Feb 2019 02:53:22 -0800 (PST)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by sainfoin-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id x1FArH18013651; Fri, 15 Feb 2019 11:53:17 +0100
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 8ABFE20640C; Fri, 15 Feb 2019 11:53:17 +0100 (CET)
Received: from muguet1-smtp-out.intra.cea.fr (muguet1-smtp-out.intra.cea.fr [132.166.192.12]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 7CF5A2063DE; Fri, 15 Feb 2019 11:53:17 +0100 (CET)
Received: from [10.8.35.150] (is154594.intra.cea.fr [10.8.35.150]) by muguet1-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id x1FArHCq001921; Fri, 15 Feb 2019 11:53:17 +0100
Subject: Re: A common problem with SLAAC in "renumbering" scenarios
To: Christian Huitema <huitema@huitema.net>
Cc: ipv6@ietf.org
References: <60fabe4b-fd76-4b35-08d3-09adce43dd71@si6networks.com> <e56a6e5b-648d-200e-c35d-97f15a31fb2a@asgard.org> <CAO42Z2zh7fKAgQJq9aLCTiFoSSsTeGM=pK3gXitg+gcxH=9fhQ@mail.gmail.com> <d38857c2-6e92-91d6-bb5d-d3eeeb61276a@gmail.com> <CAO42Z2yb47OyXk__Sz-kO00pfcBJgLAhff5DF=mpAddR0iCnAA@mail.gmail.com> <2612280f-195a-ae7a-b3b1-9022d9282fa7@foobar.org> <56F813F4-C512-40A9-8A68-1090C76A80F6@consulintel.es> <CAHL_VyCN8kU7qnLOphfGR25-xGBe_p6WeGTkKVXwU5uy5aJ8Dg@mail.gmail.com> <65DB4854-97D2-4C31-A691-2CD93812EF93@consulintel.es> <CAHL_VyCMpCcGkEQu+RV1GRf2QLB-HD0+AOOBV0YhfQ5sbydVzQ@mail.gmail.com> <8CE7A0CD-97D9-46A0-814D-CAF8788F9964@consulintel.es> <e3e0bf2273e04f15b792665d0f66dfe5@boeing.com> <4c5fab33-2bff-e5b5-fc1d-8f60a01a146d@go6.si> <b4525832-9151-20bf-7136-31d87ba6c88d@huitema.net> <463f 15cf-2754-e2e8-609d-dc0f33448c6c@go6.si> <444A9043-0EDF-4F21-9DCE-BF019B81D078@huitema.! net> <a03 6a6a4-26c7-66df-9094-7af67e424711@gmail.com> <9BA9D825-2B75-47FA-999E-2712E151AD01@huitema.net>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <1baf235c-4ae9-dba2-b056-09c32df45b36@gmail.com>
Date: Fri, 15 Feb 2019 11:53:17 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0
MIME-Version: 1.0
In-Reply-To: <9BA9D825-2B75-47FA-999E-2712E151AD01@huitema.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/W-XQBB3-0o5yU_BstnaPVPTUxpU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Feb 2019 10:53:25 -0000

Christian,

Thank you for the answer.  I generally agree.

Le 15/02/2019 à 11:30, Christian Huitema a écrit :
> 
> 
>> On Feb 14, 2019, at 11:57 PM, Alexandre Petrescu
>> <alexandre.petrescu@gmail.com> wrote:
>> 
>> (I can assure you that changing IP addresses all the time is a
>> nightmare in implementations :-)
> 
> The alternative is of course some kind of onion routing for the
> masses. Or generalized VPN. I wonder about the trade off, in terms of
> both overhead and management.

I will have to search for onion routing, before I can think about what 
trade-offs could be.

For 'generalized VPN' - I can safely say that we are a very long way 
from simply VPN with IPv6, let alone generalized :-)

OpenVPN open source well-known implementation has probably the easiest 
IPv6 capability of them all.  Yet it requires NAT IPv6 for the 
addressing architecture between real and virtual interfaces.  Worse, 
some reported a 'proprietary' (read 'unknown behaviour') intermediate 
layer used.

SoftEther, another less known open source implementation of VPN, does 
some form of IPv6 but can it's IPv6 cant work without having also IPv4 
addresses on it.

In this situation, adding security in a place where security is more 
important than just desirable, requires the use of IPv4 instead of IPv6.

> Right now we have the bizarre property of having better privacy in a
> coffee shop than at home. That doesn't seem right.

I fully agree with that.  It may be because that coffee shop is small 
enough to be manageable by a few persons who do consider privacy 
seriously.  Otherwise, I dont know why.

Alex

> 
> -- Christian Huitema
> 
> 
> 
>

v2.23.0 | Report a Bug | By Email