Re: IPv6 Link Local Addresses [was Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa?]
Mark Smith <markzzzsmith@gmail.com> Thu, 13 June 2019 04:58 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE463120074 for <ipv6@ietfa.amsl.com>; Wed, 12 Jun 2019 21:58:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.497
X-Spam-Level:
X-Spam-Status: No, score=-0.497 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BKjQcUWXX_U4 for <ipv6@ietfa.amsl.com>; Wed, 12 Jun 2019 21:58:10 -0700 (PDT)
Received: from mail-oi1-x231.google.com (mail-oi1-x231.google.com [IPv6:2607:f8b0:4864:20::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0184C12002F for <ipv6@ietf.org>; Wed, 12 Jun 2019 21:58:09 -0700 (PDT)
Received: by mail-oi1-x231.google.com with SMTP id e189so13437106oib.11 for <ipv6@ietf.org>; Wed, 12 Jun 2019 21:58:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=rcX1T7NJ4kVSpCWNoV8TWs/7jjlq3uh3P6F9SB573Uo=; b=DNy3FC3hHlAqmI+kpCMPYrMej9vzdrw1ihnD2Akz+lvM47Zbu0n9CtICf1tR3M6qta O2F0Qm+bjnTOPQ8u2c0sdBpPnpgcW90zcy+PbU5/tP3t5XQr0iqn0ZTYSX2J901mTFN3 Xf6JitaNqE6ZgeFzX8LvwEYwwyFsGR8Z1+2eL6d0oeUgTXDuH0LsNZ8/vsslv7C29+SP 2VROHYThTNkvFRNjq8l678s7MYrmR66R/EZLAJCfj+e3HtRveOS3IkbzgUOUft2sqrks HehbMLlE0+D7fO3kS3bjLO84gXV6wVFzRKQbUFGGVtOBKCn7+QFTsgVD6Yeffep20/3G Y0QA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rcX1T7NJ4kVSpCWNoV8TWs/7jjlq3uh3P6F9SB573Uo=; b=HPEX8dOsj1Q0FS8Q7ovgrdLOeHk/ASXYS9imWy/+Zk/E98WhDIdLUzOxHuJRAcsyza rihBevyxDaPk+T175Lgo4nys1D9XSSKoZsrJSOromyUHLWrLMxf5+u4/JBpvE0RSgXsF 2DGnQ/tKnLRBzPRSXw+YRyiRkz8cSsWfeA+y0JW4o4H+pKKPV75aIK+Bh52fBnQnx0r1 SMXTRgaVxGaRMe4cvMqHIUiKByj8U2BacF3PiYfwCq1jI1n7Tw6+XvPQgs726KJ06D7E QSUgqil3yc23PieIs9GCB0zAzW/Vd1iSwbn7dAgzXZDYzEYQvjTCtIOqzcFdeZWXactj Az6g==
X-Gm-Message-State: APjAAAXw5vbLOLPwAyD7hCyJ+rh6gc7SnAU0bOq1Yi2OCD8dzgohJoMP ugFKotAxasDtcoDihTmVlkQvJdxWomiP8SuOENI=
X-Google-Smtp-Source: APXvYqxm7H6D9cSeH00TIIisqbpQVrLh96Vm2BXpOIj4IvzLQmZcAEz2pY06jPrDc5F7SfBE3mwP27rpbu+bKo6oAc4=
X-Received: by 2002:aca:ba56:: with SMTP id k83mr1763263oif.7.1560401889196; Wed, 12 Jun 2019 21:58:09 -0700 (PDT)
MIME-Version: 1.0
References: <DM6PR15MB2506E62560613C85F74A1FF8BB100@DM6PR15MB2506.namprd15.prod.outlook.com> <CALx6S36vVpD9bAPSBQmhV+daR0Yr4heQ-LaiB4hABAs8ofVfNQ@mail.gmail.com> <DM6PR15MB25063BAF058C1825E2B63E30BB130@DM6PR15MB2506.namprd15.prod.outlook.com> <CAKQ4NaW-QRZDO52zDZTSqz_MsfrS1uQHdz6zFjo+gXvtYVnFxA@mail.gmail.com> <DM6PR15MB2506E06165EA22E66BBB9524BB130@DM6PR15MB2506.namprd15.prod.outlook.com> <7E03089C-8429-4B56-96D6-441490C850B2@gmail.com> <B3D43A45-5E90-4D04-BA64-17150EE6D2AA@gmail.com> <0138C92A-A95A-488D-8851-9F3227D2B8B8@employees.org> <CABNhwV1hy5S-GUK-MY7OcudaYJB0j1PVgF1CG6cGa7s7Qez63w@mail.gmail.com>
In-Reply-To: <CABNhwV1hy5S-GUK-MY7OcudaYJB0j1PVgF1CG6cGa7s7Qez63w@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Thu, 13 Jun 2019 14:57:57 +1000
Message-ID: <CAO42Z2y5070apC6kmwk4q7-45N_YgcLb4a51TwpffDkF_cFc5w@mail.gmail.com>
Subject: Re: IPv6 Link Local Addresses [was Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa?]
To: Gyan Mishra <hayabusagsm@gmail.com>
Cc: Ole Troan <otroan@employees.org>, Alexandre Petrescu <alexandre.petrescu@gmail.com>, Bob Hinden <bob.hinden@gmail.com>, 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005000f8058b2d6019"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/ZasR4KTxxUquub6iMGob5cUWmiM>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2019 04:58:14 -0000
On Thu., 13 Jun. 2019, 00:54 Gyan Mishra, <hayabusagsm@gmail.com> wrote: > > 6MAN, > > I went through this test in the lab a few months ago about verifying > across all Cisco platforms if you can specify non zero values in the all > 0's field in the Link Local prefix hardcoding the prefix and if the OSPF > neighbor would come up and it did come up in an all Cisco environment. > > So the main thing this draft accomplishes in my opinion and I think is > necessary gap that it is fixing is interoperability between vendors for the > use case of making the link local intuitive for the next hop by embedding > the entire global unicast address into the iid & 54 bit 0s field. > > Cisco happens to all the Link Local to be set and set all the 0s in the > prefix fe80::/10 up to 64 which is a violation of the RFC but it does allow > on all platforms and all codes. I think we found that some unix flavors > allow the same. > > So now the change to the RFC 4291 is making it official that it now can be > allowed across all platforms to help with mixed vendor environments where > you can now embedd the entire global unicast address into the station id > making the default EUI64 station-id now intuitive. > IPv6 has worked with link locals this way for more than 20 years. There have been many deployments in that time (as an example, I've had IPv6 at home on ordinary production residential ADSL broadband for the past near 8 years). If there was a significant problem to solve with Link Local addressing, we'd have seen it in this working group by now and solved it by now. IPv6 is a much more "plug-and-play" protocol than IPv4 was ever designed to be (and inspired by the much more plug-and-play late 1980s protocols of Appletalk and Novell's/Xerox's IPX/XNS). That is why, for example, Link Local addresses are required on all interfaces, are automatically generated, and are used automatically by protocols such as OSPF and IS-IS as their next hop values. The manual configuration of addresses on an interface to bootstrap routing is unnecessary when it is easy to have a computer do it automatically. We could actually make IPv4 operate that way if we wanted to. "A dirty trick to save a couple of IPv4 addresses on a LAN link" https://www.ausnog.net/sites/default/files/ausnog-2018/presentations/2.10.2_Mark_Smith_AusNOG2018_Lightning.pdf Learn the IPv6 way rather than spending effort trying to change it into the way IPv4 works. Regards, Mark. > https://datatracker.ietf.org/doc/html/draft-petrescu-6man-ll-prefix-len > > **This is a copy/paste from a test I did in the lab a few months ago to > prove my point** > > > I did a test in the lab for that one use case of making the default link > local EUI64 more intuitive in the lab and Id id a worst case scenario test > populating all the 16 bit nibbles and all hex digits within each nibble so > no :: 0's compression on a Cisco IOS XE router running 16.x code and > confirmed the OSPF neighbor still comes up even though the entire 54 bit > all 0's field per the RFC is populated in effect violating the current RFC > but because its like-like intra-vendor the OSPF adjacency forms. > > > > So I have tested this concept and it works across all Cisco platforms IOS, > XE, XR, NXOS that you can populate the entire 54 bit all 0's field. > > > > So the big caveat with this and justification for this draft is "mix > vendor" environment inter-operability" which is one of the reasons for the > IETF and to have RFC's and standards that allows any device from any vendor > to communicate that supports the RFC. I think that is a MAJOR point to > add to the justification behind the draft in the use cases where on a > managed IPv6 network that the administrator can now hardcode the IPv6 > address fully populating entire 54 bit subnet-id & station-id and routing > protocols will now work and OSPF, ISIS, EIGRP adjacency can now work in a > mix vendor environment. > > > > R1 > > ipv6 addr fe80:1111:1111:1111:1111:1111:1111:1111 link-local > > > > R2 > > ipv6 addr fe80:1111:1111:1111:1111:1111:1111:2222 link-local > > > > R1#sh ipv6 ospf nei > > > > OSPFv3 Router with ID (1.1.1.1) (Process ID 6000) > > > > Neighbor ID Pri State Dead Time Interface ID Interface > > 2.2.2.2 1 FULL/DR 00:00:35 18 > GigabitEthernet1/0/2 > > > > R1#sh ipv6 ospf int g1/0/2 > > GigabitEthernet1/0/2 is up, line protocol is up > > Link Local Address FE80:1111:1111:1111:1111:1111:1111:1111, Interface ID > 18 > > Area 2.2.2.2, Process ID 6000, Instance ID 0, Router ID 1.1.1.1 > > Network Type BROADCAST, Cost: 1 > > SHA-1 authentication SPI 666661, secure socket UP (errors: 0) > > Transmit Delay is 1 sec, State BDR, Priority 1 > > Designated Router (ID) 2.2.2.2, local address > FE80:1111:1111:1111:1111:1111:1111:2222 > > Backup Designated router (ID) 1.1.1.1, local address > FE80:1111:1111:1111:1111:1111:1111:1111 > > Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 > > Hello due in 00:00:03 > > Graceful restart helper support enabled > > Index 1/5/14, flood queue length 0 > > Next 0x0(0)/0x0(0)/0x0(0) > > Last flood scan length is 2, maximum is 9 > > Last flood scan time is 0 msec, maximum is 1 msec > > Neighbor Count is 1, Adjacent neighbor count is 1 > > Adjacent with neighbor 2.2.2.2 (Designated Router) > > Suppress hello for 0 neighbor(s) > > > > R2#sh ipv6 ospf nei > > > > OSPFv3 Router with ID (2.2.2.2) (Process ID 6000) > > > > Neighbor ID Pri State Dead Time Interface ID Interface > > 1.1.1.1 1 FULL/BDR 00:00:37 18 > GigabitEthernet1/0/2 > > > > R2#sh ipv6 ospf int g1/0/2 > > GigabitEthernet1/0/2 is up, line protocol is up > > Link Local Address FE80:1111:1111:1111:1111:1111:1111:2222, Interface ID > 18 > > Area 2.2.2.2, Process ID 6000, Instance ID 0, Router ID 104.255.32.2 > > Network Type BROADCAST, Cost: 1 > > SHA-1 authentication SPI 666661, secure socket UP (errors: 0) > > Transmit Delay is 1 sec, State DR, Priority 1 > > Designated Router (ID) 2.2.2.2, local address > FE80:1111:1111:1111:1111:1111:1111:2222 > > Backup Designated router (ID) 1.1.1.1, local address > FE80:1111:1111:1111:1111:1111:1111:1111 > > Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 > > Hello due in 00:00:05 > > Graceful restart helper support enabled > > Index 1/5/14, flood queue length 0 > > Next 0x0(0)/0x0(0)/0x0(0) > > Last flood scan length is 0, maximum is 7 > > Last flood scan time is 0 msec, maximum is 1 msec > > Neighbor Count is 1, Adjacent neighbor count is 1 > > Adjacent with neighbor 1.1.1.1 (Backup Designated Router) > > Suppress hello for 0 neighbor(s) > > On Tue, Jun 11, 2019 at 4:44 AM Ole Troan <otroan@employees.org> wrote: > >> >> This means that link local addresses have a 10 bit prefix (1111111010) >> followed by 54 bits of zeros. That is it, nothing more. Address with >> different prefixes or with a 1111111010 prefix followed by non-zero 54 bits >> are not link local addresses. >> >> >> >> This is not ambiguous. >> > >> > So if an application asks my implementation to send a packet addressed >> to fe80:1::1 out a particular link what should the implementation do with >> it? It seems like there are only 3 choices: >> > >> > 1. Run ND on that link to see if it can find a neighbor there with >> that address to send the packet to. >> > >> > 2. Send the packet to the current default router. >> > >> > 3. Something else (what?). >> > >> > I had though 1. was the answer since that is what is done with packets >> addressed to link-local unicast destinations (which is what that address is >> according to RFC4191 section 2.4), but that now seems to be ambiguous. >> >> Let me illustrate with a typical per-interface FIB: >> >> fe80::/10 -> drop >> fe80::/64 -> glean >> fe80::abcd -> neighbor abcd >> >> Cheers, >> Ole >> -------------------------------------------------------------------- >> IETF IPv6 working group mailing list >> ipv6@ietf.org >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >> -------------------------------------------------------------------- >> > > > -- > > Gyan S. Mishra > > IT Network Engineering & Technology > > Verizon Communications Inc. (VZ) > > 13101 Columbia Pike FDC1 3rd Floor > > Silver Spring, MD 20904 > > United States > > Phone: 301 502-1347 > > Email: gyan.s.mishra@verizon.com > > www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- >
- Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Bob Hinden
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Tom Herbert
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Sander Steffann
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Warren Kumari
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Fred Baker
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Karl Auer
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Bless, Roland (TM)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Fred Baker
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Tom Herbert
- Re: Is 1111 1110 10 equal to 0xfe80 or... Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or... James R Cutler
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Tom Herbert
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- IPv6 Link Local Addresses [was Re: Is 1111 1110 1… Bob Hinden
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Erik Kline
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Dennis Ferguson
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Ross Finlayson
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Ole Troan
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Fred Baker
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Dennis Ferguson
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Ole Troan
- Re: IPv6 Link Local Addresses Alexandre Petrescu
- Re: IPv6 Link Local Addresses Kerry Lynn
- Re: IPv6 Link Local Addresses Erik Kline
- Re: IPv6 Link Local Addresses Brian E Carpenter
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Gyan Mishra
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Ole Troan
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Gyan Mishra
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Yucel Guven
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Gyan Mishra
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Mark Smith
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Ola Thoresen
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Yucel Guven
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or Alexandre Petrescu
- Re: 1111 1110 10 equals 0xfe80 to 0xfebf Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or... Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: IPv6 Link Local Addresses Alexandre Petrescu
- Re: IPv6 Link Local Addresses Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Warren Kumari
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Warren Kumari
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Sander Steffann
- Re: 1111 1110 10 equals 0xfe80 to 0xfebf Simon Hobson
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Manfredi (US), Albert E
- Re: IPv6 Link Local Addresses Gyan Mishra
- Re: IPv6 Link Local Addresses Gyan Mishra
- Re: correct Alexandre Petrescu