IETF Logo Mail Archive

Re: Globally Unique Link Local Addresses (Re: about violation of standards)

Mark Andrews <marka@isc.org> Fri, 26 April 2019 07:33 UTC

Return-Path: <marka@isc.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 158491201BA for <ipv6@ietfa.amsl.com>; Fri, 26 Apr 2019 00:33:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1mtLG6BIQJu0 for <ipv6@ietfa.amsl.com>; Fri, 26 Apr 2019 00:33:39 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D75D120197 for <ipv6@ietf.org>; Fri, 26 Apr 2019 00:33:39 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id E758F3AB001; Fri, 26 Apr 2019 07:33:38 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id D70FB160050; Fri, 26 Apr 2019 07:33:38 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id B5AE0160071; Fri, 26 Apr 2019 07:33:38 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id t1TdKJxA3PTI; Fri, 26 Apr 2019 07:33:38 +0000 (UTC)
Received: from [172.30.42.67] (c27-253-115-14.carlnfd2.nsw.optusnet.com.au [27.253.115.14]) by zmx1.isc.org (Postfix) with ESMTPSA id 1E4F7160050; Fri, 26 Apr 2019 07:33:36 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Subject: Re: Globally Unique Link Local Addresses (Re: about violation of standards)
From: Mark Andrews <marka@isc.org>
In-Reply-To: <CAO42Z2yOwR2t02nUML-VV85SP__HgyGaOEeyC0Jyr9UvKpZXVg@mail.gmail.com>
Date: Fri, 26 Apr 2019 17:33:34 +1000
Cc: 神明達哉 <jinmei@wide.ad.jp>, Fernando Gont <fgont@si6networks.com>, "Pascal Thubert (pthubert)" <pthubert@cisco.com>, 6man WG <ipv6@ietf.org>, Alexandre Petrescu <alexandre.petrescu@gmail.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <5C7B1F6B-DE13-453C-9B0D-B1916F5B06FD@isc.org>
References: <bb7f7606-2adf-e669-8bcd-e41f17800782@gmail.com> <CAJE_bqd9frqX5-yeVPj8MYXpZ4737HqK1gmfD9cQV3A-Ea5HrQ@mail.gmail.com> <6bd5db47-408a-727e-5c13-f34a3465f986@si6networks.com> <CAJE_bqfTLqRbLp4fLu2ASZuZ+4G5c2G+RXkO92kXfLgPTqBnng@mail.gmail.com> <EEF00EA7-2AAF-403F-99AD-1D53ED18E8B3@cisco.com> <47631828-121F-402D-8165-969684C1101B@employees.org> <CAO42Z2wbq=8f6FfR7DoOOFrY7B5puxS26Dk+SsM71Pk7y03ipQ@mail.gmail.com> <afa6e0e2-0a31-53f0-0f41-5e24c81405da@gmail.com> <CAO42Z2zoQtAqzT+v2XYequuWysrLo+WOG8Ou=asRMakQHuS-Pg@mail.gmail.com> <CAJE_bqcJZxWd1ZH8u0rqK5PfwNK9qqmw9O-7=u6Tpu_UTF7-Aw@mail.gmail.com> <CAO42Z2wimfJexfUfs+mfo6Cs8simv9XyTqCaU49VDaSqBG-BxQ@mail.gmail.com> <887AC8E6-2955-4AB0-9F9E-A20BC93E098C@isc.org> <CAO42Z2ywLQawBsW9pT-=SX98QyVWsU3pdCHWzgmWwGVTSwNdcw@mail.gmail.com> <396C6299-6980-49B7-83B5-8BA839CC6675@isc.org> <CAO42Z2yOwR2t02nUML-VV85SP__HgyGaOEeyC0Jyr9UvKpZXVg@mail.gmail.com>
To: Mark Smith <markzzzsmith@gmail.com>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/nJt99W_2rFf58lCxtOT6z7urtPI>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Apr 2019 07:33:41 -0000


> On 26 Apr 2019, at 4:20 pm, Mark Smith <markzzzsmith@gmail.com> wrote:
> 
> On Fri, 26 Apr 2019 at 07:47, Mark Andrews <marka@isc.org> wrote:
>> 
>> Which mythical application only takes IP addresses then connects to them?  I’ve yet to see one written.
>> 
> 
> BGP "application" on a router or a route server for example. Router
> control planes are functionally hosts by RFC 8200, and all of their
> applications e.g. OSPF, BGP processes etc. all deal with raw IP
> addresses, including LLs, most of the time.
> 
> Here's one I wrote. As it is relatively low level, using IP addresses
> explicitly instead of DNS names seemed more suitable. So I wrote
> routines to handle % suffixes in supplied unicast and multicast
> addresses. I would have used getaddrinfo() for that if it had been
> more obvious to do so.
> 
> https://github.com/markzzzsmith/replicast
> 
> 
>> Yes, scoped addresses are a small pain.
>> 
>> Yes, storing scoped addresses in the DNS is not currently supported.  It wouldn’t be that hard to add support with a new type that provided a globally unique name for the link and that name gets locally mapped to a scope id.
>> The A6 record format repurposed would work. Add a RA option to publish the globally unique link name to each link.  Getaddinfo could filter out non local link local addresses.
>> 
> 
> That could work.
> 
>> Getaddrinfo doesn’t just optionally look stuff up in the DNS. It also does transformations like converting to mapped addresses when the node is IPv6 only.  It could potentially apply DNS64 translations as well.
>> 
>> Using getaddrinfo for address literals has been advised for years.
> 
> The trouble is that getaddrinfo() seems to have become more general
> purpose than in the past, where it was specifically for name
> resolution for a long time e.g. per RFC 3493 and how it is presented
> in Unix Network Programming.

Yet, RFC 3493 has these flags for controlling getaddrinfo’s behaviour.

AI_PASSIVE, AI_CANONNAME, AI_NUMERICHOST, AI_NUMERICSERV,
   AI_V4MAPPED, AI_ALL, and AI_ADDRCONFIG.

It was *never* as simple as you make it out to be. It was intended to
replace testing for literal addresses, then performing hostname lookups
and getservbyname lookups, then filling out struct sockaddr structures.
Adding scope handling to this was natural.  Add DNS64 handling would also
be natural.

> I think it would have been more logical to have adapted inet_pton()
> and inet_ntop() to handle % suffixes, understandably not possible
> because they only return binary address representations. Some way of
> embedding a unique link identifier within the IPv6 LL address would
> allow them to be used rather than the less obvious getaddrinfo().


> Regards,
> Mark.
> 
>> --
>> Mark Andrews
>> 
>> On 24 Apr 2019, at 20:29, Mark Smith <markzzzsmith@gmail.com> wrote:
>> 
>> 
>> 
>> On Wed., 24 Apr. 2019, 16:04 Mark Andrews, <marka@isc.org> wrote:
>>> 
>>> getaddrinfo() does in most implementations as it returns a pointer to a
>>> struct sockaddr_in6 which have a sin6_scope_id field.  inet_pton() deals
>>> with the part to the left of the % symbol.
>> 
>> 
>> 
>> I was more thinking about scenarios where only an address is expected to be supplied, so there would not be a need for a DNS lookup.
>> 
>> So it wouldn't and didn't occur to me to use getaddrinfo() just for the purpose of converting an LL address % string into a sockaddr_in6 structure.
>> 
>> LL addresses not being useful to applications if stored in unicast DNS, because of the absent necessary zone info in a AAAA response, also means getaddrinfo() doesn't sound like the right thing to use.
>> 
>> 
>>> 
>>> From various getaddrinfo man pages.
>>> 
>>> MacOS:
>>> 
>>>     This implementation of getaddrinfo() allows numeric IPv6 address notation
>>>     with scope identifier, as documented in section 11 of RFC 4007.  By
>>>     appending the percent character and scope identifier to addresses, one
>>>     can fill the sin6_scope_id field for addresses.  This would make manage-
>>>     ment of scoped addresses easier and allows cut-and-paste input of scoped
>>>     addresses.
>>> 
>>>     At this moment the code supports only link-local addresses with the for-
>>>     mat.  The scope identifier is hardcoded to the name of the hardware
>>>     interface associated with the link (such as ne0).  An example is
>>>     ``fe80::1%ne0'', which means ``fe80::1 on the link associated with the
>>>     ne0 interface''.
>>> 
>>>     The current implementation assumes a one-to-one relationship between the
>>>     interface and link, which is not necessarily true from the specification.
>>> 
>>> Linux:
>>>     Notes
>>> 
>>>     getaddrinfo() supports the address%scope-id notation for specifying the IPv6
>>>     scope-ID.
>>> 
>>> 
>>> Mark
>>> 
>>>> On 24 Apr 2019, at 3:12 pm, Mark Smith <markzzzsmith@gmail.com> wrote:
>>>> 
>>>> 
>>>> 
>>>> On Wed., 24 Apr. 2019, 14:01 神明達哉, <jinmei@wide.ad.jp> wrote:
>>>> At Wed, 24 Apr 2019 13:28:48 +1000,
>>>> Mark Smith <markzzzsmith@gmail.com> wrote:
>>>> 
>>>>> However, the drawback of using LL addresses is that each application
>>>>> has to be written to specifically handle them viasin6_scope_id.
>>>> 
>>>> This is not entirely accurate.  Section 11 of RFC 4007 exists exactly
>>>> for this purpose.  And, in fact, applications like ssh can perfectly
>>>> work for a link-local destination even on a multi-link host even if
>>>> the application (ssh client) doesn't do anything special for
>>>> link-local address:
>>>> 
>>>> % ssh fe80::1%lo0 'echo ok'
>>>> ok
>>>> 
>>>> 
>>>> So what Sockets API function converts "fe80::1%lo0" into a populated sockaddr_in6 structure including sin6_scope_id?
>>>> 
>>>> inet_pton() only deals with and returns addresses, so it seems you have to write additional special case code that handles the % zone suffix.
>>>> 
>>>> 
>>>> It's true that *some* applications may still need to handle link-local
>>>> addresses as a special case, though.
>>>> 
>>>>> I understand that one of the motivations for Link-Local addressing was
>>>>> the "dentist's office" scenario i.e. non-technical, plug and play, "it
>>>>> just works" networking. Having to have specially adapted applications
>>>>> to suit that that scenario is pretty contradictory to that goal.
>>>> 
>>>> I wouldn't expect a dentist to type in a textual link-local address
>>>> (or for that matter, perhaps any textual IPv6 address) anyway.
>>>> 
>>>> So my thoughts have been that things like MDNS would also return the zone information for a LL address to the resolver, although I haven't looked into whether it does or not.
>>>> 
>>>> I still see that it would be simpler if interface or zone information was effectively embedded in the LL address, as it is in GUA and ULA addresses, using the, transparent to the application, node's route table to resolve and determine the ingress/egress network link interface.
>>>> 
>>>> 
>>>>  In
>>>> this context it's more about a higher level problem than
>>>> scope-awareness of the application.  It would have to use some kind of
>>>> zero-config service discovery library with sophisticated user
>>>> interface.  That "library" may have to be aware of the concept of
>>>> scoped addresses more explicitly, but the application would be more
>>>> likely to be agnostic about it.
>>>> 
>>>> --
>>>> JINMEI, Tatuya
>>>> --------------------------------------------------------------------
>>>> IETF IPv6 working group mailing list
>>>> ipv6@ietf.org
>>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>>> --------------------------------------------------------------------
>>> 
>>> --
>>> Mark Andrews, ISC
>>> 1 Seymour St., Dundas Valley, NSW 2117, Australia
>>> PHONE: +61 2 9871 4742              INTERNET: marka@isc.org
>>> 

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka@isc.org

v2.23.0 | Report a Bug | By Email