IETF Logo Mail Archive

Re: <draft-ietf-6man-default-iids> update to rfc2464bis

Tim Chown <Tim.Chown@jisc.ac.uk> Thu, 12 January 2017 13:38 UTC

Return-Path: <tim.chown@jisc.ac.uk>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCA61127077 for <ipv6@ietfa.amsl.com>; Thu, 12 Jan 2017 05:38:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.59
X-Spam-Level:
X-Spam-Status: No, score=-3.59 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=jisc365.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NyQQdnhmSgU8 for <ipv6@ietfa.amsl.com>; Thu, 12 Jan 2017 05:38:44 -0800 (PST)
Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [207.82.80.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6513F129636 for <ipv6@ietf.org>; Thu, 12 Jan 2017 05:38:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc365.onmicrosoft.com; s=selector1-jisc-ac-uk; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=T/XEePnFAe8CUHq/BFomRMlEiR/X3wqFmYyT+ekjh9M=; b=Bv1VRlOiXjZnKpvNkXwzadf1X6JDhFRNksCLtVI6f1Uke7jQwwE/PoLERP4gPTOZMjDEgulhx3P+yEKoNFYZ2NGMFmUD10H7+PeuSiIGttbHzqjgEytV1C/ygTRpC4+njlvDN1dTzKL++D00u2ENIESfB3+x7BGs3/x+6cC1n4c=
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01lp0208.outbound.protection.outlook.com [213.199.154.208]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-66-wben-1kqMFaau1I73YpD6w-1; Thu, 12 Jan 2017 13:38:33 +0000
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com (10.163.188.14) by AM3PR07MB1138.eurprd07.prod.outlook.com (10.163.188.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.845.6; Thu, 12 Jan 2017 13:38:31 +0000
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::5973:c4fc:6c1c:27c2]) by AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::5973:c4fc:6c1c:27c2%14]) with mapi id 15.01.0845.014; Thu, 12 Jan 2017 13:38:31 +0000
From: Tim Chown <Tim.Chown@jisc.ac.uk>
To: Lorenzo Colitti <lorenzo@google.com>
Subject: Re: <draft-ietf-6man-default-iids> update to rfc2464bis
Thread-Topic: <draft-ietf-6man-default-iids> update to rfc2464bis
Thread-Index: AQHSari/YDPll7o19EGKcdCJAtd5oKE0Uf6AgAAhY4CAABG5gIAAV8eA
Date: Thu, 12 Jan 2017 13:38:31 +0000
Message-ID: <0D24BC9F-26DD-4ABF-965A-84C5708B900D@jisc.ac.uk>
References: <1E7F90AC-79BB-49BE-B397-EC829EA95AA4@gmail.com> <CAKD1Yr0O6gnXZc3qEY7bqkBYu-sx1_erwum2DRwpe+Vv+jmdiw@mail.gmail.com> <7456833d-aa3f-d368-6041-cfdc1ac95f6f@si6networks.com> <CAKD1Yr1dQF7Cg0mppZVcSXC15pue_y1Qb-GugKY+G8u-dRyJtg@mail.gmail.com>
In-Reply-To: <CAKD1Yr1dQF7Cg0mppZVcSXC15pue_y1Qb-GugKY+G8u-dRyJtg@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3259)
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [194.82.140.195]
x-ms-office365-filtering-correlation-id: 09d30f81-bb1e-4262-d79e-08d43af04cad
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:AM3PR07MB1138;
x-microsoft-exchange-diagnostics: 1; AM3PR07MB1138; 7:VcK1ltJy51XKD4wkdGlCjVAtNVZP7zdrzyb6YgnqGvaN/ShdTPYWSoFAFkFl+5Aj10TNmZiIpZbCPR56uUczgO0QHmyWwBHJNf7lUD8FoJyxI2FG34VhijS7FWPlP69fixSS17lNXjTfj+PpLT08yJm6WRRRx48V2vupgrSg5vePF6lkWjmAaNpohlSInIim1yIPlsOBAY094mtMF01rB8kQOdERYRNsl3W0+VHjzKvv/JwFu610pXuE2rNtlAXbGABpGPFvmCAsMpAgmCVjamRqX+W0lMC4sPOOHIZ5yRqSkGzKXcGNBwyl6CIvY5O+abdsiThwBmKPk3Z9YuQ3fa8CH+XW9oclkkLYbiYI6eEBc0EMDVTxP6FnVLDeXC0jZXnlHmghvzM4O8JnKzWPILMgblt5s6sCNs30F6jqcKzn2ZLbniqyuBotABV0c1Z92LXB6TEbuTtqoU717r3C3Q==; 20:lAyXD64HuNbKyPxGwWMMe2fOhZhOwLStNW1uoI5jqzJbIYEVZbAdCIIoj8BtbpgN9STPp5Wzm4yvN7n0LwTpQE+l3j60Dgt3YwizIApi/YgmfsUzXAZqhpxadrsMYtzg81kZDdbTprOl9vqbDGO7ywfPQ+VctYKUoMStCfoBK/s=
x-microsoft-antispam-prvs: <AM3PR07MB11380E5F3097A8442149D259D6790@AM3PR07MB1138.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(211936372134217);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6041248)(20161123560025)(20161123562025)(20161123555025)(20161123564025)(6072148); SRVR:AM3PR07MB1138; BCL:0; PCL:0; RULEID:; SRVR:AM3PR07MB1138;
x-forefront-prvs: 018577E36E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(979002)(7916002)(39450400003)(199003)(377454003)(24454002)(189002)(8676002)(97736004)(81166006)(3280700002)(8936002)(50226002)(3660700001)(15650500001)(33656002)(101416001)(6512007)(54896002)(5250100002)(81156014)(76176999)(2900100001)(50986999)(106356001)(105586002)(106116001)(36756003)(86362001)(102836003)(6116002)(92566002)(93886004)(230783001)(68736007)(74482002)(3846002)(4326007)(38730400001)(229853002)(54906002)(2906002)(57306001)(39060400001)(7736002)(82746002)(66066001)(42882006)(6486002)(6506006)(83716003)(189998001)(5660300001)(6916009)(236005)(99286003)(2950100002)(6436002)(110136003)(104396002)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM3PR07MB1138; H:AM3PR07MB1140.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
MIME-Version: 1.0
X-OriginatorOrg: jisc.ac.uk
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Jan 2017 13:38:31.7814 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM3PR07MB1138
X-MC-Unique: wben-1kqMFaau1I73YpD6w-1
Content-Type: multipart/alternative; boundary="_000_0D24BC9F26DD4ABF965A84C5708B900Djiscacuk_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/zDoDQj2uQFWH-mRjokjyyslu0ls>
Cc: Fernando Gont <fgont@si6networks.com>, IPv6 List <ipv6@ietf.org>, Bob Hinden <bob.hinden@gmail.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jan 2017 13:38:48 -0000

Hi,

On 12 Jan 2017, at 08:24, Lorenzo Colitti <lorenzo@google.com<mailto:lorenzo@google.com>> wrote:

On Thu, Jan 12, 2017 at 4:20 PM, Fernando Gont <fgont@si6networks.com<mailto:fgont@si6networks.com>> wrote:
> We do
> recommended that nodes use RFC7217 addresses by default, but only if the
> node wishes to create stable addresses, and there is no requirement that
> a node do so.

So far, the current specs essentially require that. RFC4941 (the only
spec we have for non-temporary addresses) require that the be generated
along with the traditional (stable) addresses.

I don't see what RFC 4941 has to do with this discussion. RFC4941 is a method of generating temporary addresses. It is not required to be used, and it is not the only way of forming IP addresses that can change over time.

Indeed, it’s orthogonal to this discussion.

FWIW, I do think there are scenarios in which you might want to do
temporary-only, but we certainly need an update to the current specs in
that regard (and guidance regarding where to use each).

There are lots of ways of forming interface identifiers. We should absolutely not rule out the ability to form IIDs from non-stable MAC addresses (IIRC the text in default-iids was carefully modified to ensure that that would still be possible, based on substantial discussions in the WG), and we should *absolutely* not say that the only possible form of interface identifiers on an Ethernet interface are RFC7217 and RFC4941.

Indeed, I was at CERN yesterday and my address (and thus IID) there was assigned via DHCPv6, which is the only way you can get IPv6 addresses there.  RFC2464 pre-dates DHCPv6; should reference to it be included in the -bis?

That aside, in the context of temp-only addresses, doing Modified-EUI64
based on a randomized MAC address is still a bad idea:

I am not going to rehash that argument here. Everything we had to say about that is in the archives.

I support Lorenzo’s suggestion to change the text in the -bis update to emphasise the recommendation is for *stable* identifiers.

This reflects what the default-iids draft clearly states:

"This document changes the recommended default IID generation scheme
   for cases where SLAAC is used to generate a stable IPv6 address.  It
   recommends using the mechanism specified in RFC7217 in such cases,
   and recommends against embedding stable link-layer addresses in IPv6
   Interface Identifiers.”

And it’s only a recommendation. The text does not preclude use of embedded stable MAC addresses if someone really wants to do that.  Nor does it say anything about the relationship to temporary (non-stable) addresses.

Tim

v2.23.0 | Report a Bug | By Email