IETF Logo Mail Archive

Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)

David Farmer <farmer@umn.edu> Sat, 13 February 2021 09:00 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 478493A0CFA for <ipv6@ietfa.amsl.com>; Sat, 13 Feb 2021 01:00:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XwlBxl69BTOH for <ipv6@ietfa.amsl.com>; Sat, 13 Feb 2021 01:00:56 -0800 (PST)
Received: from mta-p6.oit.umn.edu (mta-p6.oit.umn.edu [134.84.196.206]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D2C393A0CF6 for <6man@ietf.org>; Sat, 13 Feb 2021 01:00:56 -0800 (PST)
Received: from localhost (unknown [127.0.0.1]) by mta-p6.oit.umn.edu (Postfix) with ESMTP id 4Dd48l5jXmz9vBql for <6man@ietf.org>; Sat, 13 Feb 2021 09:00:55 +0000 (UTC)
X-Virus-Scanned: amavisd-new at umn.edu
Received: from mta-p6.oit.umn.edu ([127.0.0.1]) by localhost (mta-p6.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZfgcA9l2ARMZ for <6man@ietf.org>; Sat, 13 Feb 2021 03:00:55 -0600 (CST)
Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p6.oit.umn.edu (Postfix) with ESMTPS id 4Dd48l19sXz9vBqc for <6man@ietf.org>; Sat, 13 Feb 2021 03:00:54 -0600 (CST)
DMARC-Filter: OpenDMARC Filter v1.3.2 mta-p6.oit.umn.edu 4Dd48l19sXz9vBqc
DKIM-Filter: OpenDKIM Filter v2.11.0 mta-p6.oit.umn.edu 4Dd48l19sXz9vBqc
Received: by mail-ed1-f69.google.com with SMTP id b1so1810986edt.22 for <6man@ietf.org>; Sat, 13 Feb 2021 01:00:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RvKKCyROvoJ7qb3lpnBs/YwPJMHBTpSN0QMPYixcS1Q=; b=ndRjrj/jMHULFwQeOImkZ3j7MTgZvwXLWZBJ6EIECjR9NY02c2UXVZXPrIv28kjkeZ S7smWgO19o1xv64A7KP6MyLUHSeIfTV58lJetA5MC4lP/rDBAaJRIgqgldDfT5Ph8HSc g80EObNK+Xy6PfVZmCv6dQ5exM8gAT9IgJcCo9Ojig7exgeDBeVvT2vaC2qv0M6YkuoT s3F86gnZ4QfZZaL1nAoSYeLh7VnJ3mr/X5X/LsCFeaDACBRTJZIPBIH5xhLsSldpTnfw nvxSB+fuI185TUoD1EB3ZnkRiDX7zOr0XmrTA5sHsQ+yA/p1o/RfV2ROqlSndtjXqwj1 BqhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RvKKCyROvoJ7qb3lpnBs/YwPJMHBTpSN0QMPYixcS1Q=; b=uGhaBlbcX9Fhsogwc9oKkU29iETxw/wJAXZ7a3WbhdrNq56WvF82NlWeTfVhSYacwx F4ZRBVbMGjC7DsDUt/dowHzEJb+IEGkdUjNC6hMLwcE5LcrW1HHv5HZHCG0UJQ1TGWhS LUf7Qv3vVc4vunKqqFQnguXXA9Xeyp8MpPFhPze7E8wUSL3T8YOCn5jqOz9dcBaAFlig /4c7LofGu+iCGc/rDE4QdVzUeqFUNpEEjBp2nio+9JzYZ33enu4z5lg07RyaDEdS2GOR P7QIiSxujmhpTSBGOoPqwDDnpgEkaAGIuMH5kzK9BKn545TkY8KF7EfzvN3MneQ48bZ8 16uA==
X-Gm-Message-State: AOAM530GGKOTg3/qRbBkVoLNDQYW7npiH+tWdENyH7kotjkxuTT120cG 1Ol1F1R5cRUWq0KmDIkKJzCKkqYJDKtJiq/m/SIbSbS6jCeAzp/R/hsxBhjyFzMv1Blzf3jhXLF w/NurHsa4kXh9LFUpIDsGtVlx
X-Received: by 2002:aa7:ce96:: with SMTP id y22mr6995590edv.369.1613206853342; Sat, 13 Feb 2021 01:00:53 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxkFEdcLaomd76qCYQ0Nekltm+zdk3Cu0FtDbv6ZvnT2aaExTSxna6/40yIbYvEuSh7INHF+GErOwn4ZPd3Bas=
X-Received: by 2002:aa7:ce96:: with SMTP id y22mr6995551edv.369.1613206852823; Sat, 13 Feb 2021 01:00:52 -0800 (PST)
MIME-Version: 1.0
References: <160989494094.6024.7402128068704112703@ietfa.amsl.com> <6fe3a45e-de65-9f88-808d-ea7e2abdcd16@si6networks.com> <F4E00812-E366-4520-AE17-7BB46E28D575@gmail.com>
In-Reply-To: <F4E00812-E366-4520-AE17-7BB46E28D575@gmail.com>
From: David Farmer <farmer@umn.edu>
Date: Sat, 13 Feb 2021 03:00:36 -0600
Message-ID: <CAN-Dau3iOjjU+FLpdtA7nqfKRX+sjjSanAU8U-O3pH-k5nSoig@mail.gmail.com>
Subject: Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)
To: Fred Baker <fredbaker.ietf@gmail.com>
Cc: Fernando Gont <fgont@si6networks.com>, IPv6 Operations <v6ops@ietf.org>, "6man@ietf.org" <6man@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000698ade05bb33fdb7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/ZC23l1dT3hCElBLnW72Pl0jTWhs>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Feb 2021 09:00:59 -0000

On Fri, Feb 12, 2021 at 4:37 PM Fred Baker <fredbaker.ietf@gmail.com> wrote:

>
> I think I might describe it using the phrase "routing scope" or something
> akin to it. An address, any address, is usable within the range it is
> advertised to in routing, router advertisements, and so on - and it is
> unreasonable to expect routers to actively limit that apart from some form
> of configuration to do so. So to my mind, statements to the effect that
> ULAs should or should not be limited to (or from) some domain are not
> instructions to routing implementations per se, but instructions to people
> that configure BGP accordingly. Link-local addresses are confined to a
> given LAN not because someone said so in an RFC, but because routing
> implementations do not advertise a certain prefix off-LAN, and ULAs are
> confined to a given domain not because someone wrote it in an RFC, but
> because routers are not configured to (are configured to not) advertise
> them to external BGP peers and (hopefully) BGP peers refuse them if
> inappropriately advertised to them.
>
> We're trying very hard to construct a useful definition of "site-local"
> without saying so, and it might be worthwhile to actually say so.
>

I don't think "site-local" is the right idea at all. First, let's set aside
ULA for a moment, and look at some other entries in the IANA IPv6
Special-Purpose Address Registry;

Address Block Name RFC Allocation Date Termination Date Source Destination
Forwardable Globally Reachable Reserved-by-Protocol

64:ff9b::/96 IPv4-IPv6 Translat. [RFC6052 <https://www.iana.org/go/rfc6052>]
2010-10 N/A True True True True False
64:ff9b:1::/48 IPv4-IPv6 Translat. [RFC8215
<https://www.iana.org/go/rfc8215>] 2017-06 N/A True True True False False
100::/64 Discard-Only Address Block [RFC6666
<https://www.iana.org/go/rfc6666>] 2012-06 N/A True True True False False

2001:2::/48 Benchmarking [RFC5180 <https://www.iana.org/go/rfc5180>][RFC
Errata 1752 <http://www.rfc-editor.org/errata_search.php?eid=1752>] 2008-04
N/A True True True False False

2001:4:112::/48 AS112-v6 [RFC7535 <https://www.iana.org/go/rfc7535>] 2014-12
N/A True True True True False

2620:4f:8000::/48 Direct Delegation AS112 Service [RFC7534
<https://www.iana.org/go/rfc7534>] 2011-05 N/A True True True True False
fc00::/7 Unique-Local [RFC4193 <https://www.iana.org/go/rfc4193>] [RFC8190
<https://www.iana.org/go/rfc8190>] 2005-10 N/A True True True False [4
<https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml#note4>
] False
fe80::/10 Link-Local Unicast [RFC4291 <https://www.iana.org/go/rfc4291>]
2006-02 N/A True True False False True

I want to call your attention to the Local-Use IPv4/IPv6 Translation
Prefix (not the WKP), the Discard-Only Prefix, and the IPv6 Benchmarking
Prefix, they are not Globally Reachable but are Forwardable. Since they are
Forwardable they can't be "Link-Local Scope". But, they can't be "Global
Scope" either, there will most certainly be other interfaces on the
Internet that have the same address, and that is acceptable as they are
intended to be administratively limited and their uniqueness is the
responsibility of an administrator.

So, I think we need a third scope, I propose the "Admin Scope", or the
"Admin-Limited Scope", but I'm open to other ideas for the name. However,
it can't be Site-Local, we deprecated that. Further, this third scope,
while in many cases will be a Site, it also needs to cover multi-site
enterprises and even confederations and cooperating Autonomous Systems,
which go well beyond any reasonable definition of a Site.

How do we define this third scope; this scope exists logically between the
Link-Local and Global Scopes, with a local administrator defining the
precise boundary between it and the Global Scope, including, but not
limited to a site boundary, with the local administrator ensuring the
uniqueness within the scope they define.

Now if we agree a third scope is necessary, then ULA most logically belongs
in this new third scope that is in between Link-Local and Global. Yes, if
the administrator randomly selects the ULA prefix as defined in RFC4193, it
is highly unlikely there will be an overlap, however, the administrator
still has the responsibility to reject any overlapping randomly selected
prefix to ensure uniqueness within the scope that they are administratively
defining.

Note, the IPv4/IPv6 Translation Well-Known Prefix and the AS112 Prefixes
included above, are Global Scope, but more accurately they are Anycast
Global Scope Prefixes.

Thanks

-- 
===============================================
David Farmer               Email:farmer@umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================

v2.23.0 | Report a Bug | By Email