IETF Logo Mail Archive

[IPv6]Re: Analysis of Ungleich ULA Registry

David Farmer <farmer@umn.edu> Wed, 29 May 2024 22:18 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 317D0C180B7B for <ipv6@ietfa.amsl.com>; Wed, 29 May 2024 15:18:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ztMBPp-iqzW3 for <ipv6@ietfa.amsl.com>; Wed, 29 May 2024 15:18:21 -0700 (PDT)
Received: from mta-p7.oit.umn.edu (mta-p7.oit.umn.edu [134.84.196.207]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F520C151070 for <ipv6@ietf.org>; Wed, 29 May 2024 15:18:21 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mta-p7.oit.umn.edu (Postfix) with ESMTP id 4VqP0X4dt9zB4q4g for <ipv6@ietf.org>; Wed, 29 May 2024 22:18:20 +0000 (UTC)
X-Virus-Scanned: amavisd-new at umn.edu
Received: from mta-p7.oit.umn.edu ([127.0.0.1]) by localhost (mta-p7.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HhnOSY3TXWLD for <ipv6@ietf.org>; Wed, 29 May 2024 17:18:20 -0500 (CDT)
Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p7.oit.umn.edu (Postfix) with ESMTPS id 4VqP0X1dgmzB4q4m for <ipv6@ietf.org>; Wed, 29 May 2024 17:18:20 -0500 (CDT)
DMARC-Filter: OpenDMARC Filter v1.3.2 mta-p7.oit.umn.edu 4VqP0X1dgmzB4q4m
DKIM-Filter: OpenDKIM Filter v2.11.0 mta-p7.oit.umn.edu 4VqP0X1dgmzB4q4m
Received: by mail-ed1-f71.google.com with SMTP id 4fb4d7f45d1cf-5786cf51b65so61437a12.3 for <ipv6@ietf.org>; Wed, 29 May 2024 15:18:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; t=1717021098; x=1717625898; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=YbuPyR/F5IEJ9cRrcR/2ip1Q4velBm3tLb5Y11uowKQ=; b=QgQrVLcDkqx8c9GjmB/pm7toSxjlzxXdO2eUaqThuiur0EQKFV8NZqHxWJQlgOmdPb eO3gUfp6xfEeKwTeTMvZ57exvA0hDYkaRGxhCwkVsoLNdGp55xW9EiGO4NhgGvUw9ziE SObhWpUQ5Jnp3cdvQ9g/HulNntykhiAQDZ4iSodY3r1GEUs0yrCMROVFWQpURJLOQWRt pveyA4h2/gyaSj+XxqgooXxnv0Ce8lfJ7dPLQgbNAUURvdVimOpm/Slz8lyFkDLhyw1Z PH7L05hmn2563Wwj72cLWWoYpIUcIgdXJ25rVurSOT5dC3l22NbSgxq8M7MNjrIaPjje x2zA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717021098; x=1717625898; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=YbuPyR/F5IEJ9cRrcR/2ip1Q4velBm3tLb5Y11uowKQ=; b=o+6nw+p8mpYg+NvsL1/VW6j0Pc6Ht79Upxz/BEm5x6CA5ytRQhyB9OdPtFGpcSIZdl Mm9h+rNfdqncekXRdjWAr/TpPtZ2fg0uy6N1HOv0d9J6lcmjwwSsHxdKsRqqVTd4BLZd yL9VDJAUXLGxCnZouIrkvzWh6sRicaQ4Qc+OtxW9+3lz2ckZPfoFzzHvUZxaXxs9SGcs Dm+2q52dWYtS7Sf8g0RT6bfNKthikfJPQ9g7GJT0kk8KIN20MFMT2ULfLQu5IMVI/Xmg ZpH8KBuLoPw73aMp1/xjtTF1uV14SV+EjRxaoLCMM5XOh87lHfdn9hQ9rcQl3qDJQWAr bupA==
X-Forwarded-Encrypted: i=1; AJvYcCWnw1A61ki0tbWwDaxWEdfRMieJLuYaxLNPyQE0oHNbnygmrdmo+v1CGuwaMh0wf+eBsGfGtXPJUA0+v4y5
X-Gm-Message-State: AOJu0Yy25smsIlK8nyB2oV4O0Y3Fl125pqJcnR0PO4Jx5Gcl9Ynv4Afh tFARHhDsqXAqsf2gb/FTVEkimn+iO/hIjhhS+7RGUD6ML7s4yCueGlG2Lf2+O4gL9PR2MY9/85L 4KQ1jbZMC0Cj0YM8W9P02aQR4gH9FIeJfMOxf8Ypj8935Etroof8ePjUJNDd2dozC6biaCuaW85 IQN9twD0mhmNUAoAIsVPnj
X-Received: by 2002:a50:cbc7:0:b0:572:1589:eb98 with SMTP id 4fb4d7f45d1cf-57a177f7eefmr201869a12.12.1717021097910; Wed, 29 May 2024 15:18:17 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IHbxfb8F6tk+kTNcYjmIfaSMxGjj7Av445sqnHuHHrPv+d0H4/8fNd40s8bm3W29tk2vTnQ1gbTGOkcU0E25Xs=
X-Received: by 2002:a50:cbc7:0:b0:572:1589:eb98 with SMTP id 4fb4d7f45d1cf-57a177f7eefmr201856a12.12.1717021096636; Wed, 29 May 2024 15:18:16 -0700 (PDT)
MIME-Version: 1.0
References: <CAN-Dau0J1uqpwnRXYpeSFGUTJ532MmpeGd4BLoAqqf8HzeFTjQ@mail.gmail.com> <CAJU8_nW7Q3WphfgtgnK0E+88R1_nENCy9MBBYhG2G1bkPD9UeQ@mail.gmail.com> <CAN-Dau0Nc0VHMHdRg7MG6yf2X1S_SrYbA6YhKUzBz7XiLkR5cg@mail.gmail.com> <CAJU8_nX4O9hs6R6sOw2+iEL-7urcadNBdBsZfP3-Dn_yUFovLA@mail.gmail.com> <46c161b8-ca0d-4f18-ae3e-22fcb5befb0c@gmail.com> <CAKD1Yr3hTHy+p4nN1mkv4kHb907914gfyxnnzdexy6dYhNmiTw@mail.gmail.com> <7bcaaf7e-4564-4d76-9558-ab005aa70a30@gmail.com> <CAJU8_nUkO8mMY0GEZVj_nKN1f0bNxZwfv=oBKLtV6OgD86ZmAg@mail.gmail.com> <CAJU8_nUcE5ByxWRFEYLbPZtKuYPp0YMp-1jnEZhvJ5mcujyC6g@mail.gmail.com> <CAN-Dau08mUBWUZiBx1Fyx5Q6f5JQDmqZdgz9VYKMkVpKmEkB1Q@mail.gmail.com> <CAJU8_nVKOOa_1vej2MD=NVUZs7Lw-vF0iGL4nBANGzPxL42sSQ@mail.gmail.com>
In-Reply-To: <CAJU8_nVKOOa_1vej2MD=NVUZs7Lw-vF0iGL4nBANGzPxL42sSQ@mail.gmail.com>
From: David Farmer <farmer@umn.edu>
Date: Wed, 29 May 2024 17:17:59 -0500
Message-ID: <CAN-Dau2x4tNYHoKq5pUzd6ZKCOd3Tw4-fAYuxzMOyo_rhXRcdA@mail.gmail.com>
To: Kyle Rose <krose@krose.org>
Content-Type: multipart/alternative; boundary="0000000000008986fd06199f209d"
Message-ID-Hash: 3775FWFARQVD5SKHVARWWIO4RZN24XQJ
X-Message-ID-Hash: 3775FWFARQVD5SKHVARWWIO4RZN24XQJ
X-MailFrom: farmer@umn.edu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ipv6.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: 6man WG <ipv6@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [IPv6]Re: Analysis of Ungleich ULA Registry
List-Id: "IPv6 Maintenance Working Group (6man)" <ipv6.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/sEhxMWmmOnF3t3wZdsuhWqagFrI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Owner: <mailto:ipv6-owner@ietf.org>
List-Post: <mailto:ipv6@ietf.org>
List-Subscribe: <mailto:ipv6-join@ietf.org>
List-Unsubscribe: <mailto:ipv6-leave@ietf.org>

On Mon, May 27, 2024 at 5:09 PM Kyle Rose <krose@krose.org> wrote:

> On Mon, May 27, 2024 at 12:18 PM David Farmer <farmer@umn.edu> wrote:
>
>> While the Ungleich ULA Registry demonstrates significant support for full
>> registration, something like draft-hain-ipv6-ulac provides. My
>> primary concern is a mechanism that allows for ULA prefixes shorter than
>> /48 as a result of the practical restrictions of 10 ULA prefixes created by
>> known-local ULA. I could accept a consensus to accomplish that through
>> randomized local ULA assignments of ULA prefixes shorter than /48 instead
>> of centralized ULA assignments. However, unfortunately, it is unclear to me
>> that there is a consensus for either way forward.
>>
>
> As I've previously stated, I am fine with loosening the language on prefix
> generation along with an extra loud warning about the greater chance of a
> future conflict requiring renumbering as the prefix size gets shorter.
>
> This seems fine to me because it literally only hurts the orgs that choose
> to accept the incremental risk. And frankly I'd be shocked if there weren't
> orgs already doing this because it just made sense for them to do so,
> versus wrangling many separate /48s.
>

Actually, the math shows that aggregating ULA prefixes produces a lower
probability of collision than the equivalent number of discrete /48
prefixes.

For example, merging a /48 into a ULA network with a /44 aggregate is less
likely to cause a collision than merging an additional /48 into a network
with 16 discrete /48 ULAs, or a total of 17 /48s.

This is because the latter is the probability of 17 discrete random 40-bit
variables colliding; even though they are less densely packed, creating a
lower probability for each collision, many more of them create more chances
for them to collide. The former is the probability of 2 discrete random
36-bit variables colliding; even though they are packed more
densely, creating a higher probability for each collision, far fewer of
them create fewer chances for them to collide.

Let me run you through the math. RFC4193 gives us the following formula;

   P = 1 - exp(-N**2 / 2**(L+1))
   Where P is the probability of collision, N is the number of
interconnected Global IDs, and L is the length of the Global ID.

The odds of a /48 colliding with a /44 are the same as two /44s colliding.
The last 4 bits of the /48 are irrelevant. The first 36 bits of the Global
ID are all that matter;
   P = 1 - exp(-2**2/2**(36+1) = 2.91038E-11

And the odds for 17 /48s, with a Global ID of 40 bits;
   P = 1 - exp(-2(17**2/2**(40+1) = 1.31422E-10

For comparison, the odds for 8 /48s, with a Global ID of 40 bits;
   P = 1 - exp(-2(8**2/2**(40+1) = 2.91038E-11

And the odds for 2 /48s, with a Global ID of 40 bits;
   P = 1 exp(-2(2**2/2**(40+1) = 1.81899E-12

For all these cases, the probability of collision is fairly remote; it is
just a little more likely for the 17 /48s at approximately 72 times 2 /48s.
Compared to a /48 and a /44, which is approximately the same as 8 /48s, at
unsurprisingly 16 times 2 /48s.

Thanks.

-- 
===============================================
David Farmer               Email:farmer@umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================

v2.30.2 | Report a Bug | By Email | System Status