Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)

Ted Lemon <mellon@fugue.com> Fri, 08 January 2021 02:54 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 931B93A0813 for <v6ops@ietfa.amsl.com>; Thu, 7 Jan 2021 18:54:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 06WcTR2cEoHu for <v6ops@ietfa.amsl.com>; Thu, 7 Jan 2021 18:54:47 -0800 (PST)
Received: from mail-io1-xd34.google.com (mail-io1-xd34.google.com [IPv6:2607:f8b0:4864:20::d34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EF3E3A00D8 for <v6ops@ietf.org>; Thu, 7 Jan 2021 18:54:42 -0800 (PST)
Received: by mail-io1-xd34.google.com with SMTP id m23so8407994ioy.2 for <v6ops@ietf.org>; Thu, 07 Jan 2021 18:54:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=i6mskdowgp5qEBZVis9gn+86uBTV0O13lViUq0qbFcw=; b=XwmvzTfHEwKYf7TxyB9jMeHIP9KEY96a5RHTTD52m9eE5+ifhQYZZdyLZNqf+lFeSV t9zdWATX9cwJl2C++CXDN1sp7aRr6UT7ZhZ8SgmxjnO+AYOkvLfUajcnNkWOnUA9cftq BQVdU0HCbs3ffDEDVY2Mx+E8MC84GV8joQatSBovAGnK0JxQk9nNC8KNZkcXO3EZ0Gp6 oIx2aJ5mTy8Xi5FvqJa0k7Pf/6bRyy8n2icGZmPyqRrdJZfbtBppc2qSv7KrQGjyji7m 9Ko5Oyz9nd+karrXvrhySJnKM4RegC/ky2qOPlFSAWVn0MZM/LeKQINsWz4KM1wMUieG XdlA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=i6mskdowgp5qEBZVis9gn+86uBTV0O13lViUq0qbFcw=; b=kphSSlut7d9L1F7nnpFmLf/7lvvVrCISJSPvydSnm5ZqgbBz/5t8Hgv1FlFg5FxUcr yH4qK8Rb7qneE/TMEl+8Snj37XJCpkyMFXRLg/3yjEelWOb0afFUQ2ZVTiuNpgnqzUuk UQJUNg7jX3uyeEIOkY3bOTjpOEd4mxqN3uv/OLKoDA6fYdjIOLjPA+krDURs8Jjs55B1 c20NHH+/0SsCHnqwPmsrgZiyTnnkh9PWkQPWSETMfzSFcunaM8tWcl1T885INz12MkNH /ha8EEwKng39TlCsH01yrh/Uz9GYfOjOAb2NNe80Ki6V31BZ0nmZsyXKjoIGZctP+YbV ZqLA==
X-Gm-Message-State: AOAM5320skStUGwEKG+VZqcs9L+A9WHm0/da8rpUrumAGTI9WNpIig8j 6bhfTSdEULeqSSoqyGMCbU7Ybx6wXczmpg==
X-Google-Smtp-Source: ABdhPJy8B6oNpZYhRLvBEWjnxB50XGHjFVmRFG4TD+SWPP71VBiUh0Iq/ty1kqXuu8Z5Hp5gd5CSow==
X-Received: by 2002:a02:b70d:: with SMTP id g13mr1522504jam.46.1610074481267; Thu, 07 Jan 2021 18:54:41 -0800 (PST)
Received: from [192.168.4.114] (c-24-91-177-160.hsd1.ma.comcast.net. [24.91.177.160]) by smtp.gmail.com with ESMTPSA id b6sm5796953ilv.79.2021.01.07.18.54.40 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 07 Jan 2021 18:54:40 -0800 (PST)
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
From: Ted Lemon <mellon@fugue.com>
Mime-Version: 1.0 (1.0)
Date: Thu, 7 Jan 2021 21:54:39 -0500
Message-Id: <537EBE5A-6554-4904-8701-03940C914FE3@fugue.com>
References: <E3625337-3A59-4F0A-9EEE-EC8F6B39C965@isc.org>
Cc: Philip Homburg <pch-ipv6-ietf-7@u-1.phicoh.com>, IPv6 Operations <v6ops@ietf.org>, IPv6 List <ipv6@ietf.org>
In-Reply-To: <E3625337-3A59-4F0A-9EEE-EC8F6B39C965@isc.org>
To: Mark Andrews <marka@isc.org>
X-Mailer: iPhone Mail (18E118)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/JWQjWY8pHXpPWyjnBVQogb6-CnI>
Subject: Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jan 2021 02:54:58 -0000

Right. That’s how you do it. And then what happens with the topology changes?  The random ids are no longer referring to the same links. Solving this problem adequately is way more work than it’s worth. The thrashing in the database would be brutal. 

> On Jan 7, 2021, at 21:48, Mark Andrews <marka@isc.org> wrote:
> 
> 
> 
>> On 8 Jan 2021, at 13:04, Ted Lemon <mellon@fugue.com> wrote:
>> 
>>> On Jan 7, 2021, at 9:02 PM, Mark Andrews <marka@isc.org> wrote:
>>> The example names I used where using the individuals suffix (id.au) but the idea is to leverage the existing global DNS to provide uniqueness. 
>> 
>> That works pretty well for ULAs, but not for LLAs. For LLAs you need to identify the link, and that’s just not a simple thing to do, as I explained earlier.
> 
> Actually you haven’t explained.  You have stated.  You said it was hard.  Hard is not intractable.
> 
> If you are willing for a link to have multiple names just have reach router generate its own random 160 bit base32 encoded label for each interface, append the well know suffix and advertise it.  You will get multiple SA records for the same interface if there are multiple routers but that should not be a issue.  With 160 random bits the need to do collision detection is really non-existent.  We’ve resolved this for NSEC3 and DNS changes 15 years ago.  This will scale into millions of router interfaces.
> 
> If you want to have a single link name then we need to define a protocol for the routers on the link to select one of the names.  This may end up being technology linked.  Router with smallest L-L address wins would be one solution to this.
> 
> Yes, I really do expect every machine to update its own addresses in the DNS.  We do know how to do that securely with SIG(0).
> 
> 
> -- 
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742              INTERNET: marka@isc.org
>