[v6ops] Re: Dynamic addresses

Daryll Swer <contact@daryllswer.com> Sat, 10 August 2024 21:45 UTC

Return-Path: <contact@daryllswer.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58AC7C14CE30 for <v6ops@ietfa.amsl.com>; Sat, 10 Aug 2024 14:45:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=daryllswer.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nHtOmQLdjmOb for <v6ops@ietfa.amsl.com>; Sat, 10 Aug 2024 14:45:39 -0700 (PDT)
Received: from mail-oa1-x35.google.com (mail-oa1-x35.google.com [IPv6:2001:4860:4864:20::35]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05701C14F6E1 for <v6ops@ietf.org>; Sat, 10 Aug 2024 14:45:38 -0700 (PDT)
Received: by mail-oa1-x35.google.com with SMTP id 586e51a60fabf-2642cfb2f6aso2293007fac.2 for <v6ops@ietf.org>; Sat, 10 Aug 2024 14:45:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=daryllswer.com; s=google; t=1723326336; x=1723931136; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=XKHoiPVXMhRcr2iM5ye2seHd5Odc9mD3TchtoReAQX4=; b=kOnR4SZqQ1CoqgIyWhXXd5v+QUFo2c/uhXyCWw/MKdGGgAeBjM3KzCFU+gfq9l9dY0 QmFLXEWD26FX1VIl412DIwJUwWUtZC8gsMyMc6yA3Q+/j2XbNbMBgJE+qWy1f24hXd/g 5Z6tUqsdMo/3uNJbbuZum9OlVamYicBB0DU+kxZ13j+mfCIEg9/nPWbrqWPQjJxSf9aI m/wDsU0I1jnGGGc6tOQwF8yJZFTjuv9s8fw2UiAW3XIxz+YG26eOP22e+8/fr6+AiCkb NVlJCgwjT9srFGZ6eqV0ig/K9KTH4k3zIfcO9rCefVLWclSwY47boX3ZaYcBDhKcx031 lJQA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723326336; x=1723931136; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XKHoiPVXMhRcr2iM5ye2seHd5Odc9mD3TchtoReAQX4=; b=LwS5BYoFaX53URGOb4QlvF+p9nFfUpGhNT+SHcwCgbQTHYvWzpT3De5mj85D2CNVBi Gu9WO/ooFcmdpYeIaJ0f/xpQeIFC+Qoho82WT2ibuwz81aT9DJv+pIqgHK6EoI8UZOo/ I61OgnsuQEofl77/ZaY699SpqihFLZ+WvLC/VE4cD1KgwqzZlSEA/qkaCqdXo44tsjZD SmCu4D4XoN90hDVoU6Yu7Wfd/i3WqAK/MASpohBRbFcHt/U07JbUAxdNaNG07wesvayo Skd365+Ak+ZaZy8RgL73cx2R+GyGNxb25Y6dWyFIhdCgUZKXLQNh5Z8mz1isHXP+E6CN FN4Q==
X-Forwarded-Encrypted: i=1; AJvYcCUXAqzKf2nte+ZbQMUWKuDPNSC5/72aQzkpWq9SCHgTOLEUZ4Lmv1wmGYBx+iNid2NiZxiO+g==@ietf.org
X-Gm-Message-State: AOJu0Yy/PqHsO7n8Wmxd0WrALAePaoGAKnQnMFPN1xU5GOu28s3ETghq XBaWXroX7r1F0CI0sODd1kFao3f6Lfm/Z4e0xa1/0S91ATXOUf7A/iI05c2R9f8kVmeqSzGx7sI q24g=
X-Google-Smtp-Source: AGHT+IHrEM93atBJByehzYrDK4+45n4ho+uZJs+VP4xGSm8fP2k/7lImUIK3bAvvvkg6DWTjhduA/g==
X-Received: by 2002:a05:6870:5b9b:b0:261:26ab:f89d with SMTP id 586e51a60fabf-26c63021dbbmr6098913fac.48.1723326336291; Sat, 10 Aug 2024 14:45:36 -0700 (PDT)
Received: from mail-oi1-f172.google.com (mail-oi1-f172.google.com. [209.85.167.172]) by smtp.gmail.com with ESMTPSA id 46e09a7af769-70c7b880c27sm737066a34.56.2024.08.10.14.45.35 for <v6ops@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 10 Aug 2024 14:45:35 -0700 (PDT)
Received: by mail-oi1-f172.google.com with SMTP id 5614622812f47-3db145c8010so2195237b6e.3 for <v6ops@ietf.org>; Sat, 10 Aug 2024 14:45:35 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCUFQNpsD9jgwZ1WAlorlrabL93lhi5Y4Yz5GikYdFAcMkWXDpmNcNuWdMXOApk5lN0hCbonAQ==@ietf.org
X-Received: by 2002:a05:6830:43a6:b0:709:49c5:fd99 with SMTP id 46e09a7af769-70b6b2fdcccmr7613962a34.4.1723326335358; Sat, 10 Aug 2024 14:45:35 -0700 (PDT)
MIME-Version: 1.0
References: <df01e0f8-1b0d-4792-be2c-89a59da7de49.ref@swbell.net> <df01e0f8-1b0d-4792-be2c-89a59da7de49@swbell.net> <CAJgLMKte1H3FaoQOhc7_No=SNdczQFo2_mp2c1FvTOqLCRFm2g@mail.gmail.com> <6e70bed7-6f84-4a4a-90f8-fec1d10a599b@swbell.net> <CAJgLMKsXHcxzu8Kbrg1pu9SDkGDH0b1bWzW__CrfpDaSv3Joog@mail.gmail.com> <CACyFTPFakaDLdTJVc6d1HiR_oaedNOV76MRQxJp=+z95uQFVZQ@mail.gmail.com> <CAPt1N1=rQp5U4_X=2WvCV358S9Qm+E+_+gs_mgUJHP_68dYLmg@mail.gmail.com> <d16406c6-e5d9-4aa4-a16e-7513d04d6b07@gmail.com> <CACyFTPEdh_SL3BJ6WcD18tpYzH=Q6gxYnXanTsHZxF4xQm7LuA@mail.gmail.com> <19b076c0-ff57-471a-8f66-6ad47d7169f4@gmail.com> <f469fd02-f67e-4aa3-80e1-e055e63fadd2@swbell.net> <CACyFTPGNUvKkF+hxg1xJPSRNWo4aZN+jtwO3GeMLmQ1pTY8x3g@mail.gmail.com> <CAPt1N1kLTuKjtvsJ5qGd_kjnc8K2HDc7OemMqtaSavGH6kAqJA@mail.gmail.com> <CACyFTPEjAq0kGHFwiNnqsmyhxavu6HhEBu6X7OQXAgaKpPqa1g@mail.gmail.com> <CAN-Dau05Q2GVydUb8DLfAXYNEtrKPkTFROOWT3cDMr5DSPD8Tg@mail.gmail.com>
In-Reply-To: <CAN-Dau05Q2GVydUb8DLfAXYNEtrKPkTFROOWT3cDMr5DSPD8Tg@mail.gmail.com>
From: Daryll Swer <contact@daryllswer.com>
Date: Sun, 11 Aug 2024 03:14:48 +0530
X-Gmail-Original-Message-ID: <CACyFTPEVtd4DXdVq66CFO6E61ZNDNrDQOAu4CEt8yeK9fDBcJg@mail.gmail.com>
Message-ID: <CACyFTPEVtd4DXdVq66CFO6E61ZNDNrDQOAu4CEt8yeK9fDBcJg@mail.gmail.com>
To: David Farmer <farmer=40umn.edu@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000d2802061f5b2eb0"
Message-ID-Hash: RJMW4OTQJ6F2HAVKVAKOUJN7D7PZIIMM
X-Message-ID-Hash: RJMW4OTQJ6F2HAVKVAKOUJN7D7PZIIMM
X-MailFrom: contact@daryllswer.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-v6ops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The Multach's <jmultach@swbell.net>, v6ops@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [v6ops] Re: Dynamic addresses
List-Id: v6ops discussion list <v6ops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/H_WDnms6f6e1lyS29WKwE7TX2MI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Owner: <mailto:v6ops-owner@ietf.org>
List-Post: <mailto:v6ops@ietf.org>
List-Subscribe: <mailto:v6ops-join@ietf.org>
List-Unsubscribe: <mailto:v6ops-leave@ietf.org>

David

Changing the prefix delegation on power failure of the CPE generally has a
> fairly low impact, as the devices using the network frequently loose power
> as well and are rebooted. And, even if they don’t loose power they
> typically loose link, which is also a signal to reestablish their addresses.


Not sure how electrical systems are built in the west, but over here, even
lower-income households have inverters (or UPS) in place, i.e. the CPE, and
client devices connected over Wi-Fi do *not* lose power and the Wi-Fi
interface *stays up*, upstream OLT comes back up/quick fibre patching done,
and now the clients have broken IPv6 connectivity for X amount of
minutes/hours depending on pref/valid values.

Again, this isn't theoretical, I see this in real life, ALL the time, and
if you do a quick Google search using this precise search time, plenty of
other users reported it:
“Dynamic IPv6 breaks SLAAC”.

As a consultant, I also get these complaints from unaware ISPs' business
owners and C-suites, who didn't know about BCOP-690 and static ia_pd, I,
moved them to static ia_pd, lo and behold — customer complaints about
broken (v6) connectivity, stopped spamming their ticketing software.

Nothing about my feedback on this is “hypothetical”, this is all IRL.

That being said, whether or not to maintain the same prefix across reboots
> should be in control of the end user, not necessarily the CPE manufacturer
> or the ISP. Only the end user knows if their use case is advantaged or
> disadvantaged by getting a new prefix on power loss or other reboots.
>

I agree on this aspect. I am not a protocol designer, but if I was, I'd be
keenly interested in potentially augmenting both ia_na and ia_pd with a
“privacy” flag, whereby if the user sets it to 1, they can set a timer to
renew (per 24 hours, months etc), and the server will feed a fresh ia_na
and ia_pd that ways. And if the user sets privacy flag = 0, the ia_na and
ia_pd is permanently (lifetime) static. Probably good to augment it
further, where privacy flag is independent for each (na, pd), along with
independent timers giving the user complete control and making the life of
the ISP and CPE maker, simpler.

Nevertheless, permanent addresses, unchanging for an extended periods of
> time like months or years, is a threat to privacy, it makes tracking
> trivial.
>

This is an arguable/argumentative topic — i.e. “privacy” and “IPs”. Most
analytics/tracking software rely on system, browser fingerprinting,
invasive cookies, and even battery API
<https://eprint.iacr.org/2015/616.pdf> to track users — a lot of motivation
came for this, from mobile devices where the end-user moves between Wi-Fi
networks and mobile networks 24/7. Analytics had to figure out a way to
identify/track the users across different Wi-Fi/Mobile networks, and
therefore by design can do so even with dynamic IPs.

*--*
Best Regards
Daryll Swer
Website: daryllswer.com
<https://mailtrack.io/l/7070cf174482cea593104513e38e67dd0d19e934?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=b99c4df5e4efd1b8>


On Sun, 11 Aug 2024 at 02:39, David Farmer <farmer=40umn.edu@dmarc.ietf.org>
wrote:

> I just want to say that I agree simply changing addresses, particularly
> forcing address changes periodically, does not provide privacy by itself
> and doesn’t prevent tracking.
>
> Nevertheless, permanent addresses, unchanging for an extended periods of
> time like months or years, is a threat to privacy, it makes tracking
> trivial.
>
> Changing the prefix delegation on power failure of the CPE generally has a
> fairly low impact, as the devices using the network frequently loose power
> as well and are rebooted. And, even if they don’t loose power they
> typically loose link, which is also a signal to reestablish their addresses.
>
> That being said, whether or not to maintain the same prefix across reboots
> should be in control of the end user, not necessarily the CPE manufacturer
> or the ISP. Only the end user knows if their use case is advantaged or
> disadvantaged by getting a new prefix on power loss or other reboots.
>
> Thanks.
>
> On Sat, Aug 10, 2024 at 10:15 Daryll Swer <contact=
> 40daryllswer.com@dmarc.ietf.org> wrote:
>
>> Ted
>>
>> > It sounds like the isps who you know of who are doing this are not
>> following the rfcs. That makes it cheaper, and makes it break IPv6 for the
>> end user.
>>
>> *Most*, ISPs don't conform to RFCs, BCPs and BCOPs. As a consultant, I
>> get exposed (They email me their diagrams and configs for review) to tens
>> of networks every year, and I can count on one hand, how many networks
>> conform to the minimum for networking in general (IPv4 vs IPv6 aside).
>>
>> That's why I think the "draft-ietf-v6ops-cpe-lan-pd" should potentially,
>> have something to give to end-users for them to use against such ISPs, in
>> order for these users to get a permenaent ia_pd (/56 minimum or /48
>> maximum) via support tickets, asking the ISP to conform.
>>
>> *--*
>> Best Regards
>> Daryll Swer
>> Website: daryllswer.com
>> <https://mailtrack.io/l/713f3f681113f0bfb34c34bcf30460679e5a5347?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=fe00cdb4ee3ab02c>
>>
>>
>> On Sat, 10 Aug 2024 at 19:53, Ted Lemon <mellon@fugue.com> wrote:
>>
>>> At least in Germany the address shifting was a regulatory thing—the isp
>>> I was working with on it didn’t want to do it—it was expensive and
>>> inconvenient.
>>>
>>> It sounds like the isps who you know of who are doing this are not
>>> following the rfcs. That makes it cheaper, and makes it break IPv6 for the
>>> end user.
>>>
>>> Op za 10 aug 2024 om 10:10 schreef Daryll Swer <contact@daryllswer.com>
>>>
>>>> > Then again, there is a claim that on those you may not get a prefix
>>>> at all (just a single IP6 address), and if you do, often its a /64 with no
>>>> PD.
>>>>
>>>> IIRC, US Telcos even have separate billing for mobile
>>>> tethering/hotspot, right? And IPv6 doesn't always work over that ways?
>>>>
>>>> Over here, it appears the tethering interface just bridges with the PDP
>>>> interface, and the “clients” that connects gets a /128 GUA, shared with a
>>>> single /64 with the SIM.
>>>>
>>>> > For security reasons, one of them has a rule to change the assigned
>>>> IPv6 address space at least once every 4 hours.
>>>>
>>>> You mean conspiracy theories about big bro and “privacy”… It's not
>>>> “security”.
>>>>
>>>> iPhones have built-in security, Ted Lemon can probably elaborate on
>>>> that. Android, too, has built-in security, the Google folks here can
>>>> probably elaborate on that.
>>>>
>>>> Nope, I am completely against conspiracy theories about “dynamic IP
>>>> stops big bro from spying on you”. If big bro wants to “spy” on you, no
>>>> amount of “dynamic IPs” is stopping that.
>>>>
>>>> *--*
>>>> Best Regards
>>>> Daryll Swer
>>>> Website: daryllswer.com
>>>> <https://mailtrack.io/l/ba62818f368e4ab91c6676b1a01e6088ea674e45?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=b8dfc4abc306b3d8>
>>>>
>>>>
>>>> On Sat, 10 Aug 2024 at 19:29, The Multach's <jmultach@swbell.net>
>>>> wrote:
>>>>
>>>>> That triggered a memory about addressing on US cellular carriers, at
>>>>> least one of which does this.
>>>>>
>>>>> Then again, there is a claim that on those you may not get a prefix at
>>>>> all (just a single IP6 address), and if you do, often its a /64 with no PD.
>>>>>
>>>>> For security reasons, one of them has a rule to change the assigned
>>>>> IPv6 address space at least once every 4 hours.
>>>>>
>>>>>
>>>>> On 8/9/2024 9:33 PM, Brian E Carpenter wrote:
>>>>>
>>>>> On 10-Aug-24 11:34, Daryll Swer wrote:
>>>>>
>>>>>  > But I don't understand the statement "breaks SLAAC on the LAN". A
>>>>> change of prefix renumbers the LAN, but that doesn't break SLAAC, it just
>>>>> causes SLAAC to renumber everything. It will only break active sessions.
>>>>>
>>>>> It will break, on the host side, because they won't know to use the
>>>>> new prefix, until the pref/valid values expire.
>>>>>
>>>>>
>>>>> https://www.6connect.com/blog/is-your-isp-constantly-changing-the-delegated-ipv6-prefix-on-your-cpe-router/
>>>>>
>>>>>
>>>>> Thanks, yes, I knew that of course but the description of that as
>>>>> breaking SLAAC confused me. (When my ISP was changing prefixes after a CE
>>>>> power cut and reboot, the issue was masked by other effects of the power
>>>>> cut.)
>>>>>
>>>>> There's no reason to be promoting dynamic v6 prefixes, in addition to
>>>>> the SLAAC context, this makes it painful, for end-users to host anything at
>>>>> home, even basic SSH.
>>>>>
>>>>>
>>>>> I completely agree.
>>>>>
>>>>>    Brian
>>>>>
>>>>>
>>>>> *--*
>>>>> Best Regards
>>>>> Daryll Swer
>>>>> Website: daryllswer.com
>>>>> <https://mailtrack.io/l/8b190af15371d42cba28cde7db9581f1c207dde9?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=0564b87de4f69994>
>>>>> <https://mailtrack.io/l/8b190af15371d42cba28cde7db9581f1c207dde9?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=0564b87de4f69994>
>>>>>
>>>>>
>>>>> On Sat, 10 Aug 2024 at 04:56, Brian E Carpenter <
>>>>> brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>
>>>>> <brian.e.carpenter@gmail.com>> wrote:
>>>>>
>>>>>     [Public service announcement: as of now, I'm spam-filtering
>>>>> messages with 'Digest' subject headers.]
>>>>>
>>>>>     My ISP used to change my prefix whenever there was a power cut and
>>>>> the modem restarted. Now, it appears to be stable.
>>>>>
>>>>>     But I don't understand the statement "breaks SLAAC on the LAN". A
>>>>> change of prefix renumbers the LAN, but that doesn't break SLAAC, it just
>>>>> causes SLAAC to renumber everything. It will only break active sessions.
>>>>>
>>>>>     Regards
>>>>>          Brian
>>>>>
>>>>>     On 10-Aug-24 10:13, Ted Lemon wrote:
>>>>>      > In order to do this, they would have to not renew a previously
>>>>> assigned prefix. I think some German telecoms used to do this as a privacy
>>>>> message, but it was operationally very difficult because it doubled demand
>>>>> for prefixes.
>>>>>      >
>>>>>      > Where are you seeing this irl, and how does it happen?
>>>>>      >
>>>>>      > Op vr 9 aug 2024 om 15:08 schreef Daryll Swer <
>>>>> contact=40daryllswer.com@dmarc.ietf.org
>>>>> <mailto:40daryllswer.com@dmarc.ietf.org>
>>>>> <40daryllswer.com@dmarc.ietf.org> <
>>>>> mailto:40daryllswer.com@dmarc.ietf.org
>>>>> <40daryllswer.com@dmarc.ietf.org>
>>>>> <mailto:40daryllswer.com@dmarc.ietf.org>
>>>>> <40daryllswer.com@dmarc.ietf.org>>>
>>>>>      >
>>>>>      >     Tim, is there something we can do to encourage not only
>>>>> "more than a /64", but also encourage "static ia_pd to ensure the customer
>>>>> will not experience broken IPv6 connectivity due to ever changing
>>>>> prefixes".
>>>>>      >
>>>>>      >     Too many ISPs out there do dynamic IPs and breaks SLAAC on
>>>>> the LAN.
>>>>>      >
>>>>>      >     I feel this draft could be a powerful tool, in the hands of
>>>>> the end user to get these ISPs doing the right way of IPv6 more often.
>>>>>      >
>>>>>      >     --
>>>>>      >     Sent from my iPhone
>>>>>      >
>>>>>      >
>>>>>      >     On Fri, 9 Aug 2024 at 7:37 PM, Timothy Winters <
>>>>> tim@qacafe.com <mailto:tim@qacafe.com> <tim@qacafe.com> <
>>>>> mailto:tim@qacafe.com <tim@qacafe.com> <mailto:tim@qacafe.com>
>>>>> <tim@qacafe.com>>> wrote:
>>>>>      >
>>>>>      >         Yes.  I've seen several instances of /64 being used for
>>>>> container networks on CPEs.
>>>>>      >
>>>>>      >         ~Tim
>>>>>      >
>>>>>      >         On Fri, Aug 9, 2024 at 9:38 AM The Multach's <
>>>>> jmultach@swbell.net <mailto:jmultach@swbell.net> <jmultach@swbell.net>
>>>>> <mailto:jmultach@swbell.net <jmultach@swbell.net>
>>>>> <mailto:jmultach@swbell.net> <jmultach@swbell.net>>> wrote:
>>>>>      >
>>>>>      >             So are these considered a LAN link prefix
>>>>> assignment under 7084 L2:
>>>>>      >
>>>>>      >             - Assignment of a /64 prefix for internal IPv6
>>>>> communication between a
>>>>>      >             primary SoC and a secondary chip (e.g., a Wi-Fi
>>>>> chip which uses IPv6).
>>>>>      >
>>>>>      >             - Assignment of a /64 prefix for usage by an
>>>>> internal container or VM.
>>>>>      >
>>>>>      >
>>>>>      >             On 8/9/2024 7:56 AM, Timothy Winters wrote:
>>>>>      >              >
>>>>>      >              >
>>>>>      >              > On Thu, Aug 8, 2024 at 10:58 PM The Multach's <
>>>>> jmultach@swbell.net <mailto:jmultach@swbell.net> <jmultach@swbell.net>
>>>>> <mailto:jmultach@swbell.net <jmultach@swbell.net>
>>>>> <mailto:jmultach@swbell.net> <jmultach@swbell.net>>> wrote:
>>>>>      >              >
>>>>>      >              >     The following, while being user focused,
>>>>> fails to take into
>>>>>      >              >     account that
>>>>>      >              >     some of those prefixes may be used
>>>>> internally (or reserved for
>>>>>      >              >     internal
>>>>>      >              >     use) by the CPE or for ISP purposes and not
>>>>> assignable:
>>>>>      >              >
>>>>>      >              >     "SHOULD" (or an elongated exception for the
>>>>> above) would be more
>>>>>      >              >     appropriate.
>>>>>      >              >
>>>>>      >              >     LPD-4: After LAN link prefix assignment the
>>>>> IPv6 CE Router MUST
>>>>>      >              >     make the
>>>>>      >              >     remaining IPv6 prefixes available to other
>>>>> routers via Prefix
>>>>>      >              >     Delegation.
>>>>>      >              >
>>>>>      >              > I think this covers that case.   After local
>>>>> assignment, unused
>>>>>      >              > prefixes MUST be made available.
>>>>>      >              > LPD-2:  The IPv6 CE Router MUST assign a prefix
>>>>> from the delegated
>>>>>      >              >            prefix as specified by L-2 [RFC7084].
>>>>>      >              >
>>>>>      >              > 7084
>>>>>      >              >    L-2:   The IPv6 CE router MUST assign a
>>>>> separate /64 from its
>>>>>      >              >           delegated prefix(es) (and ULA prefix
>>>>> if configured to provide
>>>>>      >              >           ULA addressing) for each of its LAN
>>>>> interfaces.
>>>>>      >              >
>>>>>      >              >
>>>>>      >              >
>>>>>  _______________________________________________
>>>>>      >              >     v6ops mailing list -- v6ops@ietf.org
>>>>> <mailto:v6ops@ietf.org> <v6ops@ietf.org> <mailto:v6ops@ietf.org
>>>>> <v6ops@ietf.org> <mailto:v6ops@ietf.org> <v6ops@ietf.org>>
>>>>>      >              >     To unsubscribe send an email to
>>>>> v6ops-leave@ietf.org <mailto:v6ops-leave@ietf.org>
>>>>> <v6ops-leave@ietf.org> <mailto:v6ops-leave@ietf.org
>>>>> <v6ops-leave@ietf.org> <mailto:v6ops-leave@ietf.org>
>>>>> <v6ops-leave@ietf.org>>
>>>>>      >              >
>>>>>      >
>>>>>      >         _______________________________________________
>>>>>      >         v6ops mailing list -- v6ops@ietf.org
>>>>> <mailto:v6ops@ietf.org> <v6ops@ietf.org> <mailto:v6ops@ietf.org
>>>>> <v6ops@ietf.org> <mailto:v6ops@ietf.org> <v6ops@ietf.org>>
>>>>>      >         To unsubscribe send an email to v6ops-leave@ietf.org
>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org> <
>>>>> mailto:v6ops-leave@ietf.org <v6ops-leave@ietf.org>
>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org>>
>>>>>      >
>>>>>      >     45efe8dfc775213ded0fc41c7d84ccccb0d6aa20
>>>>> _______________________________________________
>>>>>      >     v6ops mailing list -- v6ops@ietf.org
>>>>> <mailto:v6ops@ietf.org> <v6ops@ietf.org> <mailto:v6ops@ietf.org
>>>>> <v6ops@ietf.org> <mailto:v6ops@ietf.org> <v6ops@ietf.org>>
>>>>>      >     To unsubscribe send an email to v6ops-leave@ietf.org
>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org> <
>>>>> mailto:v6ops-leave@ietf.org <v6ops-leave@ietf.org>
>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org>>
>>>>>      >
>>>>>      >
>>>>>      > _______________________________________________
>>>>>      > v6ops mailing list -- v6ops@ietf.org <mailto:v6ops@ietf.org>
>>>>> <v6ops@ietf.org>
>>>>>      > To unsubscribe send an email to v6ops-leave@ietf.org
>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org>
>>>>>
>>>>> _______________________________________________
>> v6ops mailing list -- v6ops@ietf.org
>> To unsubscribe send an email to v6ops-leave@ietf.org
>>
>