IETF Logo Mail Archive

Re: IPv6 Link Local Addresses [was Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa?]

Yucel Guven <yucel.guven@gmail.com> Fri, 14 June 2019 17:24 UTC

Return-Path: <yucel.guven@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A47F41206EB for <ipv6@ietfa.amsl.com>; Fri, 14 Jun 2019 10:24:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QuaRLv1U9xUz for <ipv6@ietfa.amsl.com>; Fri, 14 Jun 2019 10:24:42 -0700 (PDT)
Received: from mail-ot1-x32c.google.com (mail-ot1-x32c.google.com [IPv6:2607:f8b0:4864:20::32c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27B641206E9 for <ipv6@ietf.org>; Fri, 14 Jun 2019 10:24:42 -0700 (PDT)
Received: by mail-ot1-x32c.google.com with SMTP id i8so3336619oth.10 for <ipv6@ietf.org>; Fri, 14 Jun 2019 10:24:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5ROv2s6JzFlUATN+ddXDqXv6knv3HrxwHM98iWTBz+M=; b=fb4q5O9t+3W+HxusvDVlL9LRJV2DsF3zlXxXlt8Ib035DHMXk5av5WvfA0SszKHZkN jkJeIiHBrzMRgBU9V1USgOGGN0T6vWUekWhbSV+6aSAJBZAi0xS9sHYKPmxpuyuri0Gs Rn2b37irGOd9imjkPXupfAJoKZJHTVCXeUl+3g4k84wg2Y4pibskM9/iNJOgmGu6oDeh 84fZTilZsbY/of3iaGGmYeZ3rBvgd+mdExSwaq7NX8zP+50FaF0rm8ENTil70XHN+WKm +BerlCUnTd24+MVVUYN434UtlaVf/wk5yjMA1+t1UzMXTinJ/E5glrEcB953BVHbH44H Bx4A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5ROv2s6JzFlUATN+ddXDqXv6knv3HrxwHM98iWTBz+M=; b=KG5mEm+SX9IIwPgpC5jsOnY9DDaZbkwH62KLh8/PpC1M2yKA8Zhubzav+nW6F0rn7C UgE5JgUlCtNWF6y5js03R6UivdISYlsp426tNJe4Jjp4lb6DEm6g7LiAW5HooSeb7Rg4 Lo0vOZ7xm1GWNTM0H6Ua/szYfE2/CtHSgJEks9ItA5V5QZdaOLM+flbErk/6TjK/Bx1G 3dwAUhXFc8jOl58fP1xy/gPLEbN0b+yUfbPAje/WUvVMDE59KCWH9yjpj3TA9xe44Swx DjwqNnIT9CcN/wmHm3NlaG14ignf+RJR2yPLKV0BLCHavZLgKprFYTHCbqto9gN6Wb6X CnJw==
X-Gm-Message-State: APjAAAVsFPUU6nizozlVNsuwmjAoTocDn/ZfRin24QCzGkUyR6p92KOD DqV5R2D8nUoLA/eJ+zvY+EUD8CtEHJvLSJLC6Mc=
X-Google-Smtp-Source: APXvYqxK4KjZTiFYvQE+BGHtvLp6/pSB6ynsai9+r46ipTsuk7gO0fbP0Q5zq6ZSXZGhj8H0mhhHpFx1MUKdZlmLtmY=
X-Received: by 2002:a05:6830:2145:: with SMTP id r5mr3155434otd.54.1560533081351; Fri, 14 Jun 2019 10:24:41 -0700 (PDT)
MIME-Version: 1.0
References: <DM6PR15MB2506E62560613C85F74A1FF8BB100@DM6PR15MB2506.namprd15.prod.outlook.com> <CALx6S36vVpD9bAPSBQmhV+daR0Yr4heQ-LaiB4hABAs8ofVfNQ@mail.gmail.com> <DM6PR15MB25063BAF058C1825E2B63E30BB130@DM6PR15MB2506.namprd15.prod.outlook.com> <CAKQ4NaW-QRZDO52zDZTSqz_MsfrS1uQHdz6zFjo+gXvtYVnFxA@mail.gmail.com> <DM6PR15MB2506E06165EA22E66BBB9524BB130@DM6PR15MB2506.namprd15.prod.outlook.com> <7E03089C-8429-4B56-96D6-441490C850B2@gmail.com> <B3D43A45-5E90-4D04-BA64-17150EE6D2AA@gmail.com> <0138C92A-A95A-488D-8851-9F3227D2B8B8@employees.org> <CABNhwV1hy5S-GUK-MY7OcudaYJB0j1PVgF1CG6cGa7s7Qez63w@mail.gmail.com> <C278A105-13D3-4035-AB6E-785A8E2C095D@employees.org> <CABNhwV2848Csn=5xy29Rbe_4E1fD0HSeXonBY4M+=21cK11GOA@mail.gmail.com> <CAKQ4NaWTO=+aHSmBdBZv_Op0zD6iffExAHvOgzNFp5QVhahQiw@mail.gmail.com> <70B40D57-4162-4A13-AAC8-CE11E9E7BE5B@gmail.com>
In-Reply-To: <70B40D57-4162-4A13-AAC8-CE11E9E7BE5B@gmail.com>
From: Yucel Guven <yucel.guven@gmail.com>
Date: Fri, 14 Jun 2019 20:23:58 +0200
Message-ID: <CAKQ4NaUJNE+0LoFV=BwGe_62T4eghrQz7cFDEh+MLzBgBdVaew@mail.gmail.com>
Subject: Re: IPv6 Link Local Addresses [was Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa?]
To: Gyan Mishra <hayabusagsm@gmail.com>
Cc: Ole Troan <otroan@employees.org>, Bob Hinden <bob.hinden@gmail.com>, Alexandre Petrescu <alexandre.petrescu@gmail.com>, 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f96dac058b4beb4e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/e1ZvEp8GIcjpwPar0LR2UNdDs4Y>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jun 2019 17:24:46 -0000

 You are interconnecting different/mixed vendors' devices in your lab.
 and saying that one vendor does not comply with or does not follow RFC,
 and trying to base it into the draft.
 I say that this approach is questionable, and not agree with you.
 Simply because it is a router software, and all type of softwares
 can easily be modified to run in expected/requested/modified way.
 This is a fact not only for vendors but also for open source softwares,
 all kinds of operating systems softwares.
 Also, you can not explicitly blame Cisco or Nokia or other vendors
 for not following the RFC. Instead, ring them and share your findings
 with the vendors, and tell them they did not follow the RFC 4291.
 I just wonder:
 1. Is your lab. run by an independent/non-profit organization?
 2. Is your lab. certified to conduct such experiments
    and to publish/share the results?
 3. Do you carry out the experiments in consent of
    or in collaboration with the vendors in question?
 One of the main purposes of so many RFCs is to provide
 information for the 'INTEROPERABILITY'
 for the worldwide Internet community.
 I am sure nobody in the list is against the discussion of RFCs.
 In fact we should obviously discuss if any issue/problem exist
 due to the content of an RFC. That's why we have drafts.
 Regards,
 Yucel

On Wed, Jun 12, 2019 at 11:08 PM Gyan Mishra <hayabusagsm@gmail.com> wrote:

> Hi Alex
>
> In your next update can you add comment about mix vendor interoperability
> in that today not all vendors abide by the RFC 4291 which has happed day 1
> by Cisco and you mentioned another Linux flavor as well but now the major
> use case benefit the draft provides is mix vendor interoperability with
> vendors that don’t follow the RFC as written today and those that do which
> is a huge impetus for this change as well as allows the next hop for OSPF
> and ISIS to now be intuitive.  The gain in the intuitive next hops is
> deciding of the default EUI64 iid multi step process which having an
> intuitive next hop is the advertising node from which routes have been
> learned is known immediately similar to IPv4.
>
> With respect to going to the vendor to change their behavior to follow the
> RFC is not necessarily the issue as being able to modify the all 0s subnet
> portion of the LL is a benefit for Cisco to Cisco networks so there is no
> reason for that to change as the next hop is now 100% intuitive as is with
> IPv4 in that regard and only mix environments do we have to follow the RFC
> for neighbor adjacencies to form.
>
> Which really is the major reason that the draft I think really should get
> consensus approval from the WG to move forward.
>
> Thank you
>
> Gyan
>
> Sent from my iPhone
>
> On Jun 12, 2019, at 2:37 PM, Yucel Guven <yucel.guven@gmail.com> wrote:
>
> I agree with Ole.
>
>
> Referring with the setups in the Lab. with Cisco, or Nokia, or other
> vendors
>
> should not be taken as a reference or criteria to change the standards.
>
> This type of software modifications are generally called as 'DCR, Design
> Change Request',
>
> and requires modification/tailoring of the device software with respect to
>
> what customer requests from vendors.
>
> On Wed, Jun 12, 2019 at 6:43 PM Gyan Mishra <hayabusagsm@gmail.com> wrote:
>
>> Hi Ole
>>
>> My reasoning which I gave Alex in assisting in authoring the draft as
>> what I implemented with my IPv6 customers as our deployment standard was to
>> have an intuitive link local for next hop adjacencies which we embedded the
>> global unicast into the link local after the :: but what happened in the
>> original implementation 16 bits bled over into the all 0s portion of link
>> local and the ospf adjacencies would not come up with a Citrix Netscaler lb
>> in 2 arm setup so we went back to our standard realized that Citrix was
>> following the rfc 4291 and CISCO was not so we had to update our deployment
>> standard to follow the rfc for mixed vendor environment.
>>
>> So in this case as some vendors like CISCO chose not to follow the rfc
>> while others do for the use case of intuitive next hop is the reason to
>> change the rfc so that the entire global unicast address can be embedded
>> into the link local and the 16bit or more fields don’t have to be shaved
>> off making the goal of intuitive next hop slightly better but still not as
>> desired with the restriction of the all Os field not allowed to be used.
>>
>> Gyan
>>
>> On Wed, Jun 12, 2019 at 12:27 PM Ole Troan <otroan@employees.org> wrote:
>>
>>> Hi Gyan,
>>>
>>> > I went through this test in the lab a few months ago about verifying
>>> across all Cisco platforms if you can specify non zero values in the all
>>> 0's field in the Link Local prefix hardcoding the prefix and if the OSPF
>>> neighbor would come up and it did come up in an all Cisco environment.
>>> >
>>> > So the main thing this draft accomplishes in my opinion and I think is
>>> necessary gap that it is fixing is interoperability between vendors for the
>>> use case of making the link local intuitive for the next hop by embedding
>>> the entire global unicast address into the iid & 54 bit 0s field.
>>> >
>>> > Cisco happens to all the Link Local to be set and set all the 0s in
>>> the prefix fe80::/10 up to 64 which is a violation of the RFC but it does
>>> allow on all platforms and all codes.  I think we found that some unix
>>> flavors allow the same.
>>>
>>> Bias warning: I was heavily involved in one of the implementations you
>>> mention and the choice of how to implement link-local addresses.
>>>
>>> That one vendor has chosen to allow the operator to chose if she wants
>>> to override the RFC behaviour, isn't in my view an argument for why we
>>> should change the standards.
>>>
>>> Cheers,
>>> Ole
>>>
>>>
>>> >
>>> > So now the change to the RFC 4291 is making it official that it now
>>> can be allowed across all platforms to help with mixed vendor environments
>>> where you can now embedd the entire global unicast address into the station
>>> id making the default EUI64 station-id now intuitive.
>>> >
>>> >
>>> https://datatracker.ietf..org/doc/html/draft-petrescu-6man-ll-prefix-len
>>> <https://datatracker.ietf.org/doc/html/draft-petrescu-6man-ll-prefix-len>
>>>
>>> > **This is a copy/paste from a test I did in the lab a few months ago
>>> to prove my point**
>>> >
>>> > I did a test in the lab for that one use case of making the default
>>> link local EUI64 more intuitive in the lab and Id id a worst case scenario
>>> test populating all the 16 bit nibbles and all hex digits within each
>>> nibble so no :: 0's compression on a Cisco IOS XE router running 16.x code
>>> and confirmed the OSPF neighbor still comes up even though the entire 54
>>> bit all 0's field per the RFC is populated in effect violating the current
>>> RFC but because its like-like intra-vendor the OSPF adjacency forms.
>>> >
>>> > So I have tested this concept and it works across all Cisco platforms
>>> IOS, XE, XR, NXOS that you can populate the entire 54 bit all 0's field..
>>> >
>>> > So the big caveat with this and justification for this draft is "mix
>>> vendor" environment inter-operability" which is one of the reasons for the
>>> IETF and to have RFC's and standards that allows any device from any vendor
>>> to communicate that supports the RFC.     I think that is a MAJOR point to
>>> add to the justification behind the draft in the use cases where on a
>>> managed IPv6 network that the administrator can now hardcode the IPv6
>>> address fully populating entire 54 bit subnet-id & station-id and routing
>>> protocols will now work and OSPF, ISIS, EIGRP adjacency can now work in a
>>> mix vendor environment.
>>> >
>>> > R1
>>> > ipv6 addr fe80:1111:1111:1111:1111:1111:1111:1111 link-local
>>> >
>>> > R2
>>> > ipv6 addr fe80:1111:1111:1111:1111:1111:1111:2222 link-local
>>> >
>>> > R1#sh ipv6 ospf nei
>>> >
>>> >             OSPFv3 Router with ID (1.1.1.1) (Process ID 6000)
>>> >
>>> > Neighbor ID     Pri   State           Dead Time   Interface ID
>>> Interface
>>> > 2.2.2.2      1   FULL/DR         00:00:35    18
>>> GigabitEthernet1/0/2
>>> >
>>> > R1#sh ipv6 ospf int g1/0/2
>>> > GigabitEthernet1/0/2 is up, line protocol is up
>>> >   Link Local Address FE80:1111:1111:1111:1111:1111:1111:1111,
>>> Interface ID 18
>>> >   Area 2.2.2.2, Process ID 6000, Instance ID 0, Router ID 1.1.1.1
>>> >   Network Type BROADCAST, Cost: 1
>>> >   SHA-1 authentication SPI 666661, secure socket UP (errors: 0)
>>> >   Transmit Delay is 1 sec, State BDR, Priority 1
>>> >   Designated Router (ID) 2.2.2.2, local address
>>> FE80:1111:1111:1111:1111:1111:1111:2222
>>> >   Backup Designated router (ID) 1.1.1.1, local address
>>> FE80:1111:1111:1111:1111:1111:1111:1111
>>> >   Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
>>> >     Hello due in 00:00:03
>>> >   Graceful restart helper support enabled
>>> >   Index 1/5/14, flood queue length 0
>>> >   Next 0x0(0)/0x0(0)/0x0(0)
>>> >   Last flood scan length is 2, maximum is 9
>>> >   Last flood scan time is 0 msec, maximum is 1 msec
>>> >   Neighbor Count is 1, Adjacent neighbor count is 1
>>> >     Adjacent with neighbor 2.2.2.2  (Designated Router)
>>> >   Suppress hello for 0 neighbor(s)
>>> >
>>> > R2#sh ipv6 ospf nei
>>> >
>>> >             OSPFv3 Router with ID (2.2.2.2) (Process ID 6000)
>>> >
>>> > Neighbor ID     Pri   State           Dead Time   Interface ID
>>> Interface
>>> > 1.1.1.1   1   FULL/BDR        00:00:37    18
>>> GigabitEthernet1/0/2
>>> >
>>> > R2#sh ipv6 ospf int g1/0/2
>>> > GigabitEthernet1/0/2 is up, line protocol is up
>>> >   Link Local Address FE80:1111:1111:1111:1111:1111:1111:2222,
>>> Interface ID 18
>>> >   Area 2.2.2.2, Process ID 6000, Instance ID 0, Router ID 104.255.32.2
>>> >   Network Type BROADCAST, Cost: 1
>>> >   SHA-1 authentication SPI 666661, secure socket UP (errors: 0)
>>> >   Transmit Delay is 1 sec, State DR, Priority 1
>>> >   Designated Router (ID) 2.2.2.2, local address
>>> FE80:1111:1111:1111:1111:1111:1111:2222
>>> >   Backup Designated router (ID) 1.1.1.1, local address
>>> FE80:1111:1111:1111:1111:1111:1111:1111
>>> >   Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
>>> >     Hello due in 00:00:05
>>> >   Graceful restart helper support enabled
>>> >   Index 1/5/14, flood queue length 0
>>> >   Next 0x0(0)/0x0(0)/0x0(0)
>>> >   Last flood scan length is 0, maximum is 7
>>> >   Last flood scan time is 0 msec, maximum is 1 msec
>>> >   Neighbor Count is 1, Adjacent neighbor count is 1
>>> >     Adjacent with neighbor 1.1.1.1  (Backup Designated Router)
>>> >   Suppress hello for 0 neighbor(s)
>>> >
>>> >
>>> > On Tue, Jun 11, 2019 at 4:44 AM Ole Troan <otroan@employees.org>
>>> wrote:
>>> > >> This means that link local addresses have a 10 bit prefix
>>> (1111111010) followed by 54 bits of zeros.  That is it, nothing more.
>>>  Address with different prefixes or with a 1111111010 prefix followed by
>>> non-zero 54 bits are not link local addresses.
>>> > >>
>>> > >> This is not ambiguous.
>>> > >
>>> > > So if an application asks my implementation to send a packet
>>> addressed to fe80:1::1 out a particular link what should the implementation
>>> do with it? It seems like there are only 3 choices:
>>> > >
>>> > >   1. Run ND on that link to see if it can find a neighbor there with
>>> that address to send the packet to.
>>> > >
>>> > >   2. Send the packet to the current default router.
>>> > >
>>> > >   3. Something else (what?).
>>> > >
>>> > > I had though 1. was the answer since that is what is done with
>>> packets addressed to link-local unicast destinations (which is what that
>>> address is according to RFC4191 section 2.4), but that now seems to be
>>> ambiguous.
>>> >
>>> > Let me illustrate with a typical per-interface FIB:
>>> >
>>> >  fe80::/10 -> drop
>>> >  fe80::/64 -> glean
>>> >  fe80::abcd -> neighbor abcd
>>> >
>>> > Cheers,
>>> > Ole
>>> > --------------------------------------------------------------------
>>> > IETF IPv6 working group mailing list
>>> > ipv6@ietf.org
>>> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>> > --------------------------------------------------------------------
>>> >
>>> >
>>> > --
>>> > Gyan S. Mishra
>>> > IT Network Engineering & Technology
>>> > Verizon Communications Inc. (VZ)
>>> > 13101 Columbia Pike FDC1 3rd Floor
>>> > Silver Spring, MD 20904
>>> > United States
>>> > Phone: 301 502-1347
>>> > Email: gyan.s.mishra@verizon.com
>>> > www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT
>>> >
>>>
>>> --
>>
>> Gyan S. Mishra
>>
>> IT Network Engineering & Technology
>>
>> Verizon Communications Inc. (VZ)
>>
>> 13101 Columbia Pike FDC1 3rd Floor
>>
>> Silver Spring, MD 20904
>>
>> United States
>>
>> Phone: 301 502-1347
>>
>> Email: gyan.s.mishra@verizon.com
>>
>> www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>>
>

v2.23.0 | Report a Bug | By Email