IETF Logo Mail Archive

Re: Re: IIDs, u and g bits, and 4rd

Ray Hunter <v6ops@globis.net> Fri, 21 December 2012 13:14 UTC

Return-Path: <v6ops@globis.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB39421F85BC for <ipv6@ietfa.amsl.com>; Fri, 21 Dec 2012 05:14:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.737
X-Spam-Level:
X-Spam-Status: No, score=-2.737 tagged_above=-999 required=5 tests=[AWL=-0.637, BAYES_00=-2.599, J_CHICKENPOX_14=0.6, J_CHICKENPOX_15=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eXl8LnVFKbxn for <ipv6@ietfa.amsl.com>; Fri, 21 Dec 2012 05:14:29 -0800 (PST)
Received: from globis01.globis.net (mail.globis.net [87.195.182.18]) by ietfa.amsl.com (Postfix) with ESMTP id A34BA21F8456 for <ipv6@ietf.org>; Fri, 21 Dec 2012 05:14:28 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by globis01.globis.net (Postfix) with ESMTP id 044FD87008A; Fri, 21 Dec 2012 14:04:11 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at globis01.globis.net
Received: from globis01.globis.net ([127.0.0.1]) by localhost (mail.globis.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KQIeR2xubG0j; Fri, 21 Dec 2012 14:03:54 +0100 (CET)
Received: from Rays-iMac-2.local (unknown [192.168.0.3]) (Authenticated sender: Ray.Hunter@globis.net) by globis01.globis.net (Postfix) with ESMTPA id EC92E870064; Fri, 21 Dec 2012 14:03:53 +0100 (CET)
Message-ID: <50D45E33.3080203@globis.net>
Date: Fri, 21 Dec 2012 14:03:47 +0100
From: Ray Hunter <v6ops@globis.net>
User-Agent: Postbox 3.0.6 (Macintosh/20121022)
MIME-Version: 1.0
To: Rémi Després <despres.remi@laposte.net>
Subject: Re: Re: IIDs, u and g bits, and 4rd
References: <50D10150.40801@joelhalpern.com> <8C48B86A895913448548E6D15DA7553B7186B8@xmb-rcd-x09.cisco.com> <50D11315.3070408@joelhalpern.com> <50D18196.2070501@globis.net> <71BF9600-AE01-476C-9805-0B5278E87BB8@laposte.net> <50D19508.4030808@globis.net> <50D1AFC2.5010704@kit.edu> <17B72775-7244-490A-B434-B82325B77BF4@employees.org> <B1E5F258-5557-444D-B065-E1466BF14B81@laposte.net> <50D1D2DD.7090101@kit.edu> <50D1E424.8030209@gmail.com> <E145458A-A86A-41A3-B2A2-ED85E6468BCF@laposte.net> <50D2231C.2000809@kit.edu> <D0113390-DEB8-4458-8DEE-9B359970925D@laposte.net> <8C48B86A895913448548E6D15DA7553B71A759@xmb-rcd-x09.cisco.com> <BF929D0A-6049-4403-A4F4-DD5A5183A8AF@laposte.net> <B18D70C6-2D82-40D4-B84B-903626C9B438@employees.org> <E6154DDB-6F18-4653-A110-87C0119D248C@laposte.net>
In-Reply-To: <E6154DDB-6F18-4653-A110-87C0119D248C@laposte.net>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
Cc: 6man 6man-wg <ipv6@ietf.org>, "Fred Baker (fred)" <fred@cisco.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Dec 2012 13:14:30 -0000

Inline

Rémi Després wrote:
> 2012-12-20 20:29, Ole Troan <otroan@employees.org> :
>
>> Remi,
>>
>> [...]
>>
>>>> To make assertions about IP addresses based on the EUI-64 is to impose requirements that don't actually exist in IP. It's a little like saying that concrete MUST ("are required to") be grey because the rocks we use in it happen to be grey; no I can have concrete of other colors if I want.
>>> I do agree that, despite a rule exists in some RFC one can see configurations that don't comply with it. 
>>> Consequently, "intended to be globally unique" doesn't mean "guaranteed to be globally unique in real life", right.
>>>
>>> This isn't a reason, however, to abandon rules that proved to be useful. 
>>> AFAIK, the rule that IIDs having u=must (so far) only be based on global IEEE EUI-64 addresses is one of these useful rule not to be abandoned. 
>> how has it proved to be useful?
>> I'm not aware of any protocol or implementation using it.
>
> As already said, it facilitates address stability.
> This is so with OSes that, by default, base their IIDs on EUI-64 addresses of their link adapters.
>
>
>>>> The comment Brian is making refers to IP's requirements, which are that the IID used in a subnet by an interface must be unique within that subnet.
>>> This is a clear requirement, on which I think we all agree.
>>>
>>> It is worth noting here that satisfaction of this requirement DOES DEPEND in part on IIDs having u=being actually unique.
>>> (Reason is that RFC 4862 says (uppercase added) "IPv6 nodes are NOT required to validate that interface identifiers created with modified EUI-64 tokens with the "u" bit set to universal are unique".)
>> to be pedantic it is RFC4291 that says that.
>
> Right, the RFC number wasn't the right one.
> Thanks.
>  
>> the only thing it says is that an implementation does not have to validate that a interface-id is _globally_ unique (how could it?), it still
>> has to validate that an address created with that interface-id is unique.
>
> I find it very hard to interpret the above sentence the way you do.
> Since, as you rightly imply, there is no way locally to check _global_ uniqueness, this sentence is useful only if it means that it is uniqueness _on the link_ that is "not required to be validated" if u=
>
> Anyway, even with your interpretation, this isn't against adding a new reserved IID range to those of RFC5453.
>
>>>> If one has a physical machine with an interface that supports a dozen virtual machines, the requirement is not that all of the physical and virtual machines use IP addresses derived from the physical interface MAC address;
>>> Well understood.
>>>
>>>> the requirement is that they each have IIDs that are unique within the subnet. The obvious choice will be to use privacy addresses for the VMs, which will appear outside the physical machine as the one interface having that many IP addresses.
>>> Agreed.
>>> Since these IIDs will have u= this is neutral in the discussion on u=1 IIDs.
>>>
>>>
>>> AFAIK, no technical and/or operational consideration remains that would prevent the IANA registry on IIDs to be updated as follows (the 4rd range is that proposed by Brian). 
>> that's a different question than what was asked by the softwire.
>> is the question to the 6man WG now, "is it acceptable to reserve 2^48 interface-id's" using the RFC5453 registry?
>
> The basic question is whether reserving for 4rd a specific 8-bit IID is "compatible with the IPv6 addressing architecture" as currently specified.
> Besides some expressed FUD, which isn't illegitimate in face of anything new, no such conflict has been identified by those who checked carefully.
You may call it FUD, but could you please point the WG members to the
text in either the IPv6 addressing architecture (RFC4291) or SLAAC
(RFC4862)  that says that the g bit MUST be overridden to 0 before
creating an IID (and thus link-local and global IPv6 unicast addresses
when they are appended to a /64 prefix)?

It may be sensible, but where is it *defined* in an IETF standards track
RFC that automatic address generation based on an EUI-64 seed MUST NOT
use g=1?

I think we both agree that being able to guarantee unique addresses on a
link is pretty fundamental to correct operation of IPv6, especially
considering the 4rd proposal as documented in your published ID would
not appear to use DAD, and failing DAD in existing nodes currently
causes an interface to cease processing IPv6 packets.

The only text I can find is in the Ethernet specific encapsulation
(RFC2604) which states "The Interface Identifier [AARCH] for an Ethernet
interface is based on the EUI-64 identifier [EUI64] derived from the
interface's built-in 48-bit IEEE 802 address." And even then it's not
specific that if a manufacturer decided to burn in an EUI-48 into their
NIC with g=1 (e.g. for a technology that multicasts by default for
multi-channel television distribution) and this address is from within
their IEEE -assigned OUI space, whether that would be illegal for use
with IETF IPv6 standards.

Also not everything is Ethernet.

regards,
RayH 

> This would normally lead to a flat "yes it is compatible" but, during the discussion, it appeared that the proposed 8-bit prefix can advantageously be replaced by a longer prefix closer to an already reserved prefix, and this without any problem for 4rd. 
> A suggestion by 6man to change the proposed prefix value can therefore be constructive complement to the flat answer.
> I hope the WG will make this step forward.
>
> Regards,
> RD
>
>
>> cheers,
>> Ole
>>
>>
>>> The answer returned to Softwire can then be a request to change the 4rd draft accordingly.
>>>
>>> +-----------------------------------------+-------------------------+
>>> |        Interface Identifier Range       |       Description       |
>>> +-----------------------------------------+-------------------------+
>>> |           0000:0000:0000:0000           |  Subnet-Router Anycast  |
>>> |                                         |        [RFC4291]        |
>>> |                                         |                         |
>>> | FDFE:0000:0000:0000-FDFE:FFFF:FFFF:FFFF |   Reserved 4rd Unicast  |
>>> |                                         |    Addresses [RFCxxxx]  |
>>> |                                         |                         |
>>> | FDFF:FFFF:FFFF:FF80-FDFF:FFFF:FFFF:FFFF | Reserved Subnet Anycast |
>>> |                                         |    Addresses[RFC2526]   |
>>> +-----------------------------------------+-------------------------+
>> cheers,
>> Ole
>

v2.23.0 | Report a Bug | By Email