IETF Logo Mail Archive

Re: [v6ops] A common problem with SLAAC in "renumbering" scenarios

Erik Kline <ek@loon.co> Thu, 21 February 2019 01:17 UTC

Return-Path: <ek@google.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F5AE130F0E for <v6ops@ietfa.amsl.com>; Wed, 20 Feb 2019 17:17:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.498
X-Spam-Level:
X-Spam-Status: No, score=-9.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=loon.co
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nx8CxxDgsxeZ for <v6ops@ietfa.amsl.com>; Wed, 20 Feb 2019 17:17:40 -0800 (PST)
Received: from mail-io1-xd33.google.com (mail-io1-xd33.google.com [IPv6:2607:f8b0:4864:20::d33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35CC9130E25 for <v6ops@ietf.org>; Wed, 20 Feb 2019 17:17:40 -0800 (PST)
Received: by mail-io1-xd33.google.com with SMTP id x3so107474ior.6 for <v6ops@ietf.org>; Wed, 20 Feb 2019 17:17:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=loon.co; s=google; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to:cc; bh=+Jz4elpDt78QYPTgTHydZ44Z6BarODUJeWMt/jYfgb0=; b=CFJkShv7C8GqVP8eDaFEJ5jHnTFLeN5+PjN7Gexz45tyFFhy5AFnnYa6hcpGG+t8Jq 6l1ZfZMAs5ps5bVYpB65BvqbwFaHIpz9LVeu4k94Nql//RIYVk1MZDGkH+CD77ElqZmI rOlHTFHGnePTK+UB7U41XLQAmNdTfY3P3QnFk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=+Jz4elpDt78QYPTgTHydZ44Z6BarODUJeWMt/jYfgb0=; b=qWF43xC6aWkVZbImBsYUkrGebgMBr2KFZtHYodn/JSvGWnMZpmlqQqjkZrkg2zFIRn U1dZzDeCe2g0J3+QHJ0O9kkIvHWf/R7oWJHqT0qoMo5+Q9/sAm8sQSot/wsGFS/hWSoN mJ/3AFXNsM+0WLAYK8DLqQ7dN0gMwtUOK+Qeq0dVMuB7kRXTUVKDwigzBW9FEZyyuJiT VWXsNtwB2z1bKEpv102XUtm/kiiAwoVNPViu8f8HifzmiJoA0Z5lIKX4pRPyYAdtgCSm khKhTmHkOo6qTJdXHWwP1WvN2AVwx97mo5tOr5F7yrNflvrkuLQS6+lD4eQNtrAXzyv6 oCyw==
X-Gm-Message-State: AHQUAuZ6gQ7iQpl3stIAp8MBsAbRKUynMId3h9gccFbWK9aCPVZB6g6/ MMhmD+o6jj88XYxrYBpOOcbXRsW7Mpq9YC3b9uPyEw==
X-Google-Smtp-Source: AHgI3IZ/ID1Pg1HEv7Rai16qQjFkNMUM3p2j77xu4xlzhAmmiE3qmvyq9PJgRWOQ9TdJC/Pj1yca/fP6W7JOIrSDVYY=
X-Received: by 2002:a6b:5913:: with SMTP id n19mr23554618iob.62.1550711858754; Wed, 20 Feb 2019 17:17:38 -0800 (PST)
MIME-Version: 1.0
References: <6D78F4B2-A30D-4562-AC21-E4D3DE019D90@consulintel.es> <B6E2EC33-EEAF-40D0-AFCC-BDAFA9134ACD@consulintel.es> <20190220113603.GK71606@Space.Net> <28fbc2c305c640c9afb3704050f6e8d7@boeing.com> <20190220213107.GS71606@Space.Net> <019c552eb1624d348641d6930829fd1f@boeing.com> <c6409f1a-a7f6-810e-625d-a2912bf15c7e@gmail.com> <6cc7e8ac9c7e4a898018f117aabf1a88@boeing.com>
In-Reply-To: <6cc7e8ac9c7e4a898018f117aabf1a88@boeing.com>
Reply-To: ek@loon.co
From: Erik Kline <ek@loon.co>
Date: Wed, 20 Feb 2019 17:17:27 -0800
Message-ID: <CAAedzxo1rXv+tupAL=HsNN34M33_uq9=JCh9O0_pMAHoXU1N8w@mail.gmail.com>
To: "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, IPv6 Operations <v6ops@ietf.org>, "6man@ietf.org" <6man@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007de09405825d3d0e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/8ZdWuZOTruYHxrEK0ReQRGbG9TU>
Subject: Re: [v6ops] A common problem with SLAAC in "renumbering" scenarios
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2019 01:17:42 -0000

On Wed, 20 Feb 2019 at 17:12, Manfredi (US), Albert E <
albert.e.manfredi@boeing.com> wrote:

> -----Original Message-----
> From: Brian E Carpenter <brian.e.carpenter@gmail.com>
>
> > NPTv6 is not NAT66, as the NPTv6 *Experimental* RFC explains.
>
> Okay, NPTv6. No port translations. RFC 6296.
>
> >> All of the advantages of the basic NAT come to bear,
> >
> > I'm not sure that that is true, but NPTv6 brings some, but not all,
> of the disadvantages of NAT too, as also explained in RFC6296.
>
> Few of the disadvantages, I'd say. For example, use of IPsec AH is
> compromised. But many people objected to the mandatory use of IPsec in IPv6
> already, because there are other ways of securing content that they prefer
> to deploy. I think that the wide deployment of NAPT in IPv4 has reduced the
> severity of the disadvantages of NPT, as application designers have long
> had to accommodate workarounds?
>
> > NPTv6 as a work-around for a defect in SLAAC when there is an
> unplanned renumbering?
>
> I mentioned SLAAC timers as an example. What I should have said is, as far
> as I can tell, all of the problems we have been discussing in this thread
> would be solved with NPTv6. Privacy in home nets, renumbering, route
> aggregation, SLAAC, what else? I can't think of an issue mentioned here
> that NPTv6 wouldn’t solve.
>
> It should not be all that surprising that the advantages of address
> independence have become entrenched in IP thinking, thanks to IPv4. So it
> should not be surprising if many have come to depend on these advantages,
> and don’t want to give them up.
>

As Lorenzo said, it "solves" some operational pain by pushing that pain
onto those that are not represented in the decision making process to
deploy any variety of NAT (i.e. apps, OSes, ...)

We've been here before <https://www.ietf.org/proceedings/74/6ai.html>, of
course.

v2.23.0 | Report a Bug | By Email