IETF Logo Mail Archive

Re: Disabling temporary addresses by default?

Gyan Mishra <hayabusagsm@gmail.com> Sun, 02 February 2020 12:30 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 279E31200D8 for <ipv6@ietfa.amsl.com>; Sun, 2 Feb 2020 04:30:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ERmSkuWK951B for <ipv6@ietfa.amsl.com>; Sun, 2 Feb 2020 04:30:13 -0800 (PST)
Received: from mail-il1-x135.google.com (mail-il1-x135.google.com [IPv6:2607:f8b0:4864:20::135]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D146312008B for <ipv6@ietf.org>; Sun, 2 Feb 2020 04:30:12 -0800 (PST)
Received: by mail-il1-x135.google.com with SMTP id g12so10288981ild.2 for <ipv6@ietf.org>; Sun, 02 Feb 2020 04:30:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vTioTnYGJlNjCue1l0T11c5ZBUq0F1/szz8qn5F4AD8=; b=RupuT+axhFP0b34JWpgDInNWbwvh2YHysB91bOOcZjUgLU2ZjUxUXQRBij4ByYC53c TMml8EUkuZcjNlBNU6QMn5sY9ALS1aJ9IiKzKq2AdwkJkRmAtki+wVakr9DIJM/qNFjl ByRZJvGbGeGGSdHeZ7BU6tN4VAalAneXQTyqqdlH1MerwddCW+qoYv9asMLpPpkXDurr Ci4seUOgESVFVF51inV7X13lg5525VT074nCp6TJoMec9plrQFURKE2yu6kP+V+G91VU bbaZxue+12sLuyQkoKshJuMjVebW+DvXiNhOSZvCSd4wU9TpNsYjWtauNb0JIU5rVe0L HvhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vTioTnYGJlNjCue1l0T11c5ZBUq0F1/szz8qn5F4AD8=; b=KMab9zIhFg/zNXBUHZj8Xafm3YHurj97dJ16+VRTgBoJR05ntLBdpjAyMUWvUyAJYl qNJizwO3DGJYInQNbgIhojPlga81EBkjcDAuS13FxA0lYQcWkKLIzc75Uv+rQJ1mlnPn lZOFPSdsfKsgqTYqs0Z7HzMGtGUnU0ly2Ki3ubPytqVmEdrWa5G6GEoJ8r6tYBHive3d p5jjDIggNxkbm0L7OB9xBmE0Yew9c9oxcdTfWp1gSPS2m2KZ3lUS6bm1xMccB51PCC7a Kx07xmGQsyrhGQhPkZ09qtc0IgVI17EW0LGM3krMhjbw9cDA4UCevbD/e0yVUA8eNhPR kkIQ==
X-Gm-Message-State: APjAAAUBCTGRwN7ROcvCuttClOIv7eT92KoLy8CtJ2P+5vLegMq877hc Hm2NgUT5lDNSoz7xF7w2dVqGXXrpLSDYP46h6q4=
X-Google-Smtp-Source: APXvYqyHDgdsDj94JGkOYrxOsyRmAjtcsKttOc30OozXwq8IFYc5oMIfPYOUZVCEGgxp65cqqUlZTMAzY8zVHnNmDG0=
X-Received: by 2002:a92:1948:: with SMTP id e8mr17016422ilm.158.1580646611972; Sun, 02 Feb 2020 04:30:11 -0800 (PST)
MIME-Version: 1.0
References: <CABNhwV2=TPU+CQ1zBu58DmRD7i3=tBsdZvuOxuaS_jQLZ-ebBw@mail.gmail.com> <2E8EF340-72CD-46BC-A634-22571BC5E705@puck.nether.net> <CAO42Z2we-rJTdou9pR8509J1wS95Hfz67+=ThxKJkEZpTe0H4Q@mail.gmail.com>
In-Reply-To: <CAO42Z2we-rJTdou9pR8509J1wS95Hfz67+=ThxKJkEZpTe0H4Q@mail.gmail.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Sun, 02 Feb 2020 07:30:01 -0500
Message-ID: <CABNhwV2xGWz8kMW-R4DFh2b0J8RdtST_+i=AgiEwOEuTJ3bc7Q@mail.gmail.com>
Subject: Re: Disabling temporary addresses by default?
To: Mark Smith <markzzzsmith@gmail.com>
Cc: 6man WG <ipv6@ietf.org>, Christian Huitema <huitema@huitema.net>, Fernando Gont <fgont@si6networks.com>, Jared Mauch <jared@puck.nether.net>
Content-Type: multipart/alternative; boundary="000000000000d27797059d96f783"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/jrVdFMXVEG0KcNu8WgBeEL1sak0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Feb 2020 12:30:15 -0000

On Sun, Feb 2, 2020 at 3:53 AM Mark Smith <markzzzsmith@gmail.com> wrote:

>
>
> On Sun, 2 Feb 2020, 19:05 Jared Mauch, <jared@puck.nether.net> wrote:
>
>> They are also useful and needed when debugging hashing or 802.3ad related
>> issues. To debug the flow hash you often need stable addresses which are
>> not easily changed
>
>
> Can you explain how you do this troubleshooting? Do you spoof end users
> addresses?
>

  802.1ad is a QinQ  technology used by providers for backbone bridges
Ethernet relay services instances.  Inner tag is provider label and outer
tag is customer label.  The flow hash entropy is based on
source/destination hash, however if the address is not stable and changing,
that changes the hash entropy for load balancing flows.  That throws off
the lb entropy and now you don’t get close to 50/50 lb entropy with 2 links
in an Ethernet bundle. There are many instances when bundled ethernet
aggregation or MLAG is employed where a Src/dest hash is used to create
entropy for load balancing of flows ; as well as in MPLS L2 vpn  and NG L2
VPN ethernet service instance e-line, e-lan, e-tree where a fat pseudo
wire” is deployed requiring stable IP for lb entropy to work properly.

Another instance where stable IP is necessary is related along those same
lines of thought to BGP IGP ISIS or OSPF ECMP flow based load balancing
hash hash where flows lb entropy is created to get the even load balancing
over multiple parallel L3 links in a enterprise or provider operators
network.  When the address keeps changing that changes the load balancing
entropy for the hash.  So now instead of the flow going over L3 link A it
is now going over link B.



>
> or provided by the average user who just expects the technology to work.
>
>
> Temporary addresses have been the default on Apple OS X since Lion in 2011
> and Windows Vista in 2007. That doesn't seem to have prevented IPv6 working
> for the average user.
>
>
>
>
>> Sent from my iCar
>>
>> > On Feb 1, 2020, at 4:24 PM, Gyan Mishra <hayabusagsm@gmail.com> wrote:
>> >
>> > Stable random IPv6 address works best to meet the objective of an
>> enterprise.
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>>
> --

Gyan  Mishra

Network Engineering & Technology

Verizon

Silver Spring, MD 20904

Phone: 301 502-1347

Email: gyan.s.mishra@verizon.com

v2.23.0 | Report a Bug | By Email