Re: Happy St Nicholas Day: Re-Launching the IPv6 ULA registry

[Fernando Gont <fgont@si6networks.com>]

Hi, Brian,

On 7/12/20 22:58, Brian E Carpenter wrote:
> On 08-Dec-20 14:07, Fernando Gont wrote:
>> On 7/12/20 19:30, Nico Schottelius wrote:
>> [....]
>>> fd00::/48 is actually an example entry created during the Hackathon,
>>> which led us to implement the random generation instead as the primary
>>> option instead of focussing on submission of existing prefixes.
>>>
>>>> In fact, I just configured it on my network, so if
>>>> there was no duplicate before, there is one now. :-)
>>>
>>> With that argument even GUA is not GUA - I can also configure 2600::/32
>>> or even 2001:db8::/32 in my network, it does not make me "own" 2600::/32
>>> nor remove the documentation character from 2001:db8::/32.
>>
>> FWIW, for all practical purposes, ULAs are non-global-scope addresses --
>> the only reason (?) they are considered global is that RFC4291 still
>> marks the ULA "space" as GUA, and RFC4193 hasn't updated that.
> 
> It's also a bit of a historical accident, too. ULAs were invented at
> the same time that site-local was deprecated [1]. They are routeable
> (unlike link-locals) so RAs, PIOs and routing protocols treat them
> exactly like any other routeable address. So, given that site-local
> scope was abolished, they could only be called global-scope.

"IPv6 private-use address space"?

FWIW, this might seem overly pedantic to some, but I found myself 
reviewing some of the associated definitions.

For "scope", RFC4007 says:

---- cut here ----
     Every IPv6 address other than the unspecified address has a specific
     scope; that is, a topological span within which the address may be
     used as a unique identifier for an interface or set of interfaces.
     The scope of an address is encoded as part of the address, as
     specified in [1].

     For unicast addresses, this document discusses two defined scopes:

     o  Link-local scope, for uniquely identifying interfaces within
        (i.e., attached to) a single link only.

     o  Global scope, for uniquely identifying interfaces anywhere in the
        Internet.
---- cut here ----

Clearly, from this definition, ULAs are not really "global scope":

* ULAs can be used to uniquely identify an interface or set of interface 
within a site/organization -- there can certainly be collisions (and 
that's okay)

* It would seem to me that there's not really any difference between 
"global scope" and "globally reachable" (although I'd probably say 
"globally forwardable", as e.g. middleboxes such as firewalls can 
certainly affect actual reachability)



>> So, an ULA is not meant to be globally usable, and only make sense
>> within an organization (whatever that means) -- and the same ULA prefix
>> being re-used is just fine.
> 
> There were two arguments for making re-use highly unlikely. Merging two
> ULA networks, as I already mentioned, or VPNs interconnecting two ULA
> networks. We were told that both of those were real, active operational
> problems with RFC1918 addresses.

Making the re-use unlikely is indeed sensible (might avoid problems, 
so.. why not?). Still, that still sounds to me like "non-global 
addresses, with high chance of uniqueness", so to speak.

(I found myself trying to explain why ULAs are "global scope", and let's 
say I didn't buy my own argument :-) )

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492