IETF Logo Mail Archive

[IPv6]Re: I-D Action: draft-ietf-6man-rfc6724-update-21.txt

Bob Hinden <bob.hinden@gmail.com> Tue, 01 July 2025 23:26 UTC

Return-Path: <bob.hinden@gmail.com>
X-Original-To: ipv6@mail2.ietf.org
Delivered-To: ipv6@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 5096A3C6FE27; Tue, 1 Jul 2025 16:26:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gv9ttjt4FKcw; Tue, 1 Jul 2025 16:26:15 -0700 (PDT)
Received: from mail-yw1-x112c.google.com (mail-yw1-x112c.google.com [IPv6:2607:f8b0:4864:20::112c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 237613C6FC9F; Tue, 1 Jul 2025 16:26:05 -0700 (PDT)
Received: by mail-yw1-x112c.google.com with SMTP id 00721157ae682-711d4689084so67856937b3.0; Tue, 01 Jul 2025 16:26:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1751412364; x=1752017164; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=VFdyu8GK7MV6EGOaG12bIzeFJkLribfiT58zAMWa/5g=; b=CPMVXMYq3fhMxoEEyrO3RwuUqFWgcT0kzFfriBpMJSU3m0/OZ70VoO6B7tuMrZlJx5 R/LRKumQ10Bp1QwO5PDofob0CHLgoBXQnpn8uPYA4TTXvF8rVG5X4+O+6/GRbMEZYOek M69/VAo5NFSuw4Wmn+PRW0nNxXzu/4IIEuH2k9/1cz3mdLcx5XDbXz4E2jqNFjdL5zKV uMhSjj4gpaDv96SwOVim8FPwowYeg5wURzjaxVJrdtMKr75vRm+797BiOEFZwA2SbUEK cm9z4rcIFkxaD+5ECeRWW+sDO2WLr7aktesdB4buQaLKx5TKSTYPYIRtQcpwEC2/e6wC FfHQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751412364; x=1752017164; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=VFdyu8GK7MV6EGOaG12bIzeFJkLribfiT58zAMWa/5g=; b=gcvlCNExEE1QfNBryqRQaFZs8hW3MtOenIBt2+TdOyIzxR92O3ySS24lkHbkuMSOMf hrw9OLbTZ16A075ch0oSw0EadYCBr8wPSK9t8HpMz2G1cHKDV1hg/g9JOrn5FUq1Hz7D CctW7yTu8sc7NtSHRBj7nseCO4I2Mv7BPvrwHtOc4oyATElwO213ibk/Pjq8bDPfqKwY TEz2bzQnD6IA+drVv9cH3PduW660TwG8hctpNipsEDGd4dP862E8AlOB0ZpZspu5qsZB EfctktQDqioPQUV7gAXyXZYzRqKVE0zL1XPRtcQ+8E5DyEbwyd1wtIAaMZvs1F95cT3U +MBQ==
X-Forwarded-Encrypted: i=1; AJvYcCUGoz7jc4k95A4DKDHrAuuVbxwVfUeRrbVZomq3RYjCKc1eUDRJGZckaGCdHGXHG8G4uF+QbLaFJQ==@ietf.org, AJvYcCVoeTb8YBZvl68nNcImny1R4Dg061VB3YLFL6mlttXRN28IuyqH+Wy52s76yvVHyVfAIVsXL2ejQEpxX2ZlUMhdnSIj4FRnsPZe94hgfY+C3nu2AOG3BDg=@ietf.org, AJvYcCWeiV5xWsxfop71taKtTjTohjnozds8aTLUGr8ZG6T6KHZ7nrqKHmNPHLMqwKiaqOOyf8BqKR9p+6oRGcQ=@ietf.org, AJvYcCXADmBXT6kaNcA5d5OxY415J8XDUSRJIHOu/U4i4FDmXbiadVMLKr6MR+c9OTlXscKnBMthoA==@ietf.org
X-Gm-Message-State: AOJu0Yx3AJOiyI8VYnEv9QBWI4V3jXU7Ygq3/P4zF7lmv/PpIuhoVVc/ /LJw5l26zxM7jRih7vdW89guSMtQ2Yqjm9Bfvs1jm/38L2UIyakXugMfPeIeug==
X-Gm-Gg: ASbGncvLly5SyqMKz1zRs7/VIbU2OxlZyBzhRuF6kgr9QgCYickIbIkZzB0sHvknWGu ZAJbL8bG3boOWEZeNOlP/HtCkH4NSxsa8QF+/S5TCZt90JRhxx8cyzWosLuTj9aPg1jnAXqnQQG uYrJZYmYWmlB0B9VVUmsm3/bNfQUGhrkrbywnULMJUD+puNPdeoybAUEDRCnFN0C+mYijdJ6YFT 7GOAVXg/osbcgQHdWkm3D/s5FSoW/FWcQKDwK8IL554ZQKpE+s5byZOdqeF03efulmH5rfj22zX mIIhMagzuznQFprKUscYJgrDr1wkQIwErr7qYFeaSGb7Potdt99LlQpbIf36986pH8YCsjFKcw9 OtAcRoOUD+ena6drH1uG7
X-Google-Smtp-Source: AGHT+IGBDQOIZQVKbCCAqJh2QjNR0f7OnhrV86229m5EiX5A5FJ7qbwK0aqGqkiYObj0cNYU0wOT2g==
X-Received: by 2002:a05:690c:498c:b0:710:f2a1:fa6 with SMTP id 00721157ae682-7164d523270mr9522037b3.29.1751412364412; Tue, 01 Jul 2025 16:26:04 -0700 (PDT)
Received: from smtpclient.apple ([2600:1700:4383:c05f:2814:c353:a70f:8b82]) by smtp.gmail.com with ESMTPSA id 00721157ae682-71515a9792esm22422377b3.0.2025.07.01.16.26.03 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 01 Jul 2025 16:26:03 -0700 (PDT)
From: Bob Hinden <bob.hinden@gmail.com>
Message-Id: <40584B87-283A-4B45-B214-53A2EF695987@gmail.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_A71171BA-2DF9-4C54-8027-8D0F90ADB016"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.600.51.1.1\))
Date: Tue, 01 Jul 2025 16:25:42 -0700
In-Reply-To: <CACMsEX-M5u6gv0kaSxM0uezy8f==caUwUKudDE1d-Jrb1ADVZA@mail.gmail.com>
To: Nick Buraglio <buraglio@forwardingplane.net>
References: <175071730132.502784.5026151083314117768@dt-datatracker-6754d69b7c-p2xd7> <CAKD1Yr3zcThnQx2qE3xB3n+tmzgq7vAZ9nH4CcEVHHfp=AH44Q@mail.gmail.com> <CACMsEX8eUxE2c0HPBpRqziJ=mL=+ef1iNRxpqdjT7cDBG-3gVw@mail.gmail.com> <4AE1AC9E-5603-4EB2-AE40-F946AB60B1E9@gmail.com> <CACMsEX-M5u6gv0kaSxM0uezy8f==caUwUKudDE1d-Jrb1ADVZA@mail.gmail.com>
X-Mailer: Apple Mail (2.3826.600.51.1.1)
Message-ID-Hash: DDORYKBPBC2W3RVB4TSCEAFA5TIIQHKF
X-Message-ID-Hash: DDORYKBPBC2W3RVB4TSCEAFA5TIIQHKF
X-MailFrom: bob.hinden@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ipv6.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Bob Hinden <bob.hinden@gmail.com>, draft-ietf-6man-rfc6724-update.authors@ietf.org, 6man Chairs <6man-chairs@ietf.org>, "6man-ads@tools.ietf.org" <6man-ads@ietf.org>, IPv6 List <ipv6@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [IPv6]Re: I-D Action: draft-ietf-6man-rfc6724-update-21.txt
List-Id: "IPv6 Maintenance Working Group (6man)" <ipv6.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/nyYAf7cNpxfViPJaiCKex7rGUoc>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Owner: <mailto:ipv6-owner@ietf.org>
List-Post: <mailto:ipv6@ietf.org>
List-Subscribe: <mailto:ipv6-join@ietf.org>
List-Unsubscribe: <mailto:ipv6-leave@ietf.org>

NIck,

To clarify, you are saying that this text:

Regardless of their length or how the PIO flags are set, other PIOs
from within fd00::/8 that are not already covered by the known-local
ULA list MAY be added to the list, but only with the advertised prefix
length.

was inadvertently added in v21.    You are proposing to remove it.

Is that correct?

Bob



> On Jul 1, 2025, at 9:47 AM, Nick Buraglio <buraglio@forwardingplane.net> wrote:
> 
> I went back through and it looks like this snuck back in between v20
> and v21, an oversight on my part.
> 
> In section 5.3:
> 
> OLD:
> 
> 5. ULA interface addresses from within fd00::/8, particularly ones not
> created by SLAAC, and not already covered by the known-local ULA list
> MUST be added to the list with an assumed prefix length of /48.
> However, as with rule 1, if the ULA interface address was generated on
> the basis of a PIO that has only been seen in RAs in which the SNAC
> router flag bit is set, this ULA prefix MUST NOT be used as described
> in this rule (rule 5). This prevents potential use of a non-routable
> source address when communicating to a known-local ULA destination
> address that is not on the local link, as SNAC-generated GUAs can only
> work on a single link, and the only reason to ever choose them in
> source address selection is that the only choice for a destination
> address is the longest prefix match.
> 
> 6. Regardless of their length or how the PIO flags are set, other PIOs
> from within fd00::/8 that are not already covered by the known-local
> ULA list MAY be added to the list, but only with the advertised prefix
> length.
> 
> 7. When inserting known-local ULA entries into the policy table, they
> MUST have a label of 14 (rather than the default ULA label of 13) and
> a precedence of 45.
> 
> 
> NEW:
> 
> 
> 5. ULA interface addresses from within fd00::/8, particularly ones not
> created by SLAAC, and not already covered by the known-local ULA list
> MUST be added to the list with an assumed prefix length of /48.
> However, as with rule 1, if the ULA interface address was generated on
> the basis of a PIO that has only been seen in RAs in which the SNAC
> router flag bit is set, this ULA prefix MUST NOT be used as described
> in this rule (rule 5). This prevents potential use of a non-routable
> source address when communicating to a known-local ULA destination
> address that is not on the local link, as SNAC-generated GUAs can only
> work on a single link, and the only reason to ever choose them in
> source address selection is that the only choice for a destination
> address is the longest prefix match.
> 
> 6. When inserting known-local ULA entries into the policy table, they
> MUST have a label of 14 (rather than the default ULA label of 13) and
> a precedence of 45.
> 
> 
> On Sun, Jun 29, 2025 at 5:35 PM Bob Hinden <bob.hinden@gmail.com> wrote:
>> 
>> Nick,
>> 
>> Please send the proposed change here clearly showing the change, like old text, new text, before publishing a new draft.  It needs review since this is happening after the IESG approval and I think it is more than can be done in AUTH48.
>> 
>> Bob
>> 
>> 
>> 
>> 
>> On Jun 29, 2025, at 10:23 AM, Nick Buraglio <buraglio@forwardingplane.net> wrote:
>> 
>> Thanks for catching this, it definitely got missed in the IETG updates we made, and I agree that it should be specified more succinctly in accordance with what the WG agreed on. I can submit a new version fixing this, if that is the right path to go down.
>> 
>> nb
>> 
>> 
>> On Sat, Jun 28, 2025 at 10:12 PM Lorenzo Colitti <lorenzo@google.com> wrote:
>>> 
>>> On Tue, Jun 24, 2025 at 7:22 AM <internet-drafts@ietf.org> wrote:
>>>> 
>>>>   Title:   Prioritizing known-local IPv6 ULAs through address selection policy
>>>>   Authors: Nick Buraglio
>>>>            Tim Chown
>>>>            Jeremy Duncan
>>>>   Name:    draft-ietf-6man-rfc6724-update-21.txt
>>> 
>>> 
>>> Authors, chairs, ADs (since this went to the IESG last week).
>>> 
>>> I just took a look at the latest version and it looks like the following text went in to -21 just before the document was reviewed by the IESG:
>>> 
>>> ====
>>>   6.  Regardless of their length or how the PIO flags are set, other
>>>       PIOs from within fd00::/8 that are not already covered by the
>>>       known-local ULA list MAY be added to the list, but only with the
>>>       advertised prefix length.
>>> ====
>>> 
>>> This text is problematic because it allows a host to consider, for example, a PIO for "fd00::/8" with L=0 and A=0 as known-local. Such behaviour would completely defeat the purpose of known-local ULAs, because it would treat all of ULA space as local. In the WG there was very substantial discussion on this point and that discussion ultimately led to the consensus text of saying that by default known-local ULAs are /48 and MUST NOT be shorter than /40. Allowing arbitrary prefix lengths, even as a MAY, undermines that consensus. Worse, by leaving it up to the implementation, it leads to fragmentation.
>>> 
>>> I don't think this sort of substantial change should be made after WGLC. Can we remove this text?
>>> 
>>> Or, if this text was added to solve a concrete problem, then can we limit this behaviour to prefix lengths between /40 and /48?
>>> 
>>> Thanks,
>>> Lorenzo
>> 
>>

v2.45.0 | Report a Bug | By Email | System Status