IETF Logo Mail Archive

Re: [v6ops] Fwd: New Version Notification for draft-linkova-v6ops-ipmaclimi-00.txt

Mark Smith <markzzzsmith@gmail.com> Tue, 08 November 2022 22:17 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E65E2C1522CF for <v6ops@ietfa.amsl.com>; Tue, 8 Nov 2022 14:17:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.39
X-Spam-Level:
X-Spam-Status: No, score=0.39 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.998, HK_RANDOM_FROM=0.998, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MMqRpteX-Frj for <v6ops@ietfa.amsl.com>; Tue, 8 Nov 2022 14:17:06 -0800 (PST)
Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8AE6CC14F739 for <v6ops@ietf.org>; Tue, 8 Nov 2022 14:17:06 -0800 (PST)
Received: by mail-ed1-x52f.google.com with SMTP id s12so15011955edd.5 for <v6ops@ietf.org>; Tue, 08 Nov 2022 14:17:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=cyC+jz5D4FyTkBzjxWNRw2SGcvmE4zABlZTBeuRku4k=; b=YcBi3Dt8qraHtC/3GPSp/S4+2sP3zTWqd14tXMYd32vQIqjq5i1RDLNB6+kNc9Mypw J7IB9Bb9VaQZz6vbNsVqiR0y5uWEJQi7eBdO41JV23sX4O1bmAGfDtZvJ4RrC/UZvugO w1yRNmtZSb37rAfRifqM5X/CK8t5Yo1tWFXZY5eo23z/5btUrq9bqNyxe9oedDCOEwZP O3oAFmaIvjjfLVTnjNscteM0ROC3WEnmDPIagdw75gdlVjvDcoPp9wn1luL5NJrPyN3r kSeiyeqsVC8qoB5aC1oaUgZyakbKH/CRWCPVCw3sUpFpAJFzSBs2oBccNT8TK4ospugi BRjQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cyC+jz5D4FyTkBzjxWNRw2SGcvmE4zABlZTBeuRku4k=; b=zBGgIyhDI7wQmPU+6atpDD+SiApAh54Bq5GgbCDXPwVbCEsBvMm8BZ1mBrbQ3dTu18 mQyYSnk06V0n+vyzbKLONDkN3TFioHsWnRPJNLy9I2pD/PuToJ8+lnDxgs/7pPpZCNij uDWzyoqrfnu0It7rbkZKMj2eufj9G2XtWu3pc68Wyd3IcuMDV/6TVoYguThtAbX6nhJh b9hiWXE0rPCJDS+12/rj7eJNSyz34ZRnCS9cuz27E5howADRob2lrMgdaQEgDaxWOroc q45QxbaBR6bBW7/Wa0TdHexOWdajc5xxzl3gnzJlSXHv8zpKaBjfeTU9bpETDwKXoZ+N KZWg==
X-Gm-Message-State: ACrzQf1t6dRFAI+UnXh1yzv0UlDsZ/vm5qGdPHDNZcJfqkFOAsWTGQjw FiJYl9YVpfVmRT6OcR/RcIOlb6FrTqjpDNrrqjlPRH2g
X-Google-Smtp-Source: AMsMyM708/f8S8E6FREmDM8trk1G2n57e9LTAZLdXUVNU8cq6T78YWzLOEMutfu+8lA2BRZB8jYXoAizYNlYQIoUVLQ=
X-Received: by 2002:a05:6402:5024:b0:440:e4ad:f7b6 with SMTP id p36-20020a056402502400b00440e4adf7b6mr30061885eda.358.1667945824747; Tue, 08 Nov 2022 14:17:04 -0800 (PST)
MIME-Version: 1.0
References: <166787013771.45604.8636622079744458317@ietfa.amsl.com> <CAFU7BAQV5eeO3EKWXyTYDnsnAUhLCi-j-b7tkAJ5K79+-qSN9g@mail.gmail.com> <90963634-b469-a959-321c-8431e21dae85@foobar.org> <CAO42Z2yoveziP3wz0oDCQjPrs=zkLLfaJ2z0tePocPQjZFZSAQ@mail.gmail.com> <a4887c00-fec1-39f7-1362-2ac08e545072@foobar.org>
In-Reply-To: <a4887c00-fec1-39f7-1362-2ac08e545072@foobar.org>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Wed, 09 Nov 2022 09:16:54 +1100
Message-ID: <CAO42Z2z8kLCoU+=G1mOHrKnaXufCat5WZ-F7KqbUdJUhZ2iY-A@mail.gmail.com>
To: Nick Hilliard <nick@foobar.org>
Cc: Jen Linkova <furry13@gmail.com>, V6 Ops List <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000063822205ecfce666"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/5vPvF3sxFi77AtTgP93T36e9BEU>
Subject: Re: [v6ops] Fwd: New Version Notification for draft-linkova-v6ops-ipmaclimi-00.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2022 22:17:07 -0000

On Tue, 8 Nov 2022, 23:39 Nick Hilliard, <nick@foobar.org> wrote:

> Mark Smith wrote on 08/11/2022 12:19:
> > So just using DHCPv6 doesn't inherently ensure this problem won't occur.
>
> In an SLAAC environment, the operator becomes hostage to the policies of
> network clients.  At least in DHCPv6, there is a mechanism for the
> operator to manage this.
>

True.

I'm just making the point that it can't be said that using DHCPv6 rather
than SLAAC naturally prevents this problem, which seemed to be your
assertion.

These problems fundamentally exist because hosts are in a position to
create state in network elements without getting authorisation and
therefore exhaust that state capacity

This is not a new problem, IPv4 ARP caches have always been vulnerable to
state capacity exhaustion.

There should be upper limits on how many resources an individual host can
consume, however those limits need to reasonably allow hosts to do what
they want to do, since the network exists to serve hosts.

I don't have much exposure to hosts that are using many IPv6 addresses at
once, so don't have any rough idea of what is typical to then recommend as
a default minimum where there could be a resource default limit such as
these wifi ND proxies.

However, as RFC1681 seems to be the origin of IPv6 multi-addressing, and it
suggested hosts should be allowed to have somewhere between 64 and 256
concurrent IPv6 addresses.

Regards,
Mark.



> Nick
>

v2.23.0 | Report a Bug | By Email