Re: [v6ops] I-D Action: draft-ietf-v6ops-ula-usage-recommendations-02.txt

Owen DeLong <owen@delong.com> Mon, 10 March 2014 21:03 UTC

Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A6061A04E9 for <v6ops@ietfa.amsl.com>; Mon, 10 Mar 2014 14:03:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.548
X-Spam-Level:
X-Spam-Status: No, score=-2.548 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NzSClQ6ISaJ2 for <v6ops@ietfa.amsl.com>; Mon, 10 Mar 2014 14:03:03 -0700 (PDT)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id BB1231A04A6 for <v6ops@ietf.org>; Mon, 10 Mar 2014 14:03:03 -0700 (PDT)
Received: from [10.5.16.62] (adsl-69-228-92-192.dsl.pltn13.pacbell.net [69.228.92.192]) (authenticated bits=0) by owen.delong.com (8.14.2/8.14.2) with ESMTP id s2AL1kZp012377 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 10 Mar 2014 14:01:48 -0700
X-DKIM: Sendmail DKIM Filter v2.8.3 owen.delong.com s2AL1kZp012377
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=delong.com; s=mail; t=1394485308; bh=VKWZ6Zo9gha8xtWqjRXJSuej8/E=; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc: Content-Transfer-Encoding:Message-Id:References:To; b=FZJHflVoihFb7836BgqQLQ93W8Y7zmpuNl2Mrrt35ZprimIOM1/6AIAqW5uUd6bhn XnyW9AgkPAyQ40aqLPRlz63JOyN0NQ8M4p+FkZjPW2rzCidcrlNnn4fbm5+CXb9dee xlTAl5HByWsNqD4iDBp2cOBMN+w/b0YcT+4yzeTQ=
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.1 \(1827\))
From: Owen DeLong <owen@delong.com>
In-Reply-To: <1394480973.23375.92822809.7750FCFA@webmail.messagingengine.com>
Date: Mon, 10 Mar 2014 14:01:45 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <1F66965A-3C60-4B97-A8C7-90BB9D054F5F@delong.com>
References: <20140214091302.13219.20624.idtracker@ietfa.amsl.com> <1394480973.23375.92822809.7750FCFA@webmail.messagingengine.com>
To: William Cerveny <v6ops@wjcerveny.com>
X-Mailer: Apple Mail (2.1827)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0rc1 (owen.delong.com [192.159.10.2]); Mon, 10 Mar 2014 14:01:48 -0700 (PDT)
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/GQvvrrq9q0F6tdMrMn5rMZdbJCs
Cc: "v6ops@ietf.org WG" <v6ops@ietf.org>
Subject: Re: [v6ops] I-D Action: draft-ietf-v6ops-ula-usage-recommendations-02.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Mar 2014 21:03:06 -0000

On Mar 10, 2014, at 12:49 PM, William Cerveny <v6ops@wjcerveny.com> wrote:

> Posting onto the list with what I said at the v6ops meeting on Thursday:
> 
> I’ve been using a ULA in a test lab for perhaps 6 years.  They work fine
> and serve our requirement for having a block of addresses that can be
> routed within the test lab at a single location.  It is possible that at
> some point we will want to route with a different test lab, for which we
> wouldn’t want this traffic to leave either test lab. We aren’t routing
> the traffic outside of the test lab and for our application it is
> undesirable for our test traffic left the test lab.
> 
> I can think of two situations where ULAs would be more valuable in
> “isolated” networks than GUAs would be:
> 1) We don’t ever want the traffic addressed with ULAs to leave the test
> network. If we addressed with a GUA, it would be easier for the traffic
> to be accidentally routed outside the test lab (I think Fred spelled out
> this scenario).

It might be easier for this to occur over a wider area of routing, but, I do not believe that it is any easier to accidentally route GUA somewhere than it is to accidentally route ULA there.

I will agree that it will be more obviously visible in the routing table if such were to occur, but the ability to misconfigure a router does not change simply by using ULA addresses.

> 2) There may be administratively complex or prohibitive challenges in
> acquiring GUAs for specific projects. If one were to need addresses
> (other than link-local addresses) for a small isolated network an
> assigned GUA is unavailable, it could be desirable to use a ULA instead
> of random address space.

I agree that in all cases where GUA is unavailable, ULA is a preferred alternative.

However, I will point out that the policies for obtaining GUA have been made very liberal and easy in most RIRs and that the requirements are barely above “I have a network I want to number with IPv6 addresses. Please assign me a prefix. Kthxbye.”

IMHO, this is desirable.

My point is that we should avoid recommending ULA+NPT for hosts that are communicating to the outside world because NPT and all other forms of NAT should be considered harmful.

Owen

> 
> Bill Cerveny
> 
> On Fri, Feb 14, 2014, at 05:13 AM, internet-drafts@ietf.org wrote:
>> 
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>> This draft is a work item of the IPv6 Operations Working Group of the
>> IETF.
>> 
>>        Title           : Recommendations of Using Unique Local Addresses
>>        Authors         : Bing Liu
>>                          Sheng Jiang
>> 	Filename        : draft-ietf-v6ops-ula-usage-recommendations-02.txt
>> 	Pages           : 15
>> 	Date            : 2014-02-14
>> 
>> Abstract:
>>   This document provides guidance of how to use ULAs. It analyzes ULA
>>   usage scenarios and recommends use cases where ULA addresses might be
>>   beneficially used.
>> 
>> 
>> The IETF datatracker status page for this draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-v6ops-ula-usage-recommendations/
>> 
>> There's also a htmlized version available at:
>> http://tools.ietf.org/html/draft-ietf-v6ops-ula-usage-recommendations-02
>> 
>> A diff from the previous version is available at:
>> http://www.ietf.org/rfcdiff?url2=draft-ietf-v6ops-ula-usage-recommendations-02
>> 
>> 
>> Please note that it may take a couple of minutes from the time of
>> submission
>> until the htmlized version and diff are available at tools.ietf.org.
>> 
>> Internet-Drafts are also available by anonymous FTP at:
>> ftp://ftp.ietf.org/internet-drafts/
>> 
>> _______________________________________________
>> v6ops mailing list
>> v6ops@ietf.org
>> https://www.ietf.org/mailman/listinfo/v6ops
> 
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops