IETF Logo Mail Archive

Re: [spring] IPv6 Addresses and SIDs

Robert Raszuk <robert@raszuk.net> Sun, 13 October 2019 22:07 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20B6512008D for <spring@ietfa.amsl.com>; Sun, 13 Oct 2019 15:07:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rGmTOno_GYYB for <spring@ietfa.amsl.com>; Sun, 13 Oct 2019 15:07:05 -0700 (PDT)
Received: from mail-qt1-x82c.google.com (mail-qt1-x82c.google.com [IPv6:2607:f8b0:4864:20::82c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE40312006A for <spring@ietf.org>; Sun, 13 Oct 2019 15:07:04 -0700 (PDT)
Received: by mail-qt1-x82c.google.com with SMTP id w14so22710390qto.9 for <spring@ietf.org>; Sun, 13 Oct 2019 15:07:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dJEfbyLfviLtGNjTRCxsnLf+0HIlynXL8qbXNd5bO6A=; b=C2eb2kPtjlF7Dz7NayAE+Psj1OA1fqyuCsXC0LgQPcOHfVnOP4jVJVo6SGFmmBNygL K8dtoDs0Odj5JofI1BIE++4P5YVN1+JA45cFXwWs5gQo2b/yaiLGrYVKNZU3D0bLH2Eg TH2LyH4HX9WRpIlwWGIfvd/wkmhuTofiamzyeaXRnZywSyGlt+pdu/kQ4YrunvLPNV+l Vxp/a9jIrPlSxMQSd5NwCXg+QCHFMHeregsQlIaA7PsygMlGldyX2o6V5VOtAJ+uTgzO wqQrnch8/iBIPJA/H+DMJ9r4rK+Tdi54kDRjIb6VzFyCzR+GSrQm3k3fyUSgEEOtfe50 PTnA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dJEfbyLfviLtGNjTRCxsnLf+0HIlynXL8qbXNd5bO6A=; b=XYXtK2M8J7wuA8fzucsO2uEbaUwFepkv1f9KVft9vs0YAogDeTomJ6N0NXQyAn0e+L 8myGHNPg7T3PxxSrnO7AWYHH/0xkWNZRib6CYFZ+A0hF9Qc4WsceVsQJnLMLsAQLoiR+ XpP4f9QEBmQ++qlsRw0NDasKDD7M1S8G1DgBTU/OFbxavnhrerKc3tNBEzxvdVQtj5zf 1gmUmZY5GcX3/cn9ZM9zJ9xTYmhCa0sZlGbEyZJP/bpoiHT0ROvS70uITJt/BGggSC8q ykgbPvZeujoezxsmI0LOr0WwIlY1Dz0JFfTH8fyK/pas1oQcGKncsbDP7eetGwMas8zK K9jQ==
X-Gm-Message-State: APjAAAWS6fYUP0cxJqw3lqJTryLgJqI8GB5QepoUwHNV9h3S4l418D6H gdq0lnUta5St3ePE47PdoZN7u4y54J90ukniJ8aRXQ==
X-Google-Smtp-Source: APXvYqx/MoDKVHpMyTtt8izaLoRPl+EwRXmQeQMrjC2rjb3AbtvYIVWBuMb+0I6ycpumlZ9mygm53wviB/HFijdvzSo=
X-Received: by 2002:ad4:50a8:: with SMTP id d8mr28597114qvq.8.1571004423772; Sun, 13 Oct 2019 15:07:03 -0700 (PDT)
MIME-Version: 1.0
References: <SN6PR05MB5710CBAF8E6DF307401A2166AE9D0@SN6PR05MB5710.namprd05.prod.outlook.com> <f5eb739b-9ae4-433e-e6c0-8bcdb7bc575e@si6networks.com> <BYAPR05MB5703169601886283700608A5AE9F0@BYAPR05MB5703.namprd05.prod.outlook.com> <B6FE2A8B-B23B-4E9C-BB33-F6A5BD78C52B@gmail.com> <BN7PR05MB5699E5EA714CC64456771712AE940@BN7PR05MB5699.namprd05.prod.outlook.com> <1076F074-EB35-4D38-9949-4A241C946E07@gmail.com> <1fce4e24590847348894d10ca8bd5816@nokia-sbell.com> <D3FE1CA3-A8D1-4392-8EEC-CDCC7FC0827F@gmail.com> <BN7PR05MB56993D1127A8CA9CCC0E4A9AAE970@BN7PR05MB5699.namprd05.prod.outlook.com> <213BB95D-0E06-4E9A-B552-2A2466DC42AF@gmail.com> <04711680-e9c4-1159-58af-609517ee8bdf@joelhalpern.com> <CABNhwV3SyZNY6GrJF+wpgTmpM6DSts4gXQgdFTEgWfN876u5WQ@mail.gmail.com> <CABNhwV1Ym_AG7svmPUpmjGz600QyGRvtY5xNP0_K-hoGewUGTA@mail.gmail.com> <424b13a9a9bf4802b57c0609c92baad2@nokia-sbell.com> <BN7PR05MB569958ADB8E7BFF6C7EBC56AAE910@BN7PR05MB5699.namprd05.prod.outlook.com> <CAOj+MMHcTyCyO5Z3KyP5otW1Xgq7un2ypEGtjjWpr00j2t9dGw@mail.gmail.com> <CAO42Z2xP2eOmWPmxU7Vjq_zP8or_yVgMGaUpNr+Z-xa9W78j0A@mail.gmail.com>
In-Reply-To: <CAO42Z2xP2eOmWPmxU7Vjq_zP8or_yVgMGaUpNr+Z-xa9W78j0A@mail.gmail.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Mon, 14 Oct 2019 00:06:54 +0200
Message-ID: <CAOj+MMFQh1EgSLdxafmdEjRp+JZ40G0LDNAaSOJhiQ6Nik4avA@mail.gmail.com>
To: Mark Smith <markzzzsmith@gmail.com>
Cc: Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>, SPRING WG <spring@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000009eb6f00594d1f84e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/Qr5NWDgNFI7eCbRKDvK4BH527wY>
Subject: Re: [spring] IPv6 Addresses and SIDs
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Oct 2019 22:07:20 -0000

Hi Mark,

I am in complete agreement with you that NAT is evil and should be avoided
**.

However let me explain my use case of NAT. It is described in section 7
of draft-raszuk-teas-ip-te-np-00 only uses destination address mapping
without requirement that the destination is a local interface on a mid
point TE node:

   As an alternative solution to avoid unnecessary processing of
   extension header by nodes which are not required to do so
   implementation can treat SID with last four bits set to zero as none
   local destination address.  In such scenario source+destination
   lookup will instead of triggering local extension header processing
   invoke destination IPv6 NAT function as defined in [RFC6296
<https://tools.ietf.org/html/rfc6296>].  The
   NAT rules which will be pre-programmed using information contained in

   the PATH_LIST will effectively result in destination address swap.
   Such NAT translation is to be of unidirectional character can can
   remain fully stateless.


The way I read Ron's suggestion - it would result in huge address space
waist for no reason. That's all.

Many thx,
Robert.

PS.
** As side comment let me share that some of my observations lead me to
believe that the biggest obstacle of IPv6 deployment in a lot of
enterprises is the notion of end to end IPv6 transparency. But this is
different topic and different thread.


On Sun, Oct 13, 2019 at 11:46 PM Mark Smith <markzzzsmith@gmail.com> wrote:

>
>
> On Mon, 14 Oct 2019, 08:24 Robert Raszuk, <robert@raszuk.net> wrote:
>
>> Hi Ron,
>>
>> I disagree.
>>
>> Your suggestion violates longest prefix match principle in routing.
>>
>> It is huge waist of address space and is not specific to IPv6 at all.
>>
>> Let me describe the deployment case where your suggestion would cause it
>> to break:
>>
>> I have /64 prefix where a few  /128s from that space I allocate to local
>> interfaces making it a local v6 destinations on those nodes.
>>
>> However in the spirit of CIDR I still want to to use some blocks of that
>> space - say  /126 or /124 as blocks which I only use to trigger local NAT
>> as per rfc6296.
>>
>
> Realise that RFC6296 is Experimental, and therefore nothing standard track
> can rely on it.
>
> Don't use NAT. IPv6 is pointless if you do.
>
> RFC2993 - Architectural Implications of NAT
> *https://tools.ietf.org/html/rfc2993 <https://tools.ietf.org/html/rfc2993>*
>
>
> The Touble with NAT - APNIC blog articles
>
> https://blog.apnic.net/2016/10/25/trouble-nat-part-1/
>
> https://blog.apnic.net/2016/10/26/trouble-nat-part-2/
>
> https://blog.apnic.net/2016/10/27/trouble-nat-part-3/
>
>
> And NAT does not require local address to be a destination address so it
>> would be a big disservice to kill such deployment option.
>>
>> Many thx,
>> R.
>>
>>
>> On Sun, Oct 13, 2019 at 10:59 PM Ron Bonica <rbonica=
>> 40juniper.net@dmarc.ietf.org> wrote:
>>
>>> Folks,
>>>
>>>
>>>
>>> I think that we need a global rule that says:
>>>
>>>
>>>
>>> “With a /64, if one /128 represents an IPv6 interface, as described in
>>> RFC 4291, all /128 MUST either:
>>>
>>>
>>>
>>>    - Represent an IPv6 interface, as described in RFC 4291, or
>>>    - Be unassigned”
>>>
>>>
>>>
>>> The 6man WG will need to make such a statement since it owns RFC 4291.
>>>
>>>
>>>
>>>                                                              Ron
>>>
>> _______________________________________________
>> spring mailing list
>> spring@ietf.org
>> https://www.ietf.org/mailman/listinfo/spring
>>
>

v2.23.0 | Report a Bug | By Email