Re: Feedback on draft-gont-6man-stable-privacy-addresses-01

Tim Chown <> Sat, 14 April 2012 14:49 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 87C4821F860B for <>; Sat, 14 Apr 2012 07:49:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.449
X-Spam-Status: No, score=-1.449 tagged_above=-999 required=5 tests=[AWL=-1.150, BAYES_00=-2.599, MANGLED_BELOW=2.3]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 2O4Ptj1PCJV1 for <>; Sat, 14 Apr 2012 07:49:35 -0700 (PDT)
Received: from ( [IPv6:2001:630:d0:f102::25e]) by (Postfix) with ESMTP id 6C44B21F8609 for <>; Sat, 14 Apr 2012 07:49:35 -0700 (PDT)
Received: from ( []) by (8.13.8/8.13.8) with ESMTP id q3EEnUY0031391 for <>; Sat, 14 Apr 2012 15:49:30 +0100
X-DKIM: Sendmail DKIM Filter v2.8.2 q3EEnUY0031391
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple;; s=200903; t=1334414971; bh=b6K9dsNM74gPT5YyAf33+cPMtK4=; h=Mime-Version:Subject:From:In-Reply-To:Date:References:To; b=gqnfVmclUQ0VfvU+DBg7M6wB9uE7tAELAvt9vS7e4qCllk9C9bDKxlerceaIF5Bzb CA3/MBnR91LGk1NkErdw0XVYDP0mDGegSBCaczLimrebBvVqtCDVdEnpBhTXuXI93H ZLAlgGxcHWAu3BVntsF8UWaGWJTHqpV5XYYGyI0w=
Received: from ([2001:630:d0:f102:250:56ff:fea0:401]) by ( [2001:630:d0:f102:250:56ff:fea0:68da]) envelope-from <> with ESMTP id o3DFnU0543703448Vc ret-id none; Sat, 14 Apr 2012 15:49:30 +0100
Received: from [] ( []) (authenticated bits=0) by (8.13.8/8.13.8) with ESMTP id q3EEmBwW026857 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for <>; Sat, 14 Apr 2012 15:48:11 +0100
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Apple Message framework v1257)
Subject: Re: Feedback on draft-gont-6man-stable-privacy-addresses-01
From: Tim Chown <>
In-Reply-To: <>
Date: Sat, 14 Apr 2012 15:48:10 +0100
Content-Transfer-Encoding: quoted-printable
Message-ID: <EMEW3|64b3c0890119ec1737ec9d2601bdc44co3DFnU03tjc||>
References: <> <1334276068.3945.408.camel@karl> <> <1334363774.3945.541.camel@karl> <> <EMEW3|289e913e0066f2de615a1e1b85762bcbo3DBUc03tjc||> <> <>
To: 6man Mailing List <>
X-Mailer: Apple Mail (2.1257)
X-ECS-MailScanner: Found to be clean, Found to be clean
X-smtpf-Report: sid=o3DFnU054370344800; tid=o3DFnU0543703448Vc; client=relay,forged,no_ptr,ipv6; mail=; rcpt=; nrcpt=1:0; fails=0
X-ECS-MailScanner-Information: Please contact the ISP for more information
X-ECS-MailScanner-ID: q3EEnUY0031391
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 14 Apr 2012 14:49:36 -0000

On 14 Apr 2012, at 15:09, Fernando Gont wrote:

> On 04/14/2012 12:30 PM, Tim Chown wrote:
>> I while ago I put this one forward, which is an alternative to
>> Fernando's suggestion that you have to set the whole address:
>> This was based on existing implementations, in Solaris and Linux (as
>> a demonstrator), with the potential for simpler renumbering in mind.
> Does this really help renumbering? e.g., if you have ACLs, they are
> based on the whole IPv6 address, rather than on the IID...

It helps reduce the need to store full literals in any configuration, so if the host is renumbered, it can have a new "manually configured" address in the new prefix automatically without touching wherever that might otherwise be configured on the host.

Some platforms allow macros, like the IOS ipv6 general-prefix notation iirc.  You can then replace the new prefix and not touch the rest of the configuration.

We did such renumbering tests as long ago as 2004/05, and these tools were certainly useful back then (it's very dated now, but see for example)

> Note: I still don't understand the use case for this technology, or how
> the IIDs would be selected (but since they seem to be
> manually-generated, I'd expect them to be "low-byte", such as ::1, ::2,
> etc.).

They can be whatever you want them to be. Based on our IPv6 mail logs, an awful lot of MXs use <prefix>::25 for example. But if you want a stable identifier across renumbering events, or without configuring a full literal, the tokenised identifier concept is quite nice.

I don't know if Sun has any IPR claim on it though.