Re: Updated IID length text

Lorenzo Colitti <lorenzo@google.com> Thu, 19 January 2017 06:21 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97BF712949A for <ipv6@ietfa.amsl.com>; Wed, 18 Jan 2017 22:21:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.899
X-Spam-Level:
X-Spam-Status: No, score=-5.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-3.199, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NkBDKZ0TX2gs for <ipv6@ietfa.amsl.com>; Wed, 18 Jan 2017 22:21:32 -0800 (PST)
Received: from mail-vk0-x22f.google.com (mail-vk0-x22f.google.com [IPv6:2607:f8b0:400c:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 245E11200A0 for <ipv6@ietf.org>; Wed, 18 Jan 2017 22:21:32 -0800 (PST)
Received: by mail-vk0-x22f.google.com with SMTP id r136so23328575vke.1 for <ipv6@ietf.org>; Wed, 18 Jan 2017 22:21:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=FHTKneAw7TP48e8zg0N8BVrPQlNWk/+SJoozno9wmq0=; b=exBguq8S3Xnjss6XdgJb99unwcWhBPYy9+rnF4Jaj8WHkfgBL0PuJWZ0N15+RkS+hj xUpHBmgQS5TKwsfWB45zzQBiSXpvuwOgXYRNfaXcu2esE+1H7yNIueJscGJinKXy97Af oiED/IhggGK4h8/rXhDPD0f96IvV80D2n1FLD9xPuJE7cfl/KKAG2AO3sknJaSqCM+Xq x4t2YAaiYRyYfTPsUL4X/COB2eYaMWzCikz8M03yuBVvIF09Eh6//Gr1OOrGWojXpjI2 X7chLiUGXxIyLdZPuFF1p0crUA7VMcHi4BorBe01VEQhTktK2nTsJaHfH4GUdAPG+pE7 O11g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=FHTKneAw7TP48e8zg0N8BVrPQlNWk/+SJoozno9wmq0=; b=OMiarZpGf7bhUi4g/mH476hghQgXi2AxYC2rUiAtexjIhGiVgNy+z3a13pTURNdoPQ F865ff8f0TXUt8DrieKRsDjI4prpGt2EanZkoh7/jMtuk+ZI01ixU+ADyosrjto4/4fZ MnIWVEPahzQLi2P1Nbm9LFEU72izIkN7G8k/iaiD7BIRBmLK9NiSOAjgzBSAUk6MKiwh FQWwKUoTmLrvhMrgyZA9vxB7zuELBTOD0pZOww03+Bs3oHu+18t6VB6WvvoQBeGSk0o0 P8yf3cCXcUehkdCiTk4Qb2bhFXC5VQnLDCWM6rVxk1UKRfmwJ+1wXqyrKBimBwury9bk vOTw==
X-Gm-Message-State: AIkVDXKkTr8t7A458I0BNGhaLmtp7p3EdtjU9iV7kFNM8+UYGZvDEalmpeDeEbsZ9oeMS2ygQOrAjWxQBBALZvW/
X-Received: by 10.31.150.134 with SMTP id y128mr3098683vkd.102.1484806891013; Wed, 18 Jan 2017 22:21:31 -0800 (PST)
MIME-Version: 1.0
Received: by 10.31.171.2 with HTTP; Wed, 18 Jan 2017 22:21:10 -0800 (PST)
In-Reply-To: <8a6ba2e9-ef5b-87d0-d60b-dcc4916a2300@si6networks.com>
References: <148406593094.22166.2894840062954191477.idtracker@ietfa.amsl.com> <CAKD1Yr1cvZ8Y3+bHeML=Xwqr+YgDspZGnZi=jqQj4qe2kMc4zw@mail.gmail.com> <m2lguffnco.wl-randy@psg.com> <CAKD1Yr1TrTiPRdyutobmb_77XJ7guNzLrg=H_p7qi4BfQ8V=GA@mail.gmail.com> <m2d1frfm6m.wl-randy@psg.com> <CAKD1Yr2Njjd8_Mr+6TRFF6C5pdcX4yFgpFVyEkykDuytu2B8mg@mail.gmail.com> <2A5073777007277764473D78@PSB> <4596c3d4-a337-f08e-7909-f14270b7085f@gmail.com> <CAN-Dau06R3iYRpYLADhvHox4C9qdsJCuxFsJapRhOQcWT4qk_g@mail.gmail.com> <CAO42Z2weZcoHiBzN94QAQ9WGhWR16PmMMFNg=5YLmr_dhPjjpA@mail.gmail.com> <fcc7f136-b5da-527e-b495-5a2d7f7a3ce8@gmail.com> <55bb8bdbfbf4439da0aa702e5bc03e2c@XCH15-06-11.nw.nos.boeing.com> <CAKD1Yr2vmDkUTvSw7-GtKNeMDm1xtAppj+EW9X=-TeKZ6qkXrg@mail.gmail.com> <6b718d09-4a91-8128-0559-d072e1e1d832@si6networks.com> <CAKD1Yr39+gU7U=2i=bHPdj3OK9yOUSFdx3Fk42NZQo32oDbygQ@mail.gmail.com> <a77b4884-809f-4944-5580-6afc11e0f756@si6networks.com> <CAKD1Yr1cSPBacrk2tZAOOGwR4nSU2NYSrV5ArZLBrOoXTcBNTw@mail.gmail.com> <8a6ba2e9-ef5b-87d0-d60b-dcc4916a2300@si6networks.com>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Thu, 19 Jan 2017 15:21:10 +0900
Message-ID: <CAKD1Yr06uPj95XNzvFnwrmxnykVw5CKf3uO40eaiWzZ0uXmuRg@mail.gmail.com>
Subject: Re: Updated IID length text
To: Fernando Gont <fgont@si6networks.com>
Content-Type: multipart/alternative; boundary="001a1141d6004cf50705466c8b5f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/XWDrHFcNTbm34W0pyFk5EF0AtA4>
Cc: 6man <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jan 2017 06:21:33 -0000

On Thu, Jan 19, 2017 at 2:38 PM, Fernando Gont <fgont@si6networks.com>
wrote:

> > You forgot the "where layer 2 ensures that there are no duplicate MAC
> > addresses on the network" part of this scenario.
>
> 1) AP != Network -- you might be assuming the network is simpler than it
> really is
>

In small networks, the probability of collision is low because there are
few devices. Large networks are usually built with a centralized control
plane, because otherwise roaming doesn't work, and in that sort of network,
MAC addresses have to be unique or devices don't get on the network.


> 2) How many nodes do you need in a 48-bit space for the probability of
> collisions to become a concern?
>

I never said the probability is unacceptable with 48 bits. That depends a
lot on the network circumstances. What I said that the increase in
probability when going down from 64 bits to 48 bits, which it is. If you
want 99.999% chance of no collisions, with 48 random bits I that puts you
between 10k and 100k devices. With 64 bits that's more like 10^35 devices.
That's an incredible difference. At 32 bits it's a joke - 1% chance of
collision at 10k devices.


> 3) If you are concerned about collisions in 48 bits as a result of
> random numbers, I'm curious why layer-3 concerns you more --
> particularly when, in layer-3 you do have a mechanism for detecting
> them, and one for recovering from them (whereas in layer-2, you don't).


Sigh. Consider 802.11 wifi. Dynamic MAC addresses are desirable for privacy
reasons. If there's a random MAC address collision, you don't get on the
network (most of the time; as discussed above). At that point you either
fail or you try again with a different random MAC address. That's your
retry mechanism. Once you've cleared that retry mechanism, L2 guarantees
that your EUI-64-based IPv6 address is unique.