IETF Logo Mail Archive

Re: IPv6 Link Local Addresses [was Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa?]

Gyan Mishra <hayabusagsm@gmail.com> Wed, 12 June 2019 14:54 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD934120127 for <ipv6@ietfa.amsl.com>; Wed, 12 Jun 2019 07:54:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D74d5E4ECxvw for <ipv6@ietfa.amsl.com>; Wed, 12 Jun 2019 07:53:58 -0700 (PDT)
Received: from mail-io1-xd36.google.com (mail-io1-xd36.google.com [IPv6:2607:f8b0:4864:20::d36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4235120123 for <ipv6@ietf.org>; Wed, 12 Jun 2019 07:53:49 -0700 (PDT)
Received: by mail-io1-xd36.google.com with SMTP id e5so13187077iok.4 for <ipv6@ietf.org>; Wed, 12 Jun 2019 07:53:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=w2y72f9dhQUwSksUpaEIPgg8VU+q/KwXGueQrYo21eE=; b=E2yZqJz1vRZE2hNtkxoRFSbvNhfW4qruvYBGAVpWNEhAZ9Z/0K65GX3Rry9/mq0oGl ItTUJRuaEYsCOpVlVxzDqiSmpKZ7QRYx5Hq5jhyBYOr4no6I+5TCRgnYuXASSZBbaS0V ys8JG9S3WQidTrEUlLY5UWsxdYYgrQu9K4gWRNOBR3Uxd/ho/VmKR7Dq7d+BJewkxx/q gKUztDD9DhP39v2HVG7zuXJAp2/3F1sXQOa+Nmp2ySc+8/wI3abC6ddJcBwRVxppPGhf 3JtM4K7//TKTN3sZ03wCwQWEW0oaHFnzi55wwfEhMhRLTfVkicwaoLTS5bQRaaDz9h1c Jqcg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=w2y72f9dhQUwSksUpaEIPgg8VU+q/KwXGueQrYo21eE=; b=mt96+rEkynX9bIui52r0QV2WYTngJYd6yQ5KAy85WA27qk5f5a71i5paQjlexEjeZW jtBmzrO3+s5c85JK/dLy0M3hRmFpZJsBqyufDr8afs+UkSjVVCADwZ94cwldJxXZ8ot2 aod4X/CDkNbLUSL6G3S5RvmQgdS9JgIBYi77rJbiDdc9JN1MSX4510jxqlmvrDyZbywQ 36otNoKIHClkXdP8ZnT/xeMT/xKSyhF/maJQ5f/FqBHaYQ1TAhSgwXm6B/LHkMlFHPz6 c5HqR/IX84lBGOIn6an0MlxMLwy0WK90n9yZLEpVzD25tjAPSZ4W01URQ4PiUiBFjATL UyRQ==
X-Gm-Message-State: APjAAAXtbju2L9geLxsoH8DsoJrCblpAoohiNqJvZvbcqFVjGxEiyRdf KCI8b4JA1K2RFdeN55lwncF0GOO+z0C+bpfA2v8=
X-Google-Smtp-Source: APXvYqyPyUbQfN7vZOGbYoXQj1DeW20F+IyPxMylXCTQ7Bg3BH308jxgVyE+MFeVIi8tv8battbeDY6nKrgf36NUfWk=
X-Received: by 2002:a6b:b488:: with SMTP id d130mr5418547iof.58.1560351228732; Wed, 12 Jun 2019 07:53:48 -0700 (PDT)
MIME-Version: 1.0
References: <DM6PR15MB2506E62560613C85F74A1FF8BB100@DM6PR15MB2506.namprd15.prod.outlook.com> <CALx6S36vVpD9bAPSBQmhV+daR0Yr4heQ-LaiB4hABAs8ofVfNQ@mail.gmail.com> <DM6PR15MB25063BAF058C1825E2B63E30BB130@DM6PR15MB2506.namprd15.prod.outlook.com> <CAKQ4NaW-QRZDO52zDZTSqz_MsfrS1uQHdz6zFjo+gXvtYVnFxA@mail.gmail.com> <DM6PR15MB2506E06165EA22E66BBB9524BB130@DM6PR15MB2506.namprd15.prod.outlook.com> <7E03089C-8429-4B56-96D6-441490C850B2@gmail.com> <B3D43A45-5E90-4D04-BA64-17150EE6D2AA@gmail.com> <0138C92A-A95A-488D-8851-9F3227D2B8B8@employees.org>
In-Reply-To: <0138C92A-A95A-488D-8851-9F3227D2B8B8@employees.org>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Wed, 12 Jun 2019 10:53:34 -0400
Message-ID: <CABNhwV1hy5S-GUK-MY7OcudaYJB0j1PVgF1CG6cGa7s7Qez63w@mail.gmail.com>
Subject: Re: IPv6 Link Local Addresses [was Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa?]
To: Ole Troan <otroan@employees.org>, Alexandre Petrescu <alexandre.petrescu@gmail.com>
Cc: Dennis Ferguson <dennis.c.ferguson@gmail.com>, 6man WG <ipv6@ietf.org>, Bob Hinden <bob.hinden@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000b6a85d058b21946e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/_08b9BmsimB0QUoJuca17W1QM7o>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jun 2019 14:54:03 -0000

6MAN,

I went through this test in the lab a few months ago about verifying across
all Cisco platforms if you can specify non zero values in the all 0's field
in the Link Local prefix hardcoding the prefix and if the OSPF neighbor
would come up and it did come up in an all Cisco environment.

So the main thing this draft accomplishes in my opinion and I think is
necessary gap that it is fixing is interoperability between vendors for the
use case of making the link local intuitive for the next hop by embedding
the entire global unicast address into the iid & 54 bit 0s field.

Cisco happens to all the Link Local to be set and set all the 0s in the
prefix fe80::/10 up to 64 which is a violation of the RFC but it does allow
on all platforms and all codes.  I think we found that some unix flavors
allow the same.

So now the change to the RFC 4291 is making it official that it now can be
allowed across all platforms to help with mixed vendor environments where
you can now embedd the entire global unicast address into the station id
making the default EUI64 station-id now intuitive.

https://datatracker.ietf.org/doc/html/draft-petrescu-6man-ll-prefix-len

**This is a copy/paste from a test I did in the lab a few months ago to
prove my point**


I did a test in the lab for that one use case of making the default link
local EUI64 more intuitive in the lab and Id id a worst case scenario test
populating all the 16 bit nibbles and all hex digits within each nibble so
no :: 0's compression on a Cisco IOS XE router running 16.x code and
confirmed the OSPF neighbor still comes up even though the entire 54 bit
all 0's field per the RFC is populated in effect violating the current RFC
but because its like-like intra-vendor the OSPF adjacency forms.



So I have tested this concept and it works across all Cisco platforms IOS,
XE, XR, NXOS that you can populate the entire 54 bit all 0's field.



So the big caveat with this and justification for this draft is "mix
vendor" environment inter-operability" which is one of the reasons for the
IETF and to have RFC's and standards that allows any device from any vendor
to communicate that supports the RFC.     I think that is a MAJOR point to
add to the justification behind the draft in the use cases where on a
managed IPv6 network that the administrator can now hardcode the IPv6
address fully populating entire 54 bit subnet-id & station-id and routing
protocols will now work and OSPF, ISIS, EIGRP adjacency can now work in a
mix vendor environment.



R1

ipv6 addr fe80:1111:1111:1111:1111:1111:1111:1111 link-local



R2

ipv6 addr fe80:1111:1111:1111:1111:1111:1111:2222 link-local



R1#sh ipv6 ospf nei



            OSPFv3 Router with ID (1.1.1.1) (Process ID 6000)



Neighbor ID     Pri   State           Dead Time   Interface ID    Interface

2.2.2.2      1   FULL/DR         00:00:35    18
GigabitEthernet1/0/2



R1#sh ipv6 ospf int g1/0/2

GigabitEthernet1/0/2 is up, line protocol is up

  Link Local Address FE80:1111:1111:1111:1111:1111:1111:1111, Interface ID
18

  Area 2.2.2.2, Process ID 6000, Instance ID 0, Router ID 1.1.1.1

  Network Type BROADCAST, Cost: 1

  SHA-1 authentication SPI 666661, secure socket UP (errors: 0)

  Transmit Delay is 1 sec, State BDR, Priority 1

  Designated Router (ID) 2.2.2.2, local address
FE80:1111:1111:1111:1111:1111:1111:2222

  Backup Designated router (ID) 1.1.1.1, local address
FE80:1111:1111:1111:1111:1111:1111:1111

  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

    Hello due in 00:00:03

  Graceful restart helper support enabled

  Index 1/5/14, flood queue length 0

  Next 0x0(0)/0x0(0)/0x0(0)

  Last flood scan length is 2, maximum is 9

  Last flood scan time is 0 msec, maximum is 1 msec

  Neighbor Count is 1, Adjacent neighbor count is 1

    Adjacent with neighbor 2.2.2.2  (Designated Router)

  Suppress hello for 0 neighbor(s)



R2#sh ipv6 ospf nei



            OSPFv3 Router with ID (2.2.2.2) (Process ID 6000)



Neighbor ID     Pri   State           Dead Time   Interface ID    Interface

1.1.1.1   1   FULL/BDR        00:00:37    18
GigabitEthernet1/0/2



R2#sh ipv6 ospf int g1/0/2

GigabitEthernet1/0/2 is up, line protocol is up

  Link Local Address FE80:1111:1111:1111:1111:1111:1111:2222, Interface ID
18

  Area 2.2.2.2, Process ID 6000, Instance ID 0, Router ID 104.255.32.2

  Network Type BROADCAST, Cost: 1

  SHA-1 authentication SPI 666661, secure socket UP (errors: 0)

  Transmit Delay is 1 sec, State DR, Priority 1

  Designated Router (ID) 2.2.2.2, local address
FE80:1111:1111:1111:1111:1111:1111:2222

  Backup Designated router (ID) 1.1.1.1, local address
FE80:1111:1111:1111:1111:1111:1111:1111

  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

    Hello due in 00:00:05

  Graceful restart helper support enabled

  Index 1/5/14, flood queue length 0

  Next 0x0(0)/0x0(0)/0x0(0)

  Last flood scan length is 0, maximum is 7

  Last flood scan time is 0 msec, maximum is 1 msec

  Neighbor Count is 1, Adjacent neighbor count is 1

    Adjacent with neighbor 1.1.1.1  (Backup Designated Router)

  Suppress hello for 0 neighbor(s)

On Tue, Jun 11, 2019 at 4:44 AM Ole Troan <otroan@employees.org> wrote:

> >> This means that link local addresses have a 10 bit prefix (1111111010)
> followed by 54 bits of zeros.  That is it, nothing more.   Address with
> different prefixes or with a 1111111010 prefix followed by non-zero 54 bits
> are not link local addresses.
> >>
> >> This is not ambiguous.
> >
> > So if an application asks my implementation to send a packet addressed
> to fe80:1::1 out a particular link what should the implementation do with
> it? It seems like there are only 3 choices:
> >
> >   1. Run ND on that link to see if it can find a neighbor there with
> that address to send the packet to.
> >
> >   2. Send the packet to the current default router.
> >
> >   3. Something else (what?).
> >
> > I had though 1. was the answer since that is what is done with packets
> addressed to link-local unicast destinations (which is what that address is
> according to RFC4191 section 2.4), but that now seems to be ambiguous.
>
> Let me illustrate with a typical per-interface FIB:
>
>  fe80::/10 -> drop
>  fe80::/64 -> glean
>  fe80::abcd -> neighbor abcd
>
> Cheers,
> Ole
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>


-- 

Gyan S. Mishra

IT Network Engineering & Technology

Verizon Communications Inc. (VZ)

13101 Columbia Pike FDC1 3rd Floor

Silver Spring, MD 20904

United States

Phone: 301 502-1347

Email: gyan.s.mishra@verizon.com

www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT

v2.23.0 | Report a Bug | By Email