Re: [v6ops] [EXTERNAL] Re: Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)

"Manfredi (US), Albert E" <albert.e.manfredi@boeing.com> Wed, 06 January 2021 05:54 UTC

Return-Path: <albert.e.manfredi@boeing.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51E2B3A10B0; Tue, 5 Jan 2021 21:54:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.119
X-Spam-Level:
X-Spam-Status: No, score=-2.119 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=boeing.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xtis1i2_kBJR; Tue, 5 Jan 2021 21:53:59 -0800 (PST)
Received: from clt-mbsout-02.mbs.boeing.net (clt-mbsout-02.mbs.boeing.net [130.76.144.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 502093A10A9; Tue, 5 Jan 2021 21:53:58 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by clt-mbsout-02.mbs.boeing.net (8.15.2/8.15.2/DOWNSTREAM_MBSOUT) with SMTP id 1065rsuf011035; Wed, 6 Jan 2021 00:53:55 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=boeing.com; s=boeing-s1912; t=1609912435; bh=hVTCdQ8W6Bi5oftCoJck+M9/zAiFptEjpuL3xw6rPac=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=AQiFXsMMc2Tvj6XMBaMjAIsBPB8SJ2YRGZuIKlynE2fa+27kfhbqXDB/566yBN7/l cz2tFfiLJ08OLyS75UA6PGE/yYCRAie+lKTGp/rZCUlKqdhsChx3qp7mJEWG+bq2MF F51JToVu/fV4SlqwUT0UtfnalUExHI7iulQsZMVPhR3B9szZZQs1fxh1uaChA34Pwn 9jQ0Z2eJUn6yqSFIqqGUb/Y9qcAQN9Rff9gpkZo9oAyjnyXLEbt1rqFFOj+wDYhpqM RUFN3jiEiRwrCoyzW1ud4JmtKOungCXMZp7PhvEcf/UQ7iFeKkZanMC6F4xdw0AZ1y WO0FMk9gul7uQ==
Received: from XCH16-01-09.nos.boeing.com (xch16-01-09.nos.boeing.com [144.115.65.234]) by clt-mbsout-02.mbs.boeing.net (8.15.2/8.15.2/8.15.2/UPSTREAM_MBSOUT) with ESMTPS id 1065rkWp010903 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=OK); Wed, 6 Jan 2021 00:53:47 -0500
Received: from XCH16-01-11.nos.boeing.com (144.115.66.39) by XCH16-01-09.nos.boeing.com (144.115.65.234) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.2044.4; Tue, 5 Jan 2021 21:53:45 -0800
Received: from XCH16-01-11.nos.boeing.com ([fe80::c57c:39bc:4c0a:384b]) by XCH16-01-11.nos.boeing.com ([fe80::c57c:39bc:4c0a:384b%4]) with mapi id 15.01.2044.004; Tue, 5 Jan 2021 21:53:45 -0800
From: "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>
To: Fernando Gont <fgont@si6networks.com>
CC: IPv6 Operations <v6ops@ietf.org>, 6MAN <6man@ietf.org>
Thread-Topic: [EXTERNAL] Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)
Thread-Index: AQHW4+pOG7wrQgzUhUyECNniNFZ8MKoaEugA
Date: Wed, 6 Jan 2021 05:53:45 +0000
Message-ID: <da9fabb091294fc6bf55184f1cce5d61@boeing.com>
References: <160989494094.6024.7402128068704112703@ietfa.amsl.com> <6fe3a45e-de65-9f88-808d-ea7e2abdcd16@si6networks.com> <CAO42Z2wR-3vbHi-NrBBMmCTNDq5fgqvSmBUbYK7P+63QTNfxkg@mail.gmail.com> <2e80ec51-ec66-16c7-7c9e-a6e8d632c5de@si6networks.com> <91dd34c29aa64a5d80f64bd0a4370dcc@boeing.com> <02c4c5bd-5a49-81f3-4379-c71dbb252112@si6networks.com>
In-Reply-To: <02c4c5bd-5a49-81f3-4379-c71dbb252112@si6networks.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [144.115.204.6]
x-tm-snts-smtp: ACB09E3227197A01887590E975206EC663A8A91DCF7408D9619DBC18429613CB2000:8
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-TM-AS-GCONF: 00
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/GYPNOs0h1QaZvrqJJrQBu1unFOs>
Subject: Re: [v6ops] [EXTERNAL] Re: Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jan 2021 05:54:01 -0000

Hi Fernando, let's follow the KISS principle.

-----Original Message-----
From: Fernando Gont <fgont@si6networks.com> 

> RFC4193 does not mandate a specific algorithm, but rather specified the 
requirements for the PRNG (good for the RFC4193 authors!). So, 
documenting the seed will serve no purpose, because other 
implementations might use a completely different algorithm for 
generating the ULA prefix.

Within an enterprise, the admin has a choice of which PRNG to use, and what seed to use. Think in terms of one guy, making that decision, and then documenting all the Global ID 40-bit sequences in use, in the various nets of the enterprise. The guy with this responsibility can certainly decide on which algorithm to use!

It is easy enough to guarantee uniqueness, in this case.

> An this one is obviously non-enforceable, for multiple reasons, 
including the fact that RFC4193 doesn't mandate any specific algorithm.

I am the enterprise admin, I'm tasked with administering the ULAs for the enterprise, and I enforce the rule. The admin of one enterprise network has no say in what other admins, of other enterprise networks, want to do. Nor is there any requirement for ULAs of different enterprise nets to be mutually unique.

> I don't think anybody has equated ULAs with link-locals. The argument 
has been, instead, that: scope(link-local) < scope(ULA) < scope(GUA)

Something like "single administrative domain scope," if that existed, makes sense to me. I think the problem is that today, it's either link local or global scope?

> In a way, the expectation of ULAs to be global-scope is probably what 
drove the recent discussion on the 6man list about a ULA registry --

To me, that's a different discussion. That registry idea would probably be a necessity, but only for the fc00::/8 ULAs, which are for future use. When ULAs are not assigned by an individual admin, the problem of uniqueness is different, no? To me, that registry problem is a non-issue, unless and until we start using the fc00::/8 addresses. As of now, only fd00::/8 are being discussed.

Bert