Re: [v6ops] RFC7217 and flash renumbering and IID change
Philip Homburg <pch-ipv6-ietf-7@u-1.phicoh.com> Mon, 14 December 2020 11:04 UTC
Return-Path: <pch-b9D3CB0F5@u-1.phicoh.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCF623A0FC7 for <ipv6@ietfa.amsl.com>; Mon, 14 Dec 2020 03:04:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.004
X-Spam-Level:
X-Spam-Status: No, score=0.004 tagged_above=-999 required=5 tests=[RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NlJvJlSRXpMZ for <ipv6@ietfa.amsl.com>; Mon, 14 Dec 2020 03:04:04 -0800 (PST)
Received: from stereo.hq.phicoh.net (stereo.hq.phicoh.net [130.37.15.35]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90F453A0FC4 for <ipv6@ietf.org>; Mon, 14 Dec 2020 03:04:04 -0800 (PST)
Received: from stereo.hq.phicoh.net (localhost [::ffff:127.0.0.1]) by stereo.hq.phicoh.net with esmtp (TLS version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305) (Smail #157) id m1kole5-0000HWC; Mon, 14 Dec 2020 12:04:01 +0100
Message-Id: <m1kole5-0000HWC@stereo.hq.phicoh.net>
To: ipv6@ietf.org
Subject: Re: [v6ops] RFC7217 and flash renumbering and IID change
From: Philip Homburg <pch-ipv6-ietf-7@u-1.phicoh.com>
Sender: pch-b9D3CB0F5@u-1.phicoh.com
References: <alpine.DEB.2.20.2012111147020.10335@uplift.swm.pp.se> <28ec97ca-355b-e4d8-200d-1c14160b51c0@si6networks.com> <4AC2A13C-9FE6-4D2C-B14C-D1DCC3169700@thehobsons.co.uk>
In-reply-to: Your message of "Sun, 13 Dec 2020 19:53:01 +0000 ." <4AC2A13C-9FE6-4D2C-B14C-D1DCC3169700@thehobsons.co.uk>
Date: Mon, 14 Dec 2020 12:04:00 +0100
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/cFkR1W-i6wTyX6F8zqgmJ1gf16M>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Dec 2020 11:04:06 -0000
>So we're back to each host deciding on the security policy for the network - n
>ot a network admin (as a proxy for the owners of the site/network).
>
>I make a point of disabling upnp as one of the first steps when setting up a n
>etwork. Who wants ${random device which may or may not be "friendly"} to be ab
>le to determine what traffic is allowed into the network - it's not like there
> is anyone out there in the wild west of the internet who'd have any hostile i
>ntent :-/
There are a numbering of things that could be done:
- Use DHCPv6 IA_NA instead of SLAAC
- Have a provisioning system that provides each host with a static address.
- Bring back EUI-64. For systems with static addresses, EUI-64 works just
fine.
- Define yet another pseudo-random IID. This time one where the IID remains
constant over the lifetime of the system.
- Re: [v6ops] RFC7217 and flash renumbering and IID… Philip Homburg
- Re: [v6ops] RFC7217 and flash renumbering and IID… Fernando Gont
- Re: [v6ops] RFC7217 and flash renumbering and IID… Philip Homburg
- Re: [v6ops] RFC7217 and flash renumbering and IID… Mark Andrews