Re: IPv6 Link Local Addresses
Alexandre Petrescu <alexandre.petrescu@gmail.com> Sat, 15 June 2019 15:32 UTC
Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5F58120020 for <ipv6@ietfa.amsl.com>; Sat, 15 Jun 2019 08:32:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.632
X-Spam-Level:
X-Spam-Status: No, score=-1.632 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8XlA5zSIaoWJ for <ipv6@ietfa.amsl.com>; Sat, 15 Jun 2019 08:32:54 -0700 (PDT)
Received: from sainfoin-smtp-out.extra.cea.fr (sainfoin-smtp-out.extra.cea.fr [132.167.192.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E958112001B for <ipv6@ietf.org>; Sat, 15 Jun 2019 08:32:53 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by sainfoin-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id x5FFWmDg040195; Sat, 15 Jun 2019 17:32:48 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id E0E32202692; Sat, 15 Jun 2019 17:32:48 +0200 (CEST)
Received: from muguet2-smtp-out.intra.cea.fr (muguet2-smtp-out.intra.cea.fr [132.166.192.13]) by pisaure.intra.cea.fr (Postfix) with ESMTP id CB72F200CE5; Sat, 15 Jun 2019 17:32:48 +0200 (CEST)
Received: from [132.166.86.23] ([132.166.86.23]) by muguet2-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id x5FFWlF4012088; Sat, 15 Jun 2019 17:32:48 +0200
Subject: Re: IPv6 Link Local Addresses
To: Yucel Guven <yucel.guven@gmail.com>, Gyan Mishra <hayabusagsm@gmail.com>
Cc: Ole Troan <otroan@employees.org>, Bob Hinden <bob.hinden@gmail.com>, 6man WG <ipv6@ietf.org>
References: <DM6PR15MB2506E62560613C85F74A1FF8BB100@DM6PR15MB2506.namprd15.prod.outlook.com> <CALx6S36vVpD9bAPSBQmhV+daR0Yr4heQ-LaiB4hABAs8ofVfNQ@mail.gmail.com> <DM6PR15MB25063BAF058C1825E2B63E30BB130@DM6PR15MB2506.namprd15.prod.outlook.com> <CAKQ4NaW-QRZDO52zDZTSqz_MsfrS1uQHdz6zFjo+gXvtYVnFxA@mail.gmail.com> <DM6PR15MB2506E06165EA22E66BBB9524BB130@DM6PR15MB2506.namprd15.prod.outlook.com> <7E03089C-8429-4B56-96D6-441490C850B2@gmail.com> <B3D43A45-5E90-4D04-BA64-17150EE6D2AA@gmail.com> <0138C92A-A95A-488D-8851-9F3227D2B8B8@employees.org> <CABNhwV1hy5S-GUK-MY7OcudaYJB0j1PVgF1CG6cGa7s7Qez63w@mail.gmail.com> <C278A105-13D3-4035-AB6E-785A8E2C095D@employees.org> <CABNhwV2848Csn=5xy29Rbe_4E1fD0HSeXonBY4M+=21cK11GOA@mail.gmail.com> <CAKQ4NaWTO=+aHSmBdBZv_Op0zD6iffExAHvOgzNFp5QVhahQiw@mail.gmail.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <88cf8b75-d9ea-14d9-3e14-64ce32e3e633@gmail.com>
Date: Sat, 15 Jun 2019 17:32:47 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0
MIME-Version: 1.0
In-Reply-To: <CAKQ4NaWTO=+aHSmBdBZv_Op0zD6iffExAHvOgzNFp5QVhahQiw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/hKAjFcGBLwTOIZ7-dj3Sz64NZyA>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Jun 2019 15:32:57 -0000
Le 12/06/2019 à 20:37, Yucel Guven a écrit : > I agree with Ole. > > > Referring with the setups in the Lab. with Cisco, or Nokia, or other vendors > > should not be taken as a reference or criteria to change the standards. But one should not take a reference something that is not a reference either. Let me explain: I came to this LL prefix length topic from the IPWAVE WG. That specifies IPv6-over-OCB. There are some implementations of it. These implementations accept fe80:1::/32 as a LL prefix. However, the advise came from knowledgeable people and from AD that we must not use /32 for LL. Why? Because some implementation does not support /32 LL. But that implementation does not support IPv6-over-OCB either. So the question is: why a reference for LL /64 is a reference for everything else when that reference does not implement everything else? _This_ is very abnormal. A Reference is something that the best things implement. Alex > > This type of software modifications are generally called as 'DCR, Design > Change Request', > > and requires modification/tailoring of the device software with respect to > > what customer requests from vendors. > > > On Wed, Jun 12, 2019 at 6:43 PM Gyan Mishra <hayabusagsm@gmail.com > <mailto:hayabusagsm@gmail.com>> wrote: > > Hi Ole > > My reasoning which I gave Alex in assisting in authoring the draft > as what I implemented with my IPv6 customers as our deployment > standard was to have an intuitive link local for next hop > adjacencies which we embedded the global unicast into the link local > after the :: but what happened in the original implementation 16 > bits bled over into the all 0s portion of link local and the ospf > adjacencies would not come up with a Citrix Netscaler lb in 2 arm > setup so we went back to our standard realized that Citrix was > following the rfc 4291 and CISCO was not so we had to update our > deployment standard to follow the rfc for mixed vendor environment. > > So in this case as some vendors like CISCO chose not to follow the > rfc while others do for the use case of intuitive next hop is the > reason to change the rfc so that the entire global unicast address > can be embedded into the link local and the 16bit or more fields > don’t have to be shaved off making the goal of intuitive next hop > slightly better but still not as desired with the restriction of the > all Os field not allowed to be used. > > Gyan > > On Wed, Jun 12, 2019 at 12:27 PM Ole Troan <otroan@employees.org > <mailto:otroan@employees.org>> wrote: > > Hi Gyan, > > > I went through this test in the lab a few months ago about > verifying across all Cisco platforms if you can specify non zero > values in the all 0's field in the Link Local prefix hardcoding > the prefix and if the OSPF neighbor would come up and it did > come up in an all Cisco environment. > > > > So the main thing this draft accomplishes in my opinion and I > think is necessary gap that it is fixing is interoperability > between vendors for the use case of making the link local > intuitive for the next hop by embedding the entire global > unicast address into the iid & 54 bit 0s field. > > > > Cisco happens to all the Link Local to be set and set all the > 0s in the prefix fe80::/10 up to 64 which is a violation of the > RFC but it does allow on all platforms and all codes. I think > we found that some unix flavors allow the same. > > Bias warning: I was heavily involved in one of the > implementations you mention and the choice of how to implement > link-local addresses. > > That one vendor has chosen to allow the operator to chose if she > wants to override the RFC behaviour, isn't in my view an > argument for why we should change the standards. > > Cheers, > Ole > > > > > > So now the change to the RFC 4291 is making it official that > it now can be allowed across all platforms to help with mixed > vendor environments where you can now embedd the entire global > unicast address into the station id making the default EUI64 > station-id now intuitive. > > > > > https://datatracker.ietf..org/doc/html/draft-petrescu-6man-ll-prefix-len > <https://datatracker.ietf.org/doc/html/draft-petrescu-6man-ll-prefix-len> > > > **This is a copy/paste from a test I did in the lab a few > months ago to prove my point** > > > > I did a test in the lab for that one use case of making the > default link local EUI64 more intuitive in the lab and Id id a > worst case scenario test populating all the 16 bit nibbles and > all hex digits within each nibble so no :: 0's compression on a > Cisco IOS XE router running 16.x code and confirmed the OSPF > neighbor still comes up even though the entire 54 bit all 0's > field per the RFC is populated in effect violating the current > RFC but because its like-like intra-vendor the OSPF adjacency forms. > > > > So I have tested this concept and it works across all Cisco > platforms IOS, XE, XR, NXOS that you can populate the entire 54 > bit all 0's field.. > > > > So the big caveat with this and justification for this draft > is "mix vendor" environment inter-operability" which is one of > the reasons for the IETF and to have RFC's and standards that > allows any device from any vendor to communicate that supports > the RFC. I think that is a MAJOR point to add to the > justification behind the draft in the use cases where on a > managed IPv6 network that the administrator can now hardcode the > IPv6 address fully populating entire 54 bit subnet-id & > station-id and routing protocols will now work and OSPF, ISIS, > EIGRP adjacency can now work in a mix vendor environment. > > > > R1 > > ipv6 addr fe80:1111:1111:1111:1111:1111:1111:1111 link-local > > > > R2 > > ipv6 addr fe80:1111:1111:1111:1111:1111:1111:2222 link-local > > > > R1#sh ipv6 ospf nei > > > > OSPFv3 Router with ID (1.1.1.1) (Process ID 6000) > > > > Neighbor ID Pri State Dead Time Interface > ID Interface > > 2.2.2.2 1 FULL/DR 00:00:35 18 > GigabitEthernet1/0/2 > > > > R1#sh ipv6 ospf int g1/0/2 > > GigabitEthernet1/0/2 is up, line protocol is up > > Link Local Address FE80:1111:1111:1111:1111:1111:1111:1111, > Interface ID 18 > > Area 2.2.2.2, Process ID 6000, Instance ID 0, Router ID 1.1.1.1 > > Network Type BROADCAST, Cost: 1 > > SHA-1 authentication SPI 666661, secure socket UP (errors: 0) > > Transmit Delay is 1 sec, State BDR, Priority 1 > > Designated Router (ID) 2.2.2.2, local address > FE80:1111:1111:1111:1111:1111:1111:2222 > > Backup Designated router (ID) 1.1.1.1, local address > FE80:1111:1111:1111:1111:1111:1111:1111 > > Timer intervals configured, Hello 10, Dead 40, Wait 40, > Retransmit 5 > > Hello due in 00:00:03 > > Graceful restart helper support enabled > > Index 1/5/14, flood queue length 0 > > Next 0x0(0)/0x0(0)/0x0(0) > > Last flood scan length is 2, maximum is 9 > > Last flood scan time is 0 msec, maximum is 1 msec > > Neighbor Count is 1, Adjacent neighbor count is 1 > > Adjacent with neighbor 2.2.2.2 (Designated Router) > > Suppress hello for 0 neighbor(s) > > > > R2#sh ipv6 ospf nei > > > > OSPFv3 Router with ID (2.2.2.2) (Process ID 6000) > > > > Neighbor ID Pri State Dead Time Interface > ID Interface > > 1.1.1.1 1 FULL/BDR 00:00:37 18 > GigabitEthernet1/0/2 > > > > R2#sh ipv6 ospf int g1/0/2 > > GigabitEthernet1/0/2 is up, line protocol is up > > Link Local Address FE80:1111:1111:1111:1111:1111:1111:2222, > Interface ID 18 > > Area 2.2.2.2, Process ID 6000, Instance ID 0, Router ID > 104.255.32.2 > > Network Type BROADCAST, Cost: 1 > > SHA-1 authentication SPI 666661, secure socket UP (errors: 0) > > Transmit Delay is 1 sec, State DR, Priority 1 > > Designated Router (ID) 2.2.2.2, local address > FE80:1111:1111:1111:1111:1111:1111:2222 > > Backup Designated router (ID) 1.1.1.1, local address > FE80:1111:1111:1111:1111:1111:1111:1111 > > Timer intervals configured, Hello 10, Dead 40, Wait 40, > Retransmit 5 > > Hello due in 00:00:05 > > Graceful restart helper support enabled > > Index 1/5/14, flood queue length 0 > > Next 0x0(0)/0x0(0)/0x0(0) > > Last flood scan length is 0, maximum is 7 > > Last flood scan time is 0 msec, maximum is 1 msec > > Neighbor Count is 1, Adjacent neighbor count is 1 > > Adjacent with neighbor 1.1.1.1 (Backup Designated Router) > > Suppress hello for 0 neighbor(s) > > > > > > On Tue, Jun 11, 2019 at 4:44 AM Ole Troan > <otroan@employees.org <mailto:otroan@employees.org>> wrote: > > >> This means that link local addresses have a 10 bit prefix > (1111111010) followed by 54 bits of zeros. That is it, nothing > more. Address with different prefixes or with a 1111111010 > prefix followed by non-zero 54 bits are not link local addresses. > > >> > > >> This is not ambiguous. > > > > > > So if an application asks my implementation to send a > packet addressed to fe80:1::1 out a particular link what should > the implementation do with it? It seems like there are only 3 > choices: > > > > > > 1. Run ND on that link to see if it can find a neighbor > there with that address to send the packet to. > > > > > > 2. Send the packet to the current default router. > > > > > > 3. Something else (what?). > > > > > > I had though 1. was the answer since that is what is done > with packets addressed to link-local unicast destinations (which > is what that address is according to RFC4191 section 2.4), but > that now seems to be ambiguous. > > > > Let me illustrate with a typical per-interface FIB: > > > > fe80::/10 -> drop > > fe80::/64 -> glean > > fe80::abcd -> neighbor abcd > > > > Cheers, > > Ole > > > -------------------------------------------------------------------- > > IETF IPv6 working group mailing list > > ipv6@ietf.org <mailto:ipv6@ietf.org> > > Administrative Requests: > https://www.ietf.org/mailman/listinfo/ipv6 > > > -------------------------------------------------------------------- > > > > > > -- > > Gyan S. Mishra > > IT Network Engineering & Technology > > Verizon Communications Inc. (VZ) > > 13101 Columbia Pike FDC1 3rd Floor > > Silver Spring, MD 20904 > > United States > > Phone: 301 502-1347 > > Email: gyan.s.mishra@verizon.com > <mailto:gyan.s.mishra@verizon.com> > > www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT > <http://www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT> > > > > -- > > Gyan S. Mishra > > IT Network Engineering & Technology > > Verizon Communications Inc. (VZ) > > 13101 Columbia Pike FDC1 3rd Floor > > Silver Spring, MD 20904 > > United States > > Phone: 301 502-1347 > > Email: gyan.s.mishra@verizon.com <mailto:gyan.s.mishra@verizon.com> > > www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT > <http://www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT> > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org <mailto:ipv6@ietf.org> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- >
- Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Bob Hinden
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Tom Herbert
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Sander Steffann
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Warren Kumari
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Fred Baker
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Karl Auer
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Bless, Roland (TM)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Fred Baker
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Tom Herbert
- Re: Is 1111 1110 10 equal to 0xfe80 or... Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or... James R Cutler
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Tom Herbert
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Yucel Guven
- IPv6 Link Local Addresses [was Re: Is 1111 1110 1… Bob Hinden
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Mudric, Dusan (Dusan)
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Erik Kline
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Dennis Ferguson
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Ross Finlayson
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Ole Troan
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Fred Baker
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Dennis Ferguson
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Ole Troan
- Re: IPv6 Link Local Addresses Alexandre Petrescu
- Re: IPv6 Link Local Addresses Kerry Lynn
- Re: IPv6 Link Local Addresses Erik Kline
- Re: IPv6 Link Local Addresses Brian E Carpenter
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Gyan Mishra
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Ole Troan
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Gyan Mishra
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Yucel Guven
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Gyan Mishra
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Mark Smith
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Ola Thoresen
- Re: IPv6 Link Local Addresses [was Re: Is 1111 11… Yucel Guven
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or Alexandre Petrescu
- Re: 1111 1110 10 equals 0xfe80 to 0xfebf Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or... Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Alexandre Petrescu
- Re: IPv6 Link Local Addresses Alexandre Petrescu
- Re: IPv6 Link Local Addresses Alexandre Petrescu
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Warren Kumari
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Warren Kumari
- Re: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Sander Steffann
- Re: 1111 1110 10 equals 0xfe80 to 0xfebf Simon Hobson
- RE: Is 1111 1110 10 equal to 0xfe80 or 0x3fa? Manfredi (US), Albert E
- Re: IPv6 Link Local Addresses Gyan Mishra
- Re: IPv6 Link Local Addresses Gyan Mishra
- Re: correct Alexandre Petrescu