Re: Generic anycast addresses...

On Sat., 1 Jun. 2019, 01:49 Michael Richardson, <mcr+ietf@sandelman.ca>
wrote:

>
> Ted Lemon <mellon@fugue.com> wrote:
>     > On May 30, 2019, at 2:19 PM, Brian E Carpenter <
> brian.e.carpenter@gmail.com> wrote:
>     >> Ted, please do think about the main point: "the fuzzy nature of the
>     >> site concept". (And, shameless plug, see
>     >> https://tools.ietf.org/html/draft-carpenter-limited-domains
>     >> <https://tools.ietf.org/html/draft-carpenter-limited-domains>).
> Limited
>     >> scope anycast needs a non-fuzzy scope boundary.
>
>     > Do ULAs have a non-fuzzy scope boundary?   Serious question—I
> actually
>     > do not know how this is handled in the network.
>
> I'm not sure I a non-fuzzy definition of a non-fuzzy boundary ;-)
>
> When I ping/traceroute ULAs from my home network, they die !N at my ISP's
> DFZ
> machine:
>
>    lando-[~] mcr 10005 %traceroute6 fd2e:82a1:f3c4::1
>    traceroute to fd2e:82a1:f3c4::1 (fd2e:82a1:f3c4::1), 30 hops max, 80
> byte packets
>    1  2abc:efgh:f:2::241 (2abc:efgh:f:2::241)  0.521 ms  0.517 ms  0.508 ms
>    2  2abc:efgh:9:8:209:87:239:232 (2abc:efgh:9:8:209:87:239:232)  13.113
> ms
>    3  2001:550:2:8::ab:1 (2001:550:2:8::ab:1)  32.078 ms !N  32.618 ms !N
>
> hop 1 is the router at home, and hope 2 is the access router at my ISP, and
> hop 3 is my ISP's core router connect to upstream peers.
>
> Should hop 1 (home router) or hop 2 (access node) were to blackhole route
> fc00::/6 (ULA-R and ULA-C), would that affect your use case?  Or could the
> anycast service possibly be at the ISP?

I'm guessing you don't have internal ULA address space, which is why you're
more successful than if you did.

> On a campus situation, I would assume that ULA, if used, should be routed
> to
> the all edges, but not beyond.   Or alternatively, consider an ISP+plus
> it's
> customers to be a "campus", or "admin-scope".
>

Those scopes are conceptually smaller than an organisation, because
organisations can have multiple campuses and can have multiple internal
network adminstrative domains.

An ISP has multiple organisations as customers, so you need a scope bigger
than organisation, yet smaller than global, to cover an ISP and its
customers. A Network Service Provider scope.

The multicast scopes in RFC 7346 provides a conceptual hierarchy. I think a
Network Service Provider scope would fit between Organization-Local and
Global.

> Should home routers install routes to 2000::/3 when they see "default"
> rather
> than "::/0"?  I have made that argument, but I see the other point about
> how limiting it could be in the future.
>

A ULA address at an ISP would only be reachable to customers who only have
GUA addresses.

If a customer has ULA internally, a ULA source address would be preferred
over a GUA source to reach an ISP ULA (anycast) destination. That ULA
source address would cause the packet to be dropped by a BCP38 filter at
the ISP access router, assuming they have them, as they should.

Even if the ISP doesn't have BCP 38 filters, the ISP's routing is very
unlikely to have routes back to all customers' ULA address spaces.

So you need global scope anycast addresses for working source address
selection. Except that defeats the goal of having anycast destined packets'
travel being restricted to a domain smaller than global when that is
required or desirable.

Regards,
Mark.

> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
>  -= IPv6 IoT consulting =-
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>