Re: [v6ops] I-D Action: draft-ietf-v6ops-unique-ipv6-prefix-per-host-12.txt

Tim Chown <> Mon, 02 October 2017 07:45 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D885A134C77 for <>; Mon, 2 Oct 2017 00:45:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.32
X-Spam-Status: No, score=-4.32 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id mVcBwJ9k7J_E for <>; Mon, 2 Oct 2017 00:45:00 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1B328134F0D for <>; Mon, 2 Oct 2017 00:44:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=mimecast20170213; t=1506930295; h=from:subject:date:message-id:to:cc:mime-version:content-type:content-transfer-encoding:in-reply-to:references; bh=0KufgtJt80pua5hQUPvMNZabQEM2ngxyaIDgnrnl6xk=; b=X9/cL6ZurRj2Ka+xzA+adEFMnwY+NSWik+sVEf/orghauKpz25absFP+voz/XcTFUSy3QWuVG6rbJV1qWYvr+jpw1qdIOfku8cz2+4I6UFlPR7GcH9AFxOEvYzafHvoAcfrpyIiabmfV5nHil8A11mGxjqOzJ99ggjf2An4X7Pg=
Received: from ( []) (Using TLS) by with ESMTP id uk-mta-78-_DEN1fv5N5qcqz7rGNduBA-1; Mon, 02 Oct 2017 08:44:53 +0100
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id; Mon, 2 Oct 2017 07:44:51 +0000
Received: from ([fe80::6d:9ebf:900:b590]) by ([fe80::6d:9ebf:900:b590%14]) with mapi id 15.20.0077.018; Mon, 2 Oct 2017 07:44:51 +0000
From: Tim Chown <>
To: Lorenzo Colitti <>
CC: " WG" <>
Thread-Topic: [v6ops] I-D Action: draft-ietf-v6ops-unique-ipv6-prefix-per-host-12.txt
Thread-Index: AQHTOQtI4fWXh2mslEK1x7fhiK0xXaLP33gAgABTJAA=
Date: Mon, 2 Oct 2017 07:44:51 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: en-GB, en-US
Content-Language: en-US
x-mailer: Apple Mail (2.3273)
x-originating-ip: [2001:a88:d510:1101:39f4:ad30:b0be:9a53]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM3PR07MB1137; 20:bH4jRv6wKIFPQceJKyg9tOg5M10UWkYrgYd7SRa+jfauMIl4oDSJNPfzWKHigsuVuIXWZnuJHqc3U7BRGdgNntO1RTq1S6LeEhhaeaLzX/63QlPhJBC2/nsG6PI/+PBZSqe3C/iHYNJ178/4AZsQ701E/PgG+2FpgdtQemCyWug=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: d8360363-e970-47d4-3750-08d509697731
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254152)(2017052603199)(201703131423075)(201703031133081)(201702281549075); SRVR:AM3PR07MB1137;
x-ms-traffictypediagnostic: AM3PR07MB1137:
x-exchange-antispam-report-test: UriScan:(211936372134217)(153496737603132);
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(10201501046)(3002001)(93006095)(93001095)(100000703101)(100105400095)(920507026)(6041248)(20161123562025)(20161123558100)(20161123564025)(201703131423075)(201702281529075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM3PR07MB1137; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM3PR07MB1137;
x-forefront-prvs: 0448A97BF2
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(376002)(346002)(39830400002)(24454002)(377454003)(189002)(199003)(6246003)(2906002)(5660300001)(6306002)(6436002)(4326008)(102836003)(53936002)(6506006)(6116002)(86362001)(36756003)(82746002)(6512007)(101416001)(3280700002)(3660700001)(7736002)(189998001)(81166006)(50986999)(68736007)(99286003)(230783001)(8936002)(2950100002)(6916009)(42882006)(74482002)(50226002)(34040400001)(76176999)(305945005)(8676002)(81156014)(53546010)(966005)(72206003)(478600001)(33656002)(97736004)(105586002)(786003)(83716003)(106356001)(316002)(14454004)(5250100002)(5890100001)(57306001)(229853002)(6486002)(25786009)(2900100001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM3PR07MB1137;; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-ID: <>
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Oct 2017 07:44:51.8098 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM3PR07MB1137
X-MC-Unique: _DEN1fv5N5qcqz7rGNduBA-1
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: base64
Archived-At: <>
Subject: Re: [v6ops] I-D Action: draft-ietf-v6ops-unique-ipv6-prefix-per-host-12.txt
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 02 Oct 2017 07:45:03 -0000

> On 2 Oct 2017, at 03:47, Lorenzo Colitti <> wrote:
> On Fri, Sep 29, 2017 at 7:10 PM, <> wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the IPv6 Operations WG of the IETF.
>         Title           : Unique IPv6 Prefix Per Host
>         Authors         : John Jason Brzozowski
>                           Gunter Van De Velde
>         Filename        : draft-ietf-v6ops-unique-ipv6-prefix-per-host-12.txt
> LGTM. Thanks for continuing to iterate on feedback. I think this document is very important, as it is the only  currently-deployable way to provide users with multiple IP addresses (and thus follow RFC 7934) on public networks where there is the possibility of devices attacking each other or attacking the network.
> A couple of minor suggestions for improvements.
> 1. Since most devices have privacy addresses on by default these days, I would suggest the following tweaks:
> 	• "Each host can consequently use SLAAC or any other method of choice to select its /128 unique address." should instead read "Each host can consequently use SLAAC or any other method of choice to select IPv6 addresses in the prefix."
> 	• "After the subscriber received the RA, and the associated flags, it will assign itself a 128 bit IPv6 address using SLAAC." should read "After the subscriber received the RA, and the associated flags, it will assign itself one or more 128-bit IPv6 addresses using SLAAC.”

I agree with these changes as they emphasise the multiple address per host property, when the document talks of addresses (plural) elsewhere. And s/received/receives.

There’s a third place to also make such a change”
* change "allow broadest support on connected devices to receive a valid IPv6 address” to "allow broadest support on connected devices to receive valid IPv6 addresses"

> 2. Thanks for adding text to section 5 addressing the concern about RAs expiring. One thing I think is not covered is: current Android devices will actually disconnect when their IPv6 address becomes deprecated. So you might want to set the preferred lifetime to 3600s as well.
> I would also suggest: given that 514 and 686 look like strange numbers, just mention that these numbers result in an average RA interval of 600s. :-)

The maths would be cleaner with 6 RAs per hour in RFC7772 rather than 7 RAs :)

The only other two comments I’d have now we seem to have the document close to publication are

1. The document only mentions SLAAC RFC4862 [RFC4862]; should it mention RFC 7217, given that is now the recommended way to do SLAAC?

2. At the start of section 4, it says the UE when attaching will use RFC8106 to learn DNS addresses. Elsewhere in the doc stateless DHCPv6 is stated as an option (O flag = 1); should stateless DHCPv6 be mentioned here as well, or is this as intended?  Given the document speaks of IPv6-only deployment, and discusses why SLAAC is recommended over DHCPv6 IA_NA) it would be good to be clear on where/whether stateless DHCPv6 support is required.


> Cheers,
> Lorenzo
> _______________________________________________
> v6ops mailing list