IETF Logo Mail Archive

Re: 64bit MAC addresses and SLAAC

Gyan Mishra <hayabusagsm@gmail.com> Wed, 17 June 2020 19:31 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18C543A0CE7 for <ipv6@ietfa.amsl.com>; Wed, 17 Jun 2020 12:31:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.087
X-Spam-Level:
X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1oKrYrfI-YDR for <ipv6@ietfa.amsl.com>; Wed, 17 Jun 2020 12:31:04 -0700 (PDT)
Received: from mail-il1-x12a.google.com (mail-il1-x12a.google.com [IPv6:2607:f8b0:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C1373A0CE2 for <ipv6@ietf.org>; Wed, 17 Jun 2020 12:31:04 -0700 (PDT)
Received: by mail-il1-x12a.google.com with SMTP id a13so3453997ilh.3 for <ipv6@ietf.org>; Wed, 17 Jun 2020 12:31:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Dr4PyXCi3ovyRb8QHEWc8PRnzfZXixOxF8iiu5V5vAg=; b=RorBOorxe2++JfJzKmh/0WBS/+MZNQftZbTzJOYp5XtP56WY5nEAPBrWj6PbwfWIc7 0QLWdFcUeXWUhwkV/tDfYkhBeuogb0XpK2IrKKJWhXJWcShXz9SQ6hInpglkDSAN+wzW dw1l8JQ+Ahp/ZeiwQNatIZGNNk0kQqZLKTMP+kLOZ06m7XjSRC5296EURqi4MrJQqeqz /wYuP9RrkcOlXZsgPxf1QMZ+NbkOREuMWw+7S6c06gUaP/qzJr4+8RbqfJ96gquxOBBH 4Bfvf6Dk/011f6E84XxkAKBKnq01ET2EArzO+lS6l7rYrbwFSSJ0rhPZwzGSeiRFCGlH WWbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Dr4PyXCi3ovyRb8QHEWc8PRnzfZXixOxF8iiu5V5vAg=; b=KOyvNuxLA9Zro6XoJc3FpBCzQYdt3oJbLdPCrtUQGVzQHaakat2ZalCXQsYyZQ1d/S w0XT3PTqlY02zT5vfiK2kS0W655mW2NxyNYhyy0kdzDo81esY54HAGWsXSGrTGWbfaWU AiDAdC9+NbM5rZcQ7ahmMQRayQgWDZpkcYq4xjm+yoVw4q7bVWZRsNGmSF3Eqc/sDpM5 tO3YPiLoIggWtEPS2tV3V1VwVplTSq5T6fagvFGuAL7TNuEs4aH0Z0jGbNKpbu1n3xsq g/0A9KrzNQFssLRfnudA5zRpLXXhk55M9Yco4MgGegq7KvzqOet874O43CmbS/fijfWb Bkbw==
X-Gm-Message-State: AOAM530kh//kVgLUj0kNIy1dBUDLnD/NbimDXi1BRhkdq40B4pcdoeNg JAYyAqUVtTH469ZpZ4CMXKMmVxAqs2+A4X9ThU9ffob4YyY=
X-Google-Smtp-Source: ABdhPJziRVF+S/9ivqh1RDW7JmXWYnFsAtD2RifmGxwImz9O9yD2WoyBlB/ti0cOmm0/2hR0/qUKy3IKqdH2gYSePV0=
X-Received: by 2002:a92:bad0:: with SMTP id t77mr541512ill.82.1592422263022; Wed, 17 Jun 2020 12:31:03 -0700 (PDT)
MIME-Version: 1.0
References: <e8a25961-5ac9-d35e-77dd-bf86f45cd077@gmail.com> <a17ae9f3-001c-07f6-84f9-a0ca583e6a00@gmail.com> <7AE5B6D0-AB01-4077-A9EF-5BD86F428681@gmail.com> <CAC8QAcdDjQvonke7hytV8pCYsTAjATNi560v_b32jus_jDW8bw@mail.gmail.com> <b43a00f5-c957-923a-cef4-ed541ebdb39a@gmail.com> <a96f1262-d152-dc09-1c2f-b2604ca21890@si6networks.com> <m1jlb8u-0000JDC@stereo.hq.phicoh.net> <d23c967b-29fc-cf94-d51b-70d200ee195f@si6networks.com>
In-Reply-To: <d23c967b-29fc-cf94-d51b-70d200ee195f@si6networks.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Wed, 17 Jun 2020 15:30:51 -0400
Message-ID: <CABNhwV2+pq9fwWA=X4eN064gdtOV628pgaSMmDEyq3ANX6xZxg@mail.gmail.com>
Subject: Re: 64bit MAC addresses and SLAAC
To: Fernando Gont <fgont@si6networks.com>
Cc: Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com>, ipv6@ietf.org
Content-Type: multipart/alternative; boundary="00000000000051ee2705a84cb33e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/xuVEgfiifzeCNzcV1BmGYnUC2UE>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jun 2020 19:31:06 -0000

On Wed, Jun 17, 2020 at 3:08 PM Fernando Gont <fgont@si6networks.com> wrote:

> On 17/6/20 13:42, Philip Homburg wrote:
> >> The case of "same IID with distinct prefixes" is the same as using
> >> the same IID as the host moves from one network to another. And
> >> that's quite bad for privacy. PLease see RFC7721.
> >
> > I think they are quite different. If a host moves between different
> networks
> > and keeps the same IID, then the movements of the host can be tracked.
> >
> > If a host is connected to a subnet that has multiple prefixes, then using
> > the same IID for all prefixes only has marginally less privacy than
> > using different IIDs.
>
> Well, it does allow correlation of network activities across addresses.
> In a way, that's kind of the same as when a host moves across networks.
>
>
>
> > That said, in my opinion people who want any kind of control over what
> > addresses are used, should use DHCPv6 (Or manual/static configuration)
>
> +1
>

   Of course the caveat there with unmanaged network and SOHO and Mobile
where manual or DHCPV6 is not possible or viable.  In those cases SLAAC is
preferred, but then we have the crux of issue and the decision tree on
privacy random IID and it’s overhead if it’s not necessary versus modified
EUI64.  Based on decision tree of course the underlying operational impacts
of random versus  stable IID double edged sword operator or individuals
decision to pick which works best for their use case.  In the end net-net
is what is simplest to deploy and least overhead but also meets the desired
goal is generally the thought for picking the IID generation solution. For
that SLAAC wins out in that decision for the use case described above.

>
>
> --
> Fernando Gont
> SI6 Networks
> e-mail: fgont@si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>
-- 

<http://www.verizon.com/>

*Gyan Mishra*

*Network Solutions A**rchitect *



*M 301 502-134713101 Columbia Pike *Silver Spring, MD

v2.23.0 | Report a Bug | By Email