draft-ietf-6man-segment-routing-header-26 violating RFC4291, IPv6 Addressing Architecture?
Mark Smith <markzzzsmith@gmail.com> Sat, 07 March 2020 03:33 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A97503A1165 for <ipv6@ietfa.amsl.com>; Fri, 6 Mar 2020 19:33:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.598
X-Spam-Level:
X-Spam-Status: No, score=-0.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 54hUS_wPvJMB for <ipv6@ietfa.amsl.com>; Fri, 6 Mar 2020 19:33:06 -0800 (PST)
Received: from mail-ot1-x329.google.com (mail-ot1-x329.google.com [IPv6:2607:f8b0:4864:20::329]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A3993A1161 for <ipv6@ietf.org>; Fri, 6 Mar 2020 19:33:06 -0800 (PST)
Received: by mail-ot1-x329.google.com with SMTP id j16so4535854otl.1 for <ipv6@ietf.org>; Fri, 06 Mar 2020 19:33:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=M7NentFQOIvjVJ2+KAE12lgAHcrLa7wt7kqbMsxsNTI=; b=tTfzvvwU71EobxKilLA6U4cUcCI7LuSdz1McmOsp7iWDUlAYOyFp1EVueaKn1k7B74 6JsIjDdeWjazZEK5VYmyyLjeotV60nof0G9MaNuCCBby+a7bW94eyatWYGf5WP6RpIXw Kk4MjIFbTLrY/fXYj+pkGMrJSZ1SSbsUAPFGEcAx6a+F5BSNhIevtw3ZM1tzopbbO2ND T+uNfbkVNp9DvyhDZxEaZR0yirMQe2SKNyWMaNNV7H7YJ4cgESWSkSPDR1ROB252kDq5 eDQYhzd+uM1qIXNuDFEIHls6BC/pGJzfwww9aj5htc5Ul1qXPQlUVA6TolxNokrYqd+V vhFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=M7NentFQOIvjVJ2+KAE12lgAHcrLa7wt7kqbMsxsNTI=; b=aiDyzd3tjypSrZptCizHuV9GNIQY5uIas+X8ccpL8W7nLhT4JjpAOw4m218QNasUQI xJyyVywMjbAkiIcp7bux5ghK/B1Hq207hwtFn8hhoDAdkIKfCKF7IZIzfQ0oZ9ydBpjb 1M5ImylUtV+gc4Bl4PheffETQGq1pXjfhM0RN2FBlEsY+CzRt8hxgYFVFI40a73x7u7R 3vBiVzcF/QYwhTaiTIDyIFK3hu31N8hCan8D+CbpOe+zavURDkuIi5IsXeL63H0HtgHh SAYMjZFlk1D1KW+A8CzT53gFYRbhJoaDakhN+e9nsqsoaWnheB3Nfqg+hz/Kr5iwXzcG 2a8g==
X-Gm-Message-State: ANhLgQ2OnTqG/hcqgEhkKbRmt5MNbevvORP5+Hzx1fgEx9mK2s1UyvKp Ny8m7jrb0paGJoLNx66FZukOyws32MP/d6+1opyBkztj
X-Google-Smtp-Source: ADFU+vv2L0mQHWDImBCLEAAU/MGy8Dbhi/DYhb91qpxnVgM7OpnG9WXmqUNqrxv5vdcQGmIaILavxIQtE5mcK2TxMgQ=
X-Received: by 2002:a05:6830:15c6:: with SMTP id j6mr4789292otr.348.1583551985062; Fri, 06 Mar 2020 19:33:05 -0800 (PST)
MIME-Version: 1.0
From: Mark Smith <markzzzsmith@gmail.com>
Date: Sat, 07 Mar 2020 14:32:38 +1100
Message-ID: <CAO42Z2xKWYB4F5Fd735E8xTL+KLZBVO73FjKyVqj8fy2uJkNsg@mail.gmail.com>
Subject: draft-ietf-6man-segment-routing-header-26 violating RFC4291, IPv6 Addressing Architecture?
To: 6man WG <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/vAduPovoO84Yfj0RIUV4Ezbqa3E>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Mar 2020 03:33:08 -0000
Just to pull it out of my last response to Joel for discussion,
"It only occurred to me yesterday that SRH/SRv6 might also be violating
RFC 4291, as it seems that when SIDs are transformed into IPv6
addresses, those IPv6 addresses aren't assigned to interfaces but
rather nodes:
RFC 4291:
"2.1. Addressing Model
IPv6 addresses of all types are assigned to interfaces, not nodes.
An IPv6 unicast address refers to a single interface. Since each
interface belongs to a single node, any of that node's interfaces'
unicast addresses may be used as an identifier for the node."
draft-ietf-6man-segment-routing-header-26:
"4.3. SR Segment Endpoint Node
When an SRv6-capable node receives an IPv6 packet, it performs a
longest-prefix-match lookup on the packets destination address. This
lookup can return any of the following:
* A FIB entry that represents a locally instantiated SRv6 SID
* A FIB entry that represents a local interface, not locally
instantiated as an SRv6 SID
* A FIB entry that represents a non-local route
* No Match"
It would seem to me that the first match bullet point is effectively a
node IPv6 address match.
[...]"
Compliance with RFC4291 could be achieved by assigning a prefix to a
virtual interface, effectively assigning all of the addresses within
the prefix to the virtual interface.
I've proposed that sort of thing in "4. Addressing Tunnel Endpoints"
of "Skinny IPv6 in IPv6 Tunnelling" -
https://tools.ietf.org/id/draft-smith-skinny-ipv6-in-ipv6-tunnelling-00.html#rfc.section.4.
I also discussed some issues related to address selection in that
situation.
A significant operational advantage of assigning a SID prefix to a
virtual interface would be that then all of the things that use an
interface as a handle becomes available e.g. interface packet counters
and being able to query them via SNMP, interface assigned packet
filters/ACLs, etc.
Early Cisco and Linux crypto/IPSec implementations didn't use virtual
tunnel interfaces to represent IPsec tunnels. They became much more
operator friendly when they did.
Regards,
Mark.
- draft-ietf-6man-segment-routing-header-26 violati… Mark Smith
- Re: draft-ietf-6man-segment-routing-header-26 vio… Darren Dukes (ddukes)
- Re: draft-ietf-6man-segment-routing-header-26 vio… Sander Steffann
- Re: draft-ietf-6man-segment-routing-header-26 vio… Andrew Alston
- Re: draft-ietf-6man-segment-routing-header-26 vio… Darren Dukes (ddukes)
- Re: draft-ietf-6man-segment-routing-header-26 vio… Brian E Carpenter
- RE: draft-ietf-6man-segment-routing-header-26 vio… Andrew Alston
- RE: draft-ietf-6man-segment-routing-header-26 vio… Ron Bonica
- Re: draft-ietf-6man-segment-routing-header-26 vio… Darren Dukes (ddukes)
- Re: draft-ietf-6man-segment-routing-header-26 vio… Darren Dukes (ddukes)