IETF Logo Mail Archive

Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-01.txt

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 17 May 2022 05:47 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93FDBC079B2F for <v6ops@ietfa.amsl.com>; Mon, 16 May 2022 22:47:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.712
X-Spam-Level:
X-Spam-Status: No, score=-2.712 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-1.857, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eRGC7mKOI0jw for <v6ops@ietfa.amsl.com>; Mon, 16 May 2022 22:47:53 -0700 (PDT)
Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E4E4C1D4662 for <v6ops@ietf.org>; Mon, 16 May 2022 22:47:53 -0700 (PDT)
Received: by mail-pj1-x102b.google.com with SMTP id z7-20020a17090abd8700b001df78c7c209so1446150pjr.1 for <v6ops@ietf.org>; Mon, 16 May 2022 22:47:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=DBIUp+e3f92OTu7H5uDyhx3RAbyGZ+RfGudryDw/YkI=; b=ipm/ioY/2PdpzTmPVwZ7yMX6Wj97hZ2qlEM5pMoMIdNpKFCt529IFEwcSxqqNZ7NCi lHsi9tZ++93zZsNNbyvPoXMtZ145yfcFsVAo5UoHRaCNWXY/GiKpzvUC5Li3Qhz/dCrS BrLX/BEF0inkYF57Nz1MM2sfbAGrYfUiVNmW0VqDpYgaqPTCY1C+2bp6b40EbJW4Dyi7 IUhVSZulFdIp2hMHgPDeVfdUHIOZM6fFXlli0wnY/mT8eBJLkK0aHzxZePhtzjYJdEOx 0CutbR50nCPzLsXBDIbx1AnlM4yUEY0daTqz3tAF/gQp+hEYuUenz/keXu/1oO09sY7b ILhg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=DBIUp+e3f92OTu7H5uDyhx3RAbyGZ+RfGudryDw/YkI=; b=CIVWSt/1T78p2Y/iGsTg0gvWvC9j4TBLJzFXsWN3ZZLKsxq7Aeb3KewWNAyCu4A4Bs RymEZpROqVt2Ykt8EvMwU8kkPv+c0l630KBmKbj/4T+n53s6sl7Tb7kmZbgLbc9J2+1E NlMP6bDa9F1FIBvREwCXHx4Tj5Y2uIsxMiG+K2yVuBpxmi7vjERFt0hvXwdFg6u8Sapw heAwT90QBjD/dqZofYXjtYY+uKJjmDoirwkPWxkVAbUYfKj1bkKab0AGVV8R/Qi6UraA QFLDi0qbaS5B8XsqCHGeTsMEf2pfU4FDiQXcwkhuy6qft5SG9eA1PQdKww318whypFYJ LoHA==
X-Gm-Message-State: AOAM532hImAPRlUoP59Z5551DmTM8uK3o1uSIpUlLnuKbBdEoznGt0A4 0CQ+GDls/5EGN0UjrlMj0eKA6e6Y3Z90rA==
X-Google-Smtp-Source: ABdhPJwzBMnyhp1oe1+Lpto65yEtkG3arjVUBUiyfYUafuivbBrPXCTiGXvaDDFgycWOjQo2QnlcHQ==
X-Received: by 2002:a17:902:b495:b0:15f:2a7b:b9d2 with SMTP id y21-20020a170902b49500b0015f2a7bb9d2mr21304657plr.20.1652766472348; Mon, 16 May 2022 22:47:52 -0700 (PDT)
Received: from ?IPv6:2406:e003:1005:b501:80b2:5c79:2266:e431? ([2406:e003:1005:b501:80b2:5c79:2266:e431]) by smtp.gmail.com with ESMTPSA id w2-20020a62c702000000b0050dc762815fsm7905058pfg.57.2022.05.16.22.47.49 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 16 May 2022 22:47:51 -0700 (PDT)
To: Ed Horley <ed@hexabuild.io>, Nicholas Buraglio <buraglio@es.net>
Cc: IPv6 Operations <v6ops@ietf.org>
References: <165064500009.9969.16134230557484818454@ietfa.amsl.com> <87aa5bcf-05cf-d170-1efb-d9caa6b48e6c@gmail.com> <CAM5+tA8P1iSwYArY_Qch=AiA4kw7m=ajHjKjeB5KmHgbeU8MHg@mail.gmail.com> <CAE=N4xecVTZL5dGwn4pQNtkubE_Y4a6dFdD4Wx5MCYX7yWUA8A@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <cfb9bf48-4d8e-0549-bc7b-dabd46f34b95@gmail.com>
Date: Tue, 17 May 2022 17:47:47 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.0
MIME-Version: 1.0
In-Reply-To: <CAE=N4xecVTZL5dGwn4pQNtkubE_Y4a6dFdD4Wx5MCYX7yWUA8A@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/I7MpdxEn-c327hfK1CIexUevOfo>
Subject: Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-01.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 May 2022 05:47:57 -0000

Ed,

This is a topic where the WG basically failed some years ago, by being unable to reach a consensus around draft-ietf-v6ops-ula-usage-recommendations. I still think that is unfortunate, but at least we need to agree on the problem space and what needs to be fixed. Whether Nick's draft needs to be either adopted or published as an RFC isn't clear yet, but I think it's very important to document the problem space first. So I'd say we should encourage the draft & its author for a little longer, before deciding 
about adoption.

Regards
    Brian

On 17-May-22 07:01, Ed Horley wrote:
> I was curious what the process is for moving this to v6ops WG draft? I know several folks have requested this, sorry for my ignorance on the matter. I feel it wouldn't it make sense to get that done given that Brian and others are working on issues for RFC 6724 and there seems to be more discussion around the ULA topic in general. Thoughts?
> - Ed
> 
> On Tue, May 10, 2022 at 9:01 AM Nick Buraglio <buraglio@es.net <mailto:buraglio@es.net>> wrote:
> 
>     I added some additional verbiage based on your suggestions and addressed the NIT.
> 
>     nb
> 
>     On Sun, May 8, 2022 at 6:23 PM Brian E Carpenter <brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>> wrote:
> 
>         Hi,
> 
>         Thanks for this draft. I have a few comments (and a tiny nit at 
the end).
> 
>          >  The core issue is the stated interpretation from gai.conf that has the following default:
>          >
>          > #scopev4  <mask> <value>
>          > #    Add another rule to the RFC 6724 scope table for IPv4 addresses.
> 
> 
>         I'm not sure why this matters. RFC6724 is quite correct to indicate that
>         most IPv4 unicast addresses formally have global scope, but auto-config
>         and loopback addresses have link-local scope. IPv6 is pretty much the
>         same, and in particular ULAs have *global scope* even though they are
>         not globally reachable. RFC1918 addresses are identical to ULAs 
in
>         that respect.
> 
>         Citing RFC4291 and https://www.rfc-editor.org/rfc/rfc8190.html#section-2.1 <https://www.rfc-editor.org/rfc/rfc8190.html#section-2.1>
>         would clarify the difference between global scope (architectural) and
>         globally reachable (practical). What we care about here is whether an
>         address is globally reachable ("no" for both RFC1918 and ULA, although
>         they are both architecturally global). Unfortunately this distinction is
>         lacking in the description of gai.conf and, I suspect, in the code of
>         Linux getaddrinfo().
> 
> 
>         What I think is lacking in the draft is an explanation of how
>         getaddrinfo() works and why it matters. Here's a walkthrough that
>         I hope will help clarify what I mean:
> 
>         Consider an end-user network with the following properties:
> 
>         It is dual stacked.
>         It uses 10.1.0.0/16 <https://streaklinks.com/BCrgR95yMi36cGo4vgrfW-nn/http%3A%2F%2F10.1.0.0%2F16> (NATted to the Internet).
>         It uses (or wants to use)  fdee:face:fade::/48 for internal IPv6.
>         It uses 2001:db8:fade::/48 for external IPv6
> 
>         We'll neglect for now whether it has a subnet structure. It shouldn't
>         matter.
> 
>         Consider a host user.mynet.example.com <http://user.mynet.example.com>, a local server printer.mynet.example.com <http://printer.mynet.example.com>,
>         and a remote server www.theirnet.example.com <http://www.theirnet.example.com>. Assume they have these various
>         addresses:
> 
>         user.mynet.example.com <http://user.mynet.example.com> has:
> 
>         10.1.0.1
>         fdee:face:fade::1
>         2001:db8:fade::1
> 
>         printer.mynet.example.com <http://printer.mynet.example.com> has:
> 
>         10.1.0.10  (A record in local DNS)
>         fdee:face:fade::a  (AAAA record in local DNS)
> 
>         www.theirnet.example.com <http://www.theirnet.example.com> has:
> 
>         192.0.2.15  (A record in global DNS)
>         2001:db8:cafe::f  (AAAA record in global DNS)
> 
>         What do we *want* to happen?
> 
>         If user opens a connection to printer, we want it to choose
>         SA = fdee:face:fade::1
>         DA = fdee:face:fade::a
> 
>         If user opens a connection to www, we want it to choose
>         SA = 2001:db8:fade::1
>         DA = 2001:db8:cafe::f
> 
>         Now, if user does a DNS lookup, via getaddrinfo(), the results
>         will look like this (in the Python universe):
> 
>         For printer:
> 
>         (<AddressFamily.AF_INET: 2>, 0, 0, '', ('10.1.0.10', 0))
>         (<AddressFamily.AF_INET6: 23>, 0, 0, '', ('fdee:face:fade::a', 0, 0, 0))
> 
>         For www:
> 
>         (<AddressFamily.AF_INET6: 23>, 0, 0, '', ('2001:db8:cafe::f', 0, 0, 0))
>         (<AddressFamily.AF_INET: 2>, 0, 0, '', ('192.0.2.15', 0))
> 
>         At this point, consider what RFC6724 says:
> 
>              As a consequence, we intend that implementations 
of APIs such as
>              getaddrinfo() will use the destination address selection algorithm
>              specified here to sort the list of IPv6 and IPv4 
addresses that they
>              return.  Separately, the IPv6 network layer 
will use the source
>              address selection algorithm when an application or upper layer has
>              not specified a source address.
> 
>         Thus, to get the desired behaviour, what matters is destination
>         address selection: if we select DA = fdee:face:fade::a, then the
>         ULA source address will follow.
> 
>         Of course this is a small matter of programming, and most programmers
>         just pick the first address. That's why we need the Section 10.6
>         mechanism of RFC6724, to insert an appropriate precedence like
> 
>              fdee:face:fade::/48 45 14
> 
>         which will prioritize local use of ULAs but will change nothing
>         for off-site access.
> 
>         At that point in my thinking, I started coding the program that
>         I posted yesterday.
> 
>         Nit:
> 
>         s/gai.cnf/gai.conf/
> 
>         Regards
>              Brian
> 
>         _______________________________________________
>         v6ops mailing list
>         v6ops@ietf.org <mailto:v6ops@ietf.org>
>         https://www.ietf.org/mailman/listinfo/v6ops <https://www.ietf.org/mailman/listinfo/v6ops>
> 
>     ᐧ
>     _______________________________________________
>     v6ops mailing list
>     v6ops@ietf.org <mailto:v6ops@ietf.org>
>     https://www.ietf.org/mailman/listinfo/v6ops <https://www.ietf.org/mailman/listinfo/v6ops>
> 
> 
> 
> -- 
> Ed Horley
> ed@hexabuild.io <mailto:ed@hexabuild.io>| (925) 876-6604
> Advancing Cloud, IoT, and Security with IPv6
> https://hexabuild.io <https://hexabuild.io/>
> And check out the IPv6 Buzz Podcast at https://packetpushers.net/series/ipv6-buzz/ <https://packetpushers.net/series/ipv6-buzz/>

v2.23.0 | Report a Bug | By Email