IETF Logo Mail Archive

Re: [v6ops] AWS ipv6-only features

Vasilenko Eduard <vasilenko.eduard@huawei.com> Fri, 26 November 2021 09:35 UTC

Return-Path: <vasilenko.eduard@huawei.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B5CC3A0CE2 for <v6ops@ietfa.amsl.com>; Fri, 26 Nov 2021 01:35:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vjWQH1ypaL26 for <v6ops@ietfa.amsl.com>; Fri, 26 Nov 2021 01:35:06 -0800 (PST)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 862B33A0CA3 for <v6ops@ietf.org>; Fri, 26 Nov 2021 01:35:06 -0800 (PST)
Received: from fraeml706-chm.china.huawei.com (unknown [172.18.147.201]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4J0qHZ61DWz67Xcd; Fri, 26 Nov 2021 17:31:06 +0800 (CST)
Received: from mscpeml100002.china.huawei.com (7.188.26.75) by fraeml706-chm.china.huawei.com (10.206.15.55) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2308.20; Fri, 26 Nov 2021 10:35:02 +0100
Received: from mscpeml500001.china.huawei.com (7.188.26.142) by mscpeml100002.china.huawei.com (7.188.26.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Fri, 26 Nov 2021 12:35:02 +0300
Received: from mscpeml500001.china.huawei.com ([7.188.26.142]) by mscpeml500001.china.huawei.com ([7.188.26.142]) with mapi id 15.01.2308.020; Fri, 26 Nov 2021 12:35:02 +0300
From: Vasilenko Eduard <vasilenko.eduard@huawei.com>
To: Mark Smith <markzzzsmith@gmail.com>, Clark Gaylord <cgaylord@vt.edu>
CC: IPv6 Ops WG <v6ops@ietf.org>
Thread-Topic: [v6ops] AWS ipv6-only features
Thread-Index: AQHX4fsZSlp8ExgGPkarucfdaUPk/qwUenAAgAAJBgCAAAIfAIAAAOSAgAAAXgCAAQYhgA==
Date: Fri, 26 Nov 2021 09:35:02 +0000
Message-ID: <4e9e5318f84241279e8a00e72bd3bd06@huawei.com>
References: <CAD6AjGRAkpMDaAh31mVL=+Gcz5PHejUxxLazr4Xb=vVRHfaSpw@mail.gmail.com> <CAO42Z2z8u_DQMd9eNSQp_RhBinXk2KyH4pdbVLMEqOta-hoG1w@mail.gmail.com> <CADzU5g5odQ82FJ0TsdNxFB42OkgLZ+PWanLLrK1roLojAUS54A@mail.gmail.com> <CAO42Z2z+ZJ_pLwZmBjZ_HFsNXQ6jok-PMRTP23ZD2UMch61wtw@mail.gmail.com> <CADzU5g7RUTCVyYBCYUhOzxVj1DE04mHDGP6o5y8zxVcYC9YMLA@mail.gmail.com> <CAO42Z2x=Sgdi_tCT83AWFZWZZ74riosRxnX4uzxRsafLrLtcuA@mail.gmail.com>
In-Reply-To: <CAO42Z2x=Sgdi_tCT83AWFZWZZ74riosRxnX4uzxRsafLrLtcuA@mail.gmail.com>
Accept-Language: zh-CN, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.47.195.243]
Content-Type: multipart/alternative; boundary="_000_4e9e5318f84241279e8a00e72bd3bd06huaweicom_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/EbPOunGMF5mcg4CHUMspdJs1pvs>
Subject: Re: [v6ops] AWS ipv6-only features
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Nov 2021 09:35:19 -0000

It is a good attempt to push people for “U” in ULA.
Just it is not guaranteed without a Registry.
But the registry could not be for free.
Then ULA would become similar to GUA (except bloating Internet BGP table).
Deadlock.
Ed/
From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Mark Smith
Sent: Thursday, November 25, 2021 11:54 PM
To: Clark Gaylord <cgaylord@vt.edu>
Cc: IPv6 Ops WG <v6ops@ietf.org>
Subject: Re: [v6ops] AWS ipv6-only features


On Fri, 26 Nov 2021, 07:52 Clark Gaylord, <cgaylord@vt.edu<mailto:cgaylord@vt.edu>> wrote:
I'll summarize "getting IPv6 private addressing right" here:

Use global addressing.

There I fixed it for you :-)


Since I wrote that, no, that is a very wrong summary.


On Thu, Nov 25, 2021, 15:49 Mark Smith <markzzzsmith@gmail.com<mailto:markzzzsmith@gmail.com>> wrote:

On Fri, 26 Nov 2021, 07:41 Clark Gaylord, <cgaylord@vt.edu<mailto:cgaylord@vt.edu>> wrote:
Yeah AWS hold their cards close and don't seem to engage the community, but they do have decent IPv6 coverage across the services. Notwithstanding that the whole VPC concept has the whiff of ancient days about it; tonight we're gonna network like it's 1999!

EC2 as part of the address is a great idea. I am so stealing that (can't believe I haven't thought of it.)

It's a terrible idea. The "Unique" in ULA is on purpose.

Getting IPv6 private addressing right
https://blog.apnic.net/2020/05/20/getting-ipv6-private-addressing-right/



On Thu, Nov 25, 2021, 15:09 Mark Smith <markzzzsmith@gmail.com<mailto:markzzzsmith@gmail.com>> wrote:

On Thu, 25 Nov 2021, 23:51 Ca By, <cb.list6@gmail.com<mailto:cb.list6@gmail.com>> wrote:
Fyi, aws has gone beyond perfunctory ipv6 support and has released a series of enhancements, with a focus on ipv6-only scenarios, including nat64 / dns64

https://aws.amazon.com/about-aws/whats-new/2021/11/aws-nat64-dns64-communication-ipv6-ipv4-services/

AWS has lapped Google and Azure in advanced network features, which is really surprising given the early muscle Google developed at IPv6 launch and a stronger need to differentiate …

AWS failed to do ULAs properly. 'ec2' could be a random global ID, but unlikely when their service is "EC2".

Matters more here because they're exposing that to all of their tenants. I think GUAs would have been better for these internal all tenant services.

I've never seen AWS participate here in 20 years, unlike G and M.


_______________________________________________
v6ops mailing list
v6ops@ietf.org<mailto:v6ops@ietf.org>
https://www.ietf.org/mailman/listinfo/v6ops
_______________________________________________
v6ops mailing list
v6ops@ietf.org<mailto:v6ops@ietf.org>
https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email