IETF Logo Mail Archive

Re: Globally Unique Link Local Addresses (Re: about violation of standards)

Mark Smith <markzzzsmith@gmail.com> Wed, 24 April 2019 03:29 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1B7A120112 for <ipv6@ietfa.amsl.com>; Tue, 23 Apr 2019 20:29:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.498
X-Spam-Level:
X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IyBFoIWLBM5m for <ipv6@ietfa.amsl.com>; Tue, 23 Apr 2019 20:29:15 -0700 (PDT)
Received: from mail-oi1-x244.google.com (mail-oi1-x244.google.com [IPv6:2607:f8b0:4864:20::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AF30120046 for <ipv6@ietf.org>; Tue, 23 Apr 2019 20:29:15 -0700 (PDT)
Received: by mail-oi1-x244.google.com with SMTP id v84so13121445oif.4 for <ipv6@ietf.org>; Tue, 23 Apr 2019 20:29:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=rf4iFk4DUOluBV6m1YKQgssYWQ+/mV9Aj79t+i5NMTo=; b=SxHempyB2+LmFxAQwpIyrSNX7aXPUmV5Bt1OKoQhbOtOZ6EstMdUmAd3D6NcX7nEVW iPBuPYMkcHH7O2RQ1s4OEACZDLrnS3p5Tb0QsYohjNLgJLmIkxcZeRIBpEo3fn1YFCAD nCcQXeP2cewRY0k0OCYDO4WXu2DeFN9Av1dDf6ZZ8P7GGbF2ZZSmKpOD1hOliKUuSGq1 xXS4n2S6BJIzLBn080dnRn1BvunFe4Zg+88ecCsiH3GS561oLAoUYaLzWexn1Bh8s+U3 ATPBFeREheXDGqVfxRiqYtiNBhpTlvmRvvcJ8hLSCOFKjYOXukBy6FA8Nb9KDXVachuZ BTCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=rf4iFk4DUOluBV6m1YKQgssYWQ+/mV9Aj79t+i5NMTo=; b=IrxKEWO+0Hz+/18vndI510qV1DNB7mjwaB4TDpqBim3BlbE6kJ8GVvTNHFh7xunQVO c6tWDGJUxGuT+9ROzSefjfzwhnHOzOxNewtSVsUhjmG9zSphOYxkJCB4pPcWmorrkxSX HtoHwWtjIo6qRTxDGB+GqaFZBk4KOgn+7cMIr8EQEYXbENl+QTP0obRk791mzTwIMa/d nAWbHrsOJx9afJH4yaQWFU/T+XHcoPJCPAVW6g/bD0Ytf/5c1b+iVNiINX/KOlOGEkLo BFYhpTaPMq6t5K7wDrzovEfaVT5XF49vyQ4/wv19Bdcd5aib9uAsfv6K3TZ42w00adDa gwhQ==
X-Gm-Message-State: APjAAAVVd+VfVH3+Lt7IDEDN0JQZm+QgBB5fIvAZCmuvT9Ki+4TyNIdq SH5sJfU/6DP2/n0wsAG9RplrvRqgKerwcBR1ry4=
X-Google-Smtp-Source: APXvYqzundmy+97Q7wNjdDKNb+twYnmXftQE1/Y1ys0PYO8Odo4iuOMBZQUwFXp+aCc7LfkWCbwM+amXzV0oZOQ393g=
X-Received: by 2002:aca:aa0f:: with SMTP id t15mr4050794oie.60.1556076554914; Tue, 23 Apr 2019 20:29:14 -0700 (PDT)
MIME-Version: 1.0
References: <bb7f7606-2adf-e669-8bcd-e41f17800782@gmail.com> <CAJE_bqd9frqX5-yeVPj8MYXpZ4737HqK1gmfD9cQV3A-Ea5HrQ@mail.gmail.com> <6bd5db47-408a-727e-5c13-f34a3465f986@si6networks.com> <CAJE_bqfTLqRbLp4fLu2ASZuZ+4G5c2G+RXkO92kXfLgPTqBnng@mail.gmail.com> <EEF00EA7-2AAF-403F-99AD-1D53ED18E8B3@cisco.com> <47631828-121F-402D-8165-969684C1101B@employees.org> <CAO42Z2wbq=8f6FfR7DoOOFrY7B5puxS26Dk+SsM71Pk7y03ipQ@mail.gmail.com> <afa6e0e2-0a31-53f0-0f41-5e24c81405da@gmail.com>
In-Reply-To: <afa6e0e2-0a31-53f0-0f41-5e24c81405da@gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Wed, 24 Apr 2019 13:28:48 +1000
Message-ID: <CAO42Z2zoQtAqzT+v2XYequuWysrLo+WOG8Ou=asRMakQHuS-Pg@mail.gmail.com>
Subject: Re: Globally Unique Link Local Addresses (Re: about violation of standards)
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: Ole Troan <otroan@employees.org>, Fernando Gont <fgont@si6networks.com>, "Pascal Thubert (pthubert)" <pthubert@cisco.com>, 6man WG <ipv6@ietf.org>, Alexandre Petrescu <alexandre.petrescu@gmail.com>, 神明達哉 <jinmei@wide.ad.jp>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/cC_jjRPJMcZmv4KDVk4eKjxY4JQ>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Apr 2019 03:29:18 -0000

Hi Brian,

On Wed, 24 Apr 2019 at 07:52, Brian E Carpenter
<brian.e.carpenter@gmail.com> wrote:
>
> Firstly, I don't believe they could in any sense be globally unique.
> (Even ULAs don't claim to be mathematically unique, just probably unique.)
> So let's call them LULLAs (Locally Unique...), a.k.a. Lullabies.
>

Agree, was really only adding the Global in there as more of a goal
rather than a fact or guarantee and as a more pronounceable acronym.

I think "ULA" suffers from a bit of ambiguity too to get brevity.

> However:
>
> > however it would be simpler for applications to not have to special case Link-Local addresses and use sin6_scope_id.
>
> But they have to anyway, because you can't know in the general case whether LULLAs are in use or not. Anyway, there's nothing new about needing to store an
> interface index number (or name) with an LL address. Any existing code that
> is LL-dependent already does this, unless it's broken.
>

I think the advantage of LLs is that they're required on all IPv6
enabled interfaces, so there is always an IPv6 address available for
an application (and other things) to use.

However, the drawback of using LL addresses is that each application
has to be written to specifically handle them via sin6_scope_id.

Ideally, applications wouldn't have to be written to specially handle
link-local scope addresses. Some type of link-local scope addresses
with some link-attached nodes agreed unique Subnet ID would facilitate
that, pushing the issue of interface selection down into each node's
route table. All applications would then inherently support the use of
these link-local scope addresses.

I understand that one of the motivations for Link-Local addressing was
the "dentist's office" scenario i.e. non-technical, plug and play, "it
just works" networking. Having to have specially adapted applications
to suit that that scenario is pretty contradictory to that goal.


The scheme I've suggested below could work with the ULA address space.
The only real difference is that packets with Link-Local addresses are
formally prohibited from being forwarded off of the link, which could
provide a useful security benefit to certain applications, although we
know they do leak on occasion. With the ULA address space, off link
forwarding of course it isn't prohibited, so it's a specific risk if
the ULA address space was used.

Regards,
Mark.






> Regards
>    Brian
>
> On 23-Apr-19 21:57, Mark Smith wrote:
> >
> >
> > On Tue., 23 Apr. 2019, 17:33 Ole Troan, <otroan@employees.org <mailto:otroan@employees..org>> wrote:
> >
> >     > Some functions in the router are complex to implement because same value for a link local address appears on multiple interfaces.
> >
> >     Like what?
> >
> >
> >
> > I don't specifically know about complex to implement router functions, however it would be simpler for applications to not have to special case Link-Local addresses and use sin6_scope_id.
> >
> >
> >     > It would be useful to be able to encode an abstract interface ID somewhere in the /64. Legacy 00 would mean unspecified...
> >
> >     Sounds like you need subnet-id election?
> >
> >
> > Here's how I've thought you could do it for quite a while.
> >
> > I've thought the best idea would be to have a subnet ID that is generated using the same/similar algorithm ULAs are generated with, to try to avoid subnet ID collision across links attached to interfaces on the same multihomed host or router.
> >
> > A name could be Globally Unique Link Local Addresses (GULLAs) or Unique Link Local Addresses (ULLAs). (I'd think the first, just because its a more easily pronounceable word.)
> >
> > 1. First node on the link looks at the RAs that it receives due to its RSes.
> >
> > 2. If none of them have a PIO for a subnet within the GULLA aggregate prefix (which may be fe80::/10), it generates a subnet ID per the ULA algorithm, resulting in the link's GULLA Subnet Prefix.
> >
> > 3. The node starts advertising RAs containing the GULLA Subnet PIO. If the node is a host, the Router Lifetime is 0. The GULLA Subnet PIO lifetimes are not Infinite, unlike the lifetimes for the traditional LL prefix and addresses. Lifetimes in this PIO probably should be the RFC 4861 defaults. (If the node is also a router, it would advertise any other PIOs in the same RA, with a non-zero router life time if it is a default router.)
> >
> > 4. Second node on the link, due to its RSes, would see that another node is already announcing a GULLA Subnet PIO in one of the received RAs.
> >
> > 5. Second node starts also issuing RAs also containing the GULLA Subnet PIO. Again, if the node is a host, RA router lifetime of zero.
> >
> > 6. 3rd and subsequent nodes attached to the link have some sort of election or selection algorithm to determine which one or ones take over if the first or both nodes stop issuing periodic RAs containing the GULLA Subnet PIO.
> >
> > Ideally it would be good to have non-GULLA nodes also learn and use this new GULLA Subnet, learning it from the GULLA RA announcing nodes. However, that would mean that the fe80::/10 prefix couldn't be used, because per-RFC4861, nodes are to ignore RA PIOs for the Link-Local prefix. So the GULLA aggregate prefix would have to be outside of fe80::/10.
> >
> > The above is mostly inspired by very distant memories of how Appletalk seed routers work to convey cable range (network prefix) information to other Appletalk routers on the link.
> >
> > Regards,
> > Mark.
> >
> >
> >
> >
> >
> >     Ole
> >     --------------------------------------------------------------------
> >     IETF IPv6 working group mailing list
> >     ipv6@ietf.org <mailto:ipv6@ietf.org>
> >     Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> >     --------------------------------------------------------------------
> >
> >
> > --------------------------------------------------------------------
> > IETF IPv6 working group mailing list
> > ipv6@ietf.org
> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------
> >
>

v2.23.0 | Report a Bug | By Email