Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC
Fernando Gont <fgont@si6networks.com> Wed, 17 June 2020 18:43 UTC
Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 976263A0C82 for <ipv6@ietfa.amsl.com>; Wed, 17 Jun 2020 11:43:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hCXx0Z-SOZKM for <ipv6@ietfa.amsl.com>; Wed, 17 Jun 2020 11:43:53 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 70C3D3A0AFE for <ipv6@ietf.org>; Wed, 17 Jun 2020 11:43:52 -0700 (PDT)
Received: from [IPv6:2800:810:464:1f7:59f5:79ee:c876:5454] (unknown [IPv6:2800:810:464:1f7:59f5:79ee:c876:5454]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 00E92280AC4; Wed, 17 Jun 2020 18:43:42 +0000 (UTC)
Subject: Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC
To: "Templin (US), Fred L" <Fred.L.Templin@boeing.com>, Alexandre Petrescu <alexandre.petrescu@gmail.com>, Bob Hinden <bob.hinden@gmail.com>
Cc: IPv6 List <ipv6@ietf.org>
References: <e8a25961-5ac9-d35e-77dd-bf86f45cd077@gmail.com> <a17ae9f3-001c-07f6-84f9-a0ca583e6a00@gmail.com> <7AE5B6D0-AB01-4077-A9EF-5BD86F428681@gmail.com> <7a3b839f-099e-8fd3-35a2-4625df3c369e@gmail.com> <76e8bd7a-4333-480f-de0f-dcc775418739@si6networks.com> <79d494caa7874696b787aadb80cc322b@boeing.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <4f453be6-72bf-ef4a-a209-022ebcac5860@si6networks.com>
Date: Wed, 17 Jun 2020 15:39:31 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <79d494caa7874696b787aadb80cc322b@boeing.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/fpTitblXjALV9SlBe1GVIEEIxNY>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jun 2020 18:44:03 -0000
On 17/6/20 13:17, Templin (US), Fred L wrote: > Fernando, I think an unspoken assumption in these past several messages is that > privacy is ALWAYS a required property. The assumption is that you fail on the safe side -- that's the essence of RFC8064. > However, there are cases where address > privacy is not only not required, but it is also desirable and useful to be able to > track a node by a stable and unchanging IP address or prefix. > > This is not intended to challenge the non-use of MAC addresses in Interface > Identifiers per your documents, but just to say that in some environments the > randomization and constant changing of IP addresses may actual run counter to > operational objectives. FWIW, RFC7217 produces "stable per network" as that's what is typically a somewhat "sane" operational requirement. Normally, at the time you require constant (across networks) IIDs, you have: 1) ++evilness, xor, 2) if you don't operate the target networks, you cannot enforce that (think networks requiring managed address configuration via DHCPv6), xor, 3) You do not need to rely on this, and you could have the hosts report the addresses themselves (e.g., dyn dns updates), xor, 4) If you do operate the target networks, you probably can track the nodes themselves (e.g., via non-random mac addresses), unless the hosts intentionally don't want that (e.g., they randomize their mac addresses) Thanks, -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC Bob Hinden
- Re: 64bit MAC addresses and SLAAC Behcet Sarikaya
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC otroan
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- RE: 64bit MAC addresses and SLAAC Vasilenko Eduard
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Templin (US), Fred L
- Re: [EXTERNAL] 64bit MAC addresses and SLAAC otroan
- Re: 64bit MAC addresses and SLAAC Bob Hinden
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: 64bit MAC addresses and SLAAC Etienne-Victor Depasquale
- RE: 64bit MAC addresses and SLAAC Templin (US), Fred L
- Re: 64bit MAC addresses and SLAAC Kerry Lynn
- Re: 64bit MAC addresses and SLAAC Bob Hinden
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Gyan Mishra
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: 64bit MAC addresses and SLAAC Gyan Mishra
- Re: 64bit MAC addresses and SLAAC Etienne-Victor Depasquale
- Re: 64bit MAC addresses and SLAAC Ole Troan
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: 64bit MAC addresses and SLAAC Mark Smith
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Philip Homburg
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Philip Homburg
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Fernando Gont
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: 64bit MAC addresses and SLAAC Mark Smith
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- Re: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Fernando Gont
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- RE: [EXTERNAL] Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: [EXTERNAL] 64bit MAC addresses and SLAAC Carsten Bormann
- Re: 64bit MAC addresses and SLAAC Mark Smith
- Re: 64bit MAC addresses and SLAAC Alexandre Petrescu
- RE: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: 64bit MAC addresses and SLAAC Etienne-Victor Depasquale
- Re: 64bit MAC addresses and SLAAC Mark Smith
- Re: 64bit MAC addresses and SLAAC Etienne-Victor Depasquale
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- RE: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- RE: 64bit MAC addresses and SLAAC Templin (US), Fred L
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- RE: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)
- Re: 64bit MAC addresses and SLAAC Philip Homburg
- Re: 64bit MAC addresses and SLAAC otroan
- Re: 64bit MAC addresses and SLAAC Pascal Thubert (pthubert)