Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)

Fernando Gont <fgont@si6networks.com> Sun, 14 February 2021 06:14 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 344353A14DD; Sat, 13 Feb 2021 22:14:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jikg-HLf_Amw; Sat, 13 Feb 2021 22:14:02 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 161A93A152A; Sat, 13 Feb 2021 22:13:56 -0800 (PST)
Received: from [IPv6:2800:810:464:2b9:1c77:acfc:e6a8:1311] (unknown [IPv6:2800:810:464:2b9:1c77:acfc:e6a8:1311]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id AD5712801F3; Sun, 14 Feb 2021 06:13:52 +0000 (UTC)
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, David Farmer <farmer@umn.edu>, Fred Baker <fredbaker.ietf@gmail.com>
Cc: IPv6 Operations <v6ops@ietf.org>, "6man@ietf.org" <6man@ietf.org>
References: <160989494094.6024.7402128068704112703@ietfa.amsl.com> <6fe3a45e-de65-9f88-808d-ea7e2abdcd16@si6networks.com> <F4E00812-E366-4520-AE17-7BB46E28D575@gmail.com> <CAN-Dau3iOjjU+FLpdtA7nqfKRX+sjjSanAU8U-O3pH-k5nSoig@mail.gmail.com> <a3fbfb94-90ae-961c-a2ab-33ade27e074e@si6networks.com> <672bd5e6-bdce-5915-1082-1ed30d3c5980@gmail.com> <f65952f1-fcd1-0918-4dd8-256f822524ee@si6networks.com> <886ad526-b62c-aef2-96ca-62e7829692b5@gmail.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <8ed7f569-9ee8-08d6-cf17-a72bc2c7b854@si6networks.com>
Date: Sun, 14 Feb 2021 03:00:53 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <886ad526-b62c-aef2-96ca-62e7829692b5@gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/-J9qFG7S4ozpPc8pBuIYLb15FSs>
Subject: Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Feb 2021 06:14:05 -0000

On 13/2/21 19:25, Brian E Carpenter wrote:
> On 14-Feb-21 10:33, Fernando Gont wrote:
>> On 13/2/21 18:17, Brian E Carpenter wrote:
>>> On 13-Feb-21 22:19, Fernando Gont wrote:
>>> ...
>>>> Well, whether we call it out or not, as per RFC4007:
>>>>
>>>>                  scope(LL) < scope(ULA) < scope(GUA)
>>>
>>> And there's the fallacy. This inequality only makes sense if reachability is strictly a matter of concentric circles. It isn't. Nice math, but not reality.
>>>
>>> Slide 4 of https://www.cs.auckland.ac.nz/~brian/scope6.pdf
>>
>> I don't follow. In all of your slides Area(link-local) < Area(ULA) <
>> Area(global)....
> 
> I probably need to add the case that isn't shown, i.e. "GUA" prefixes *not* being routed Internet-wide, at which point the scope difference between a ULA prefix and a "GUA" prefix

I think the scope is defined by the area where the address is meaningful 
(unambiguous). Then, there are lots of reasons for which packets might 
not get routed here or there. -- whether a security policy, or anything 
else.

The point of GUAs having global scope is that the address itself does 
not limit where the addresses can be employed (they are unviversally 
unambiguous, so to speak). Whereas ULA only have local significance 
(with "local" being whatever your deployments make it to mean )



> sort of vanishes. Area(global) isn't really a thing, just as the BGP4 default-free zone isn't really a thing. And when Area(ULA1) overlaps with Area(ULA2)
 >  you suddenly have another scope that is Area(ULA1+ULA2).

IMO, if the areas overlap, the scope ofa ULA1 and ULA2 are still the 
same. One scope is Area(ULA1): all the area where ULA1 addresses are 
unique and can be actively employed. The other one is Area(ULA2).

The intersection of the two areas is part of the scope of each of the 
two ULAs (because in that region both ULA1 and ULA2 are unambiguous)

This is not that different from the overlap of e.g. link-locals and GUAs 
on a local link....



> So guess what I'm trying to say is the inequality isn't the least bit useful.

Well, a scope that is not link-local or global (but something in 
between) doesn't say much other than allowing for some rough 
expectations. e.g., you cannot expect to browse the web with ULAs, the 
services you run on ULAs won't be reaachable by the vast majory of nodes 
connected to the Internet, etc.


-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492