Re: [MBONED] IPv4 Multicast address ranges

Leonard Giuliano <lenny@juniper.net> Thu, 04 January 2024 20:26 UTC

Return-Path: <lenny@juniper.net>
X-Original-To: mboned@ietfa.amsl.com
Delivered-To: mboned@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B946DC14F714; Thu, 4 Jan 2024 12:26:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.806
X-Spam-Level:
X-Spam-Status: No, score=-2.806 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b="YITAG0IW"; dkim=pass (1024-bit key) header.d=juniper.net header.b="FDspozwQ"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S7begOiaEHcP; Thu, 4 Jan 2024 12:26:10 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CEC5EC14CE55; Thu, 4 Jan 2024 12:26:07 -0800 (PST)
Received: from pps.filterd (m0108156.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 404HVBrN024033; Thu, 4 Jan 2024 12:26:07 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h= date:from:to:cc:subject:in-reply-to:message-id:references :mime-version:content-type; s=PPS1017; bh=H4bI/jlZpG4ClQYvQ4icPy cNm+nTFzjqCnvmiCd8vHQ=; b=YITAG0IW/4zOaBFyw8oc/Tjg5D1w5Wc8oHusUJ ptCOCePzc6MruzLNJTGpXlnD0JlN0CVATPOXs950HbEBuOUpqqywIDaUtc+X99IT VvzEgruxCDPHDRoOpU2steYtavBJV13Ad7RIGQm6ezovnCwap9aI8JaJhhP7nadg bZHjzgXOu4ckNxlWDFxB/7/V7WENOpbDKW7mVlfzcJLDwSZwgkZ3MxrBjICLSGW0 I3H+UzXO1jDbnaGcLcWgC3yF1p8qNM3k20s1RCRni9gyWfz7NAInaLv6BZ0oXr9t FA9qtr/tBFCQ/aNTCYiqRFAK3vehkCiMG+SjHpzMo4s1b9QA==
Received: from dm4pr02cu002.outbound.protection.outlook.com (mail-centralusazlp17013021.outbound.protection.outlook.com [40.93.13.21]) by mx0a-00273201.pphosted.com (PPS) with ESMTPS id 3ve14v0cju-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 Jan 2024 12:26:07 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PXUfGobvSmKkVsn64Jz/O0F2jtlOFZhtg0A1rlXCKIiuj0ly/KzNqFSI+QJzcdLBhHuH4avVEN2RNYUiTavtzjKuyp99QOOKfb5INGOsJmNEPrKvGtECnje+RhPBPYGgbS6zkoDp6z8nVh4u2hpPlMHCGNzOCmmtvAsV2UQIwLqZHUMi+WjKXS/j79Wn8JzK2LlZNWwILx9amNYmlP7myk6E7p2VHmWzUF4kt8/HU1kF5dh9E97bH35vhym+vYS5RFr5DxsbpiJCL3SlKFdxa3d0zbEmnfQb8aj2bfnQw9WSXTXoGHVLtH8l1wtFtK8ajFca5Q8B1SfZq+bD92lYdw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=H4bI/jlZpG4ClQYvQ4icPycNm+nTFzjqCnvmiCd8vHQ=; b=FdUPrw5u88rCnPDvOKBjLJjawbxk/z+R+TSTb7b7qrtqt/hem8moVM4ndiXntHg8jyHYisMxQSIJsuEj1NOplqVMOGexG8FlRZmYpCGD9EMPzq9YJJ6Rcah+wuM6wsYzZhCQPfy+FC0qpcvpOTh/EbDb7jQX1WmC/dJbE8JWZmiwf8zeWL3lFM9gKay5X6Hj4M75ASBc75/Se+i1DeqPITJJxZxg6JdjWUhZYySyT1DadQFJz2U76fqCmHu22HZFlQPSvcsnFRj6z0vtYqos1n/A0HKZa2wVEg/wdfeF9XDrKJBgnEIIGVByPl4dNipoNp2XKOw7MHVNwVlN+appuw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip is 66.129.242.15) smtp.rcpttodomain=ietf.org smtp.mailfrom=juniper.net; dmarc=fail (p=reject sp=reject pct=100) action=oreject header.from=juniper.net; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=H4bI/jlZpG4ClQYvQ4icPycNm+nTFzjqCnvmiCd8vHQ=; b=FDspozwQIyZFPVS8HLgKu5AwObgbvJuo+fClOfpAGT6B18mqPZPus48euXSSXUF90t7L05k65qWvam2zpYwjTJ5EBhDbOW1Ywr79g5Og0bonzxf5yEMIDH9pDzrlIm5s5VIg83Mro0RRMgjYBfgN0pZSYA/a6HINA7NoTXAReQg=
Received: from BN9PR03CA0372.namprd03.prod.outlook.com (2603:10b6:408:f7::17) by CH0PR05MB10184.namprd05.prod.outlook.com (2603:10b6:610:184::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.13; Thu, 4 Jan 2024 20:26:05 +0000
Received: from BN8NAM12FT106.eop-nam12.prod.protection.outlook.com (2603:10b6:408:f7:cafe::a1) by BN9PR03CA0372.outlook.office365.com (2603:10b6:408:f7::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.14 via Frontend Transport; Thu, 4 Jan 2024 20:26:04 +0000
X-MS-Exchange-Authentication-Results: spf=softfail (sender IP is 66.129.242.15) smtp.mailfrom=juniper.net; dkim=none (message not signed) header.d=none;dmarc=fail action=oreject header.from=juniper.net;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.242.15 as permitted sender)
Received: from p-exchfe-eqx-02.jnpr.net (66.129.242.15) by BN8NAM12FT106.mail.protection.outlook.com (10.13.183.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.29 via Frontend Transport; Thu, 4 Jan 2024 20:26:04 +0000
Received: from p-exchbe-eqx-02.jnpr.net (10.104.9.15) by p-exchfe-eqx-02.jnpr.net (10.104.9.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.39; Thu, 4 Jan 2024 14:26:02 -0600
Received: from p-mailhub01.juniper.net (10.104.20.6) by p-exchbe-eqx-02.jnpr.net (10.104.9.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.39 via Frontend Transport; Thu, 4 Jan 2024 14:26:02 -0600
Received: from eng-mail03.juniper.net (eng-mail03.juniper.net [10.108.22.11]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id 404KQ1nQ025344; Thu, 4 Jan 2024 12:26:01 -0800 (envelope-from lenny@juniper.net)
Received: from eng-mail03.juniper.net (localhost [127.0.0.1]) by eng-mail03.juniper.net (8.16.1/8.14.9) with ESMTPS id 404KOtIZ065460 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Thu, 4 Jan 2024 12:24:55 -0800 (PST) (envelope-from lenny@juniper.net)
Received: from localhost (lenny@localhost) by eng-mail03.juniper.net (8.16.1/8.16.1/Submit) with ESMTP id 404KOnWN065457; Thu, 4 Jan 2024 12:24:50 -0800 (PST) (envelope-from lenny@juniper.net)
X-Authentication-Warning: eng-mail03.juniper.net: lenny owned process doing -bs
Date: Thu, 04 Jan 2024 12:24:49 -0800
From: Leonard Giuliano <lenny@juniper.net>
To: "Stevens, Jim A Collins" <James.A.Stevens=40collins.com@dmarc.ietf.org>
CC: "mboned@ietf.org" <mboned@ietf.org>
In-Reply-To: <PH1P110MB1148BB99A3E2CC9142CD1D87B060A@PH1P110MB1148.NAMP110.PROD.OUTLOOK.COM>
Message-ID: <d5268221-5c23-3dc4-18be-d925e1f89a1c@juniper.net>
References: <mailman.53.1704225603.24110.mboned@ietf.org> <PH1P110MB1148BB99A3E2CC9142CD1D87B060A@PH1P110MB1148.NAMP110.PROD.OUTLOOK.COM>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: BN8NAM12FT106:EE_|CH0PR05MB10184:EE_
X-MS-Office365-Filtering-Correlation-Id: 8a6fe051-4c8c-40e6-9e12-08dc0d636049
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: Cr8mWygGOk0x/1kz3wXwFKPxhYUD6V0DUt8ZHqKr71giT2NIkRQEvk9hgDRyqbeHwksWwJ70IzkdL80Ggg2fVCTYHVr841/HwtpZpxfBcN/2sQN4YMYhASV/LkGGe/mRRlw1itBWbFX4SBFZsgGauv05KhPyj/FhkHjnqaa1n5L3VTvNF2xhK71mqt1agPRSvyEMUTZNjk3MCShxO2C4QaN+dTiCCwl4UGrHTZUbiBi+akpBPq4DBOunTYPTOgy4Tm0HMIrc0BtoIfEA0JtVFxP7jDZOb0WKKFlRb72JZE/Rn3z6II3/kgjt4X6XKJB8//zvoxf5UlV9g1MFng/xtYCT2O/MPkeySPwsVZvU6Il307oSmLcxy2kzmNw6J9PzAqzFqYS00NsGdsKuPOsagB8mtM0nC3B6dhbrm/WKnBv/jf1xE67WP2p9pRVVZAfqmNI7UutKnd4KUNlmwA2RCFoqA089a7KWBATWGNgPsYFG1ve9eUfwCjN+0cI9oYtIymZKU6tyyyYiK7LDJ7a9k7WiWxjyHuBuGcdWoh5d2luB7TaZXsrhnJDD4HWp3xbKuRxllHswvBjDH55MNbzAWgnxHx/3BcJqQDGniWZWkYnKQx/LjwlwWiu78hXTKfm4Ba19Ocl5rWxf2nsQP/wenp5hUkfE2osL0k05jl7V03K3swpKEQ26qd9fsliOIdELV5+gltdhbTBV494Qk/dZAW4fO2n7+WYA5ADlmpwOSEMmDH0faHYfR9Y/OosjsF8C6aCpnNcVBb6ASqyBuRnFbSsDNrisSjGlCb0O1ZDeKUQoHHzaZnaOMn/G3UYc4aJ/
X-Forefront-Antispam-Report: CIP:66.129.242.15; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:p-exchfe-eqx-02.jnpr.net; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230031)(4636009)(136003)(376002)(396003)(346002)(39860400002)(230922051799003)(186009)(82310400011)(64100799003)(451199024)(1800799012)(46966006)(40470700004)(36840700001)(2906002)(5660300002)(8936002)(4326008)(8676002)(316002)(66574015)(70586007)(31686004)(70206006)(426003)(2616005)(36860700001)(336012)(26005)(83380400001)(40480700001)(40460700003)(47076005)(41300700001)(82740400003)(81166007)(356005)(86362001)(36756003)(31696002)(478600001)(966005)(36900700001); DIR:OUT; SFP:1102;
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Jan 2024 20:26:04.6722 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 8a6fe051-4c8c-40e6-9e12-08dc0d636049
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.242.15]; Helo=[p-exchfe-eqx-02.jnpr.net]
X-MS-Exchange-CrossTenant-AuthSource: BN8NAM12FT106.eop-nam12.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR05MB10184
X-Proofpoint-GUID: sleJVia8c60sXF-Xq2xehmQTSHnQeZgg
X-Proofpoint-ORIG-GUID: sleJVia8c60sXF-Xq2xehmQTSHnQeZgg
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-09_01,2023-12-07_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 bulkscore=0 suspectscore=0 spamscore=0 impostorscore=0 mlxlogscore=999 malwarescore=0 priorityscore=1501 mlxscore=0 lowpriorityscore=0 adultscore=0 clxscore=1015 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2311290000 definitions=main-2401040160
Archived-At: <https://mailarchive.ietf.org/arch/msg/mboned/QLgPdEppnwUfFN2vTbpeJafBv8o>
Subject: Re: [MBONED] IPv4 Multicast address ranges
X-BeenThere: mboned@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Mail List for the Mboned Working Group <mboned.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mboned>, <mailto:mboned-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mboned/>
List-Post: <mailto:mboned@ietf.org>
List-Help: <mailto:mboned-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mboned>, <mailto:mboned-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jan 2024 20:26:14 -0000

I think this is already doable today.  That is, SSM range is defined as 
232/8, and "SSM-only" behavior is supposed to be guaranteed there (ie, no 
(*,g), no shared trees, no pim registers, no MSDP SAs for these groups).  
The rest of 224/4 is not necessarily "ASM-only".  After all, SSM is really 
just a subset of ASM, so I'm not sure what "ASM-only" is- (s,g) joins 
happily work there, and beyond the receiver LAN, SSM is just (s,g) joins. 
So you can certainly do SSM outside of 232/8 today, you just get no 
guarantee that it will be pure SSM service (ie, there might appear (*,g), 
shared trees, pim registers, MSDP SAs for these groups).

That said, if you do want pure SSM service outside of 232/8, it should be 
configurable to specify other SSM-only ranges.

As for the scoping sematics, I think it could all be really simplified.  
238/8 is effectively private address space, the RFC1918 equiv, for mcast.  
This range is not allowed to be routable on the global Internet, so what 
goes on within your castle (or confed of non-Internet-connected castles) 
is your business.  But I think this type of address semantics is certainly 
outside the scope of protocol spec.


On Wed, 3 Jan 2024, Stevens, Jim A Collins wrote:

| 
| Hitoshi discussed the issue of allocating (or chopping) the IP multicast 
| range.  I agree with his recommendation that SSM should be useable in 
| more ranges, especially the GLOP and Unicast-Prefix blocks, than just 
| the SSM Block.  It is not clear to me however, whether there are any 
| blocks that should ONLY be ASM.
| 
| > -----Original Message-----
| > Date: Wed, 3 Jan 2024 01:28:30 +0900
| > From: Hitoshi Asaeda <asaeda@ieee.org>
| > To: Brian Haberman <brian@innovationslab.net>
| 
| > Dependency or relation between protocol designs and operational issues (or
| > policies) should be always minimized.
| > Protocol behavior should not be solidly relies on the address range.
| >
| > IP multicast has a long history for allocating (or chopping) its address ranges.
| > We had adopted complicated "address scopes" such as administrative/site-
| > local/organization-local scope... How we can interact with SSM range and
| > them?
| > I've just remembered GLOP. How SSM and GLOP can be interacted with?
| > One may deduce, no need to interact with them, use SSM range.
| > Then what address ranges are obsolete today? What range should be used
| > now? Is its decision persistent?
| > Such a dirty hack or patch work is not sustainable for designing protocols.
| >
| > What I'm saying here may be a bit too conceptual. So, please ignore the points
| > if people agree to relying on the SSM range. However, even so, I guess the
| > following point must be taken into account.
| > Section 2 in RFC4604 says;
| >    A host or router may be configured to apply SSM semantics to
| >    addresses other than those in the IANA-allocated range.  The GMP
| >    module on a host or router SHOULD have a configuration option to set
| >    the SSM address range(s).  If this configuration option exists, it
| >    MUST default to the IANA-allocated SSM range.  The mechanism for
| >    setting this configuration option MUST at least allow for manual
| >    configuration.  Protocol mechanisms to set this option may be defined
| >    in the future.
| > I think this paragraph implies that applications that want to invoke SSM
| > services can use any multicast address range.
| > If RFC4604 should be the normative reference, RFC4604 itself must be also
| > revised.
| 
| 
| While on the topic multicast blocks, I am confused on IPv4 scoped multicast addresses and  Relative Addresses used with Scoped Multicast Addresses as defined by RFC 5771, RFC2365, and described in https://urldefense.com/v3/__https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml*multicast-addresses-13__;Iw!!NEt6yMaO-gk!B8bkjhuJ6Z0_9tvRa4juQ--C5u0v9Q3LzOW1ZNJxeWihY-jxlZh4JnnpICwa0AYIhb16mQXsOwtVi_Bw9jruIoXj9K6RfQ$
| 
| RFC 2365 Partitions the administratively scoped IPv4 multicast spaces in sections 6 & 8 and seems to imply that that there could be 2 to 7 possible IPv4 scoped blocks (depending upon how you read sections 6 & 8) while RFC 5771 and IANA multicast address Scoped Multicast Ranges only mention 1 scoped address block for organization-local scope.
| 
| RFC 2365 section 9, RFC 10.1.1, and IANA multicast address Relative Addresses used with Scoped Multicast Addresses mentioned that the upper /24 of each scoped block is reserved for relative assignments  The discussion in RFC 2365 section 9 explicitly states that the "  The high order /24 in every scoped region is reserved for relative assignments."  This implies more than one scoped region.
| 
| So,  how many scoped blocks are there?  And what are they?  I presume that based upon RFC 5771 being newer than RFC 2365 that there is only 1 - especially since IANA only shows
|     235.0.0.0-238.255.255.255   Reserved        [RFC5771]
|     239.0.0.0-239.255.255.255   Organization-Local Scope        [RFC2365]
| 
| If an RFC (I presume an informational or best practice RFC) is being prepared to discuss and described IPv4 multicast, then I think it should address scoped blocks (how many are they are what are they) and relative offsets.
| 
| 
| Going back to Hitoshi's suggestion that SSM should be usable in more than just the SSM block space, RFC 4607 section 4.3 and IANA multicast address Source-Specific Multicast Block state that 232.0.1.0-232.255.255.255 is Reserved for local host allocation.  This seems similar to the 239.0.0.0-239.255.255.255 Organization-Local Scope except allocated only to SSM while  239.0.0.0-239.255.255.255     Organization-Local Scope can be allocated to ASM (and SSM?)
| 
| 
| Aside - by the way, RFC 5771 section 10.1.1 on relative offsets starts with the following sentence: "The relative offsets [RFC2365] are used to ensure that a service can be located independent of the extent of the enclosing scope (see [RFC3180] for details)."  The reference to RFC2365 makes sense.  However, the reference to RFC3180 on GLOP does not.   Does anyone know why the reference to RFC 3180?  Should it reference a different RFC?  Or perhaps it should be removed?   This seems like a potential Errata for RFC 3180. Feedback from group?
| 
| 
| Jim Stevens
| 
| _______________________________________________
| MBONED mailing list
| MBONED@ietf.org
| https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/mboned__;!!NEt6yMaO-gk!B8bkjhuJ6Z0_9tvRa4juQ--C5u0v9Q3LzOW1ZNJxeWihY-jxlZh4JnnpICwa0AYIhb16mQXsOwtVi_Bw9jruIoWGCMiQ7A$
|