IETF Logo Mail Archive

Re: [homenet] ULA scope [draft-ietf-6man-rfc3484-revise-05.txt]

Tim Chown <tjc@ecs.soton.ac.uk> Wed, 21 March 2012 11:55 UTC

Return-Path: <tjc@ecs.soton.ac.uk>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D53A21F8690; Wed, 21 Mar 2012 04:55:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_13=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zLnpZ+vOuMz6; Wed, 21 Mar 2012 04:55:10 -0700 (PDT)
Received: from falcon.ecs.soton.ac.uk (falcon.ecs.soton.ac.uk [IPv6:2001:630:d0:f102::25e]) by ietfa.amsl.com (Postfix) with ESMTP id 5790421F8684; Wed, 21 Mar 2012 04:55:10 -0700 (PDT)
Received: from falcon.ecs.soton.ac.uk (localhost.ecs.soton.ac.uk [127.0.0.1]) by falcon.ecs.soton.ac.uk (8.13.8/8.13.8) with ESMTP id q2LBt8cd023194; Wed, 21 Mar 2012 11:55:08 GMT
X-DKIM: Sendmail DKIM Filter v2.8.2 falcon.ecs.soton.ac.uk q2LBt8cd023194
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=ecs.soton.ac.uk; s=200903; t=1332330908; bh=OZyVavRXXgFMTOe/6uSYjVc03KQ=; h=Mime-Version:Subject:From:In-Reply-To:Date:References:To; b=TUr8NETdAGCqFmm/1sUl3kiypA4ZmgQi0JPtZzgmEHAZ4xumB6h4Zw4ix+eQqpX/L 8gQ8SB/Avrntj/zh+wHgf4idOS7nJL4as8BKcAKdzgdPKo4VYldk+K0Txl71gif8ym 2y+8H4P40v+iUULM40/xVC3Op0QtYSWXIVBFU/rI=
Received: from gander.ecs.soton.ac.uk ([2001:630:d0:f102:250:56ff:fea0:401]) by falcon.ecs.soton.ac.uk (falcon.ecs.soton.ac.uk [2001:630:d0:f102:250:56ff:fea0:68da]) envelope-from <tjc@ecs.soton.ac.uk> with ESMTP id o2KBy80543741358O3 ret-id none; Wed, 21 Mar 2012 11:55:08 +0000
Received: from [IPv6:2001:630:d0:ed03:c41f:eca9:3eba:be1c] ([IPv6:2001:630:d0:ed03:c41f:eca9:3eba:be1c]) (authenticated bits=0) by gander.ecs.soton.ac.uk (8.13.8/8.13.8) with ESMTP id q2LBt4Jn031716 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Wed, 21 Mar 2012 11:55:04 GMT
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Apple Message framework v1257)
Subject: Re: [homenet] ULA scope [draft-ietf-6man-rfc3484-revise-05.txt]
From: Tim Chown <tjc@ecs.soton.ac.uk>
In-Reply-To: <4F68F5E5.7060901@gmail.com>
Date: Wed, 21 Mar 2012 11:55:05 +0000
Content-Transfer-Encoding: quoted-printable
Message-ID: <EMEW3|5cebe062143fa0eb7183a841b1b1e546o2KBy803tjc|ecs.soton.ac.uk|031E46EC-73ED-44A4-B966-B249DCAD367C@ecs.soton.ac.uk>
References: <4EB3F3D6.4090302@innovationslab.net> <9B57C850BB53634CACEC56EF4853FF653B3C3777@TK5EX14MBXW601.wingroup.windeploy.ntdev.microsoft.com> <9B57C850BB53634CACEC56EF4853FF653B3EDB9E@TK5EX14MBXW601.wingroup.windeploy.ntdev.microsoft.com> <E6E7EE34-8244-40B6-84C1-C79E8BDE7921@nttv6.net> <4F3ABFBA.8060605@gmail.com> <29EBA88D-BDB1-464C-915F-B9063578DC51@nttv6.net> <9B57C850BB53634CACEC56EF4853FF653B45BB08@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <C8827D58-5C69-4A44-B9CE-86791466814E@nttv6.net> <4F63896E.10607@gmail.com> <CAFtBC=8=__8GdtExB8oYgA7pOfjxNfXCLzuOXz7_UKCPhwjenw@mail.gmail.com> <5B6B2B64C9FE2A489045EEEADDAFF2C3043A22C2@XMB-RCD-109.cisco.com> <4F64026B.8080308@gmail.com> <9B57C850BB53634CACEC56EF4853FF653B4A639F@TK5EX14MBXW603.wingroup.windeploy.ntdev.microsoft.com> <CABOxzu0kXRg=xdeq143+FWBTFc=+dbJD4LdpOGPi1KmyJ9YmEA@mail.gmail.com> <CABOxzu0x97UmA+Fq9d3e-Wp_ruT0gUni0UxnzgvtzDddjceg-A@mail.gmail.com> <03F31C213F2C6941BFDDBB4336E9E6CD0ABC058C@cph-e! x 1> <4F68F5E5.7060901@gmail.com> <031E46EC-73ED-44A4-B966-B249DCAD367C@ecs.soton.ac.uk>
To: 6man <ipv6@ietf.org>, "homenet@ietf.org Group" <homenet@ietf.org>
X-Mailer: Apple Mail (2.1257)
X-ECS-MailScanner: Found to be clean, Found to be clean
X-smtpf-Report: sid=o2KBy8054374135800; tid=o2KBy80543741358O3; client=relay,forged,no_ptr,ipv6; mail=; rcpt=; nrcpt=2:0; fails=0
X-ECS-MailScanner-Information: Please contact the ISP for more information
X-ECS-MailScanner-ID: q2LBt8cd023194
X-ECS-MailScanner-From: tjc@ecs.soton.ac.uk
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Mar 2012 11:55:11 -0000

On 20 Mar 2012, at 21:25, Brian E Carpenter wrote:

> On 2012-03-20 21:51, Anders Brandt wrote:
>> 
>> It is a surprise to me that ULA addresses are not by default routable within the site.
>> I can easily imagine a number of LLN border routers which autonomously allocate
>> different ULA prefixes for use within their individual LLN subnets.
> 
> IMHO that should be a NOT RECOMMENDED behaviour. ULAs make sense if they
> cover an entire enterprise or home network, but not if they cover a subset.
> 
>> Meeting a ULA address outside the local prefix will cause the LLN node to forward
>> its IP packets to the default gateway (border router) of the LLN subnet. This way
>> packets can travel between LLN subnets using normal routing with long-term stable
>> ULA addresses. We need the stable addresses for control-style applications in LLNs.
>> 
>> Obviously it requires a routing protocol in the (homenet) LAN but are there other issues?
> 
> It doesn't just require a routing protocol; it also requires a routing policy
> that knows which routers have to block the ULAs (plural). That seems a lot
> more complex that a rule that says only a border router originates and delegates
> a ULA prefix, because that border router would also know to block the
> prefix across the border.

So we need to determine what the homenet arch text will say on this. 

I think the assumption so far has been that, as per PD8 in draft-ietf-homenet-arch-02, 
one router would be elected the "master" to delegate /64 ULA prefixes within the
homenet, both to ULA-only LLNs and to links that also have a GUA prefix.  If there's 
an assumption an LLN router will not support that, and instead generate its own /48 
ULA, we need to talk about that, or any other scenario that will lead to multiple /48 ULAs 
in a single homenet site.

The arch text currently says that ULAs should be used (CN1) and that ULAs should be 
preferred for internal communications to GUAs (section 2.4).  It doesn't say how connections 
from outside the homenet can be made to internal ULA-only devices.

The 3484-bis text has changed the default ULA preference to protect against ULA leakage,
so if you now want ULAs preferred you need to somehow inject the specific site /48 ULA
being used with high precedence into the policy table (and as also pointed out here if your 
site is using less than a /48, you should also have some way to learn what the site prefix 
length is). In the homenet case is that injection achieved on receipt of an RA, or would it 
require the proposed DHCPv6 option to be used (which may not be widely implemented 
for some time, and the DHCPv6 server still needs to learn the ULA to put in the option)? 

On the one hand homenet is saying "we'd prefer to use ULAs by default without needing
some magic to achieve it" while 6man is saying "we need to protect against ULA leakage, 
so if you want to prefer ULA for internal connection stability figure out the magic".  

This needs to be mapped to words for the homenet arch text.

Tim

> 
> Anyway - maybe you should look at draft-liu-v6ops-ula-usage-analysis
> and discuss it over on v6ops.
> 
>    Brian
> 
>> 
>> Thanks,
>>  Anders
>>>> You'll find the above logic in the current 3484bis draft.
>>>> 
>>>> -Dave
>>>> --------------------------------------------------------------------
>>>> IETF IPv6 working group mailing list
>>>> ipv6@ietf.org
>>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>>> --------------------------------------------------------------------
>>> _______________________________________________
>>> homenet mailing list
>>> homenet@ietf.org
>>> https://www.ietf.org/mailman/listinfo/homenet
>> _______________________________________________
>> homenet mailing list
>> homenet@ietf.org
>> https://www.ietf.org/mailman/listinfo/homenet
>> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email