IETF Logo Mail Archive

Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-01.txt

Ed Horley <ed@hexabuild.io> Tue, 17 May 2022 14:36 UTC

Return-Path: <ed@hexabuild.io>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AB4FC14F734 for <v6ops@ietfa.amsl.com>; Tue, 17 May 2022 07:36:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.643
X-Spam-Level:
X-Spam-Status: No, score=-5.643 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hexabuild-io.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uajco2g75Y4C for <v6ops@ietfa.amsl.com>; Tue, 17 May 2022 07:36:39 -0700 (PDT)
Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com [IPv6:2a00:1450:4864:20::233]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17255C15952A for <v6ops@ietf.org>; Tue, 17 May 2022 07:36:38 -0700 (PDT)
Received: by mail-lj1-x233.google.com with SMTP id g16so22024091lja.3 for <v6ops@ietf.org>; Tue, 17 May 2022 07:36:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hexabuild-io.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Gk3xO+HKK+dFmZSx9Tn/nELRAs85juVPTI2UxzI7W9o=; b=BVuS0eo7+1dYUSQbfpmff83RsfZR1xyXf17TkwD6eyA4zVB1AThU9mgT4V5cTjc6YL mqbA81VU8yBUeIvJQBidkBtX3bxOLUjKVzfUm1pf7HnetoY+LlJG1ncVC2xOY+w9uiL0 1agsOufYLntPbUc5gaaIB33IwahQXIyFsbzRSZmYD8AACYlRDwbtIj6eLHNiDXpw6EYS d2vZN4ePMDfglmnypYbJiMqZENl5vZWDDwIllaHujrm5aEaLg1N/l+Weliaf/EPtUUJm cQKSwFV2D2duW+TzSYGfxyDLqOkgYGHCOU/UkwSwjLBSFKKe776pBENZRjR/5NLLvs2i uLgA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Gk3xO+HKK+dFmZSx9Tn/nELRAs85juVPTI2UxzI7W9o=; b=g6AET1T8bOmH6v7raSem5InBlZERNUwuY9pIpVx/K4dosg1SiZzuMND+zCZGGKmut4 jdlEf1a2y9HKSK6IYh6EtJfrzLhktLIFB0oPTzGRcr1cSM1zMSAn1use1peNNmtiga8M 6M9TpHoBU19MO+E0vClgri37seR1bISDTBYz+g7F9gwJkpFP7AN1ZlJn3fTJy+AKi2VC Yucz25xsmlIHryfK6txqEE+BuT1BsxCUqsh2IBgwqLl5hdM6Ke0Zyno93GmcivmQMaD5 /QrCW1EeriFf50Og2NppY+0980BNS+/UDFS3hOYOU1zZQUmQ6OQm9ha9ZDYACNysBUSR N8jQ==
X-Gm-Message-State: AOAM532DDAESHrbX90JRBvyLZTcRdwVK9NaS1TUJqkBrpZJemfwkHR5c JRT7vgvjDRUR3+BPyxoqNF07u+YOzS2+o/WKJYehvA==
X-Google-Smtp-Source: ABdhPJwWhNXEwWdJ8EOUwvLP6N2F2nLLR6N1VfAwinGMzW2woJAr3JpNlIY0q+7BhlOW2sx/WFJzUFuazfB8gzaCfuk=
X-Received: by 2002:a2e:508:0:b0:24f:189b:4100 with SMTP id 8-20020a2e0508000000b0024f189b4100mr14872455ljf.405.1652798196643; Tue, 17 May 2022 07:36:36 -0700 (PDT)
MIME-Version: 1.0
References: <165064500009.9969.16134230557484818454@ietfa.amsl.com> <87aa5bcf-05cf-d170-1efb-d9caa6b48e6c@gmail.com> <CAM5+tA8P1iSwYArY_Qch=AiA4kw7m=ajHjKjeB5KmHgbeU8MHg@mail.gmail.com> <CAE=N4xecVTZL5dGwn4pQNtkubE_Y4a6dFdD4Wx5MCYX7yWUA8A@mail.gmail.com> <cfb9bf48-4d8e-0549-bc7b-dabd46f34b95@gmail.com>
In-Reply-To: <cfb9bf48-4d8e-0549-bc7b-dabd46f34b95@gmail.com>
From: Ed Horley <ed@hexabuild.io>
Date: Tue, 17 May 2022 07:36:25 -0700
Message-ID: <CAE=N4xf-j1gtuWJqsytBmgtgyS8FX-0=ux3_ZAMF+XtBAo9gUQ@mail.gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: Nicholas Buraglio <buraglio@es.net>, IPv6 Operations <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000065915f05df361186"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/LCkqP8N8smJIpafdvCX_f0Ven4Y>
Subject: Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-01.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 May 2022 14:36:43 -0000

Thanks, Brian, anything specific Nick, myself, and others can do around
helping to document the problem space better? Maybe jump on a working
call/session to chat through it?

On Mon, May 16, 2022 at 10:47 PM Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> Ed,
>
> This is a topic where the WG basically failed some years ago, by being
> unable to reach a consensus around
> draft-ietf-v6ops-ula-usage-recommendations. I still think that is
> unfortunate, but at least we need to agree on the problem space and what
> needs to be fixed. Whether Nick's draft needs to be either adopted or
> published as an RFC isn't clear yet, but I think it's very important to
> document the problem space first. So I'd say we should encourage the draft
> & its author for a little longer, before deciding
> about adoption.
>
> Regards
>     Brian
>
> On 17-May-22 07:01, Ed Horley wrote:
> > I was curious what the process is for moving this to v6ops WG draft? I
> know several folks have requested this, sorry for my ignorance on the
> matter. I feel it wouldn't it make sense to get that done given that Brian
> and others are working on issues for RFC 6724 and there seems to be more
> discussion around the ULA topic in general. Thoughts?
> > - Ed
> >
> > On Tue, May 10, 2022 at 9:01 AM Nick Buraglio <buraglio@es.net <mailto:
> buraglio@es.net>> wrote:
> >
> >     I added some additional verbiage based on your suggestions and
> addressed the NIT.
> >
> >     nb
> >
> >     On Sun, May 8, 2022 at 6:23 PM Brian E Carpenter <
> brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>> wrote:
> >
> >         Hi,
> >
> >         Thanks for this draft. I have a few comments (and a tiny nit at
> the end).
> >
> >          >  The core issue is the stated interpretation from gai.conf
> that has the following default:
> >          >
> >          > #scopev4  <mask> <value>
> >          > #    Add another rule to the RFC 6724 scope table for IPv4
> addresses.
> >
> >
> >         I'm not sure why this matters. RFC6724 is quite correct to
> indicate that
> >         most IPv4 unicast addresses formally have global scope, but
> auto-config
> >         and loopback addresses have link-local scope. IPv6 is pretty
> much the
> >         same, and in particular ULAs have *global scope* even though
> they are
> >         not globally reachable. RFC1918 addresses are identical to ULAs
> in
> >         that respect.
> >
> >         Citing RFC4291 and
> https://www.rfc-editor.org/rfc/rfc8190.html#section-2.1 <
> https://www.rfc-editor.org/rfc/rfc8190.html#section-2.1>
> >         would clarify the difference between global scope
> (architectural) and
> >         globally reachable (practical). What we care about here is
> whether an
> >         address is globally reachable ("no" for both RFC1918 and ULA,
> although
> >         they are both architecturally global). Unfortunately this
> distinction is
> >         lacking in the description of gai.conf and, I suspect, in the
> code of
> >         Linux getaddrinfo().
> >
> >
> >         What I think is lacking in the draft is an explanation of how
> >         getaddrinfo() works and why it matters. Here's a walkthrough that
> >         I hope will help clarify what I mean:
> >
> >         Consider an end-user network with the following properties:
> >
> >         It is dual stacked.
> >         It uses 10.1.0.0/16 <
> https://streaklinks.com/BCrgR95yMi36cGo4vgrfW-nn/http%3A%2F%2F10.1.0.0%2F16>
> (NATted to the Internet).
> >         It uses (or wants to use)  fdee:face:fade::/48 for internal IPv6.
> >         It uses 2001:db8:fade::/48 for external IPv6
> >
> >         We'll neglect for now whether it has a subnet structure. It
> shouldn't
> >         matter.
> >
> >         Consider a host user.mynet.example.com <
> http://user.mynet.example.com>, a local server printer.mynet.example.com <
> http://printer.mynet.example.com>,
> >         and a remote server www.theirnet.example.com <
> http://www.theirnet.example.com>. Assume they have these various
> >         addresses:
> >
> >         user.mynet.example.com <http://user.mynet.example.com> has:
> >
> >         10.1.0.1
> >         fdee:face:fade::1
> >         2001:db8:fade::1
> >
> >         printer.mynet.example.com <http://printer.mynet.example.com>
> has:
> >
> >         10.1.0.10  (A record in local DNS)
> >         fdee:face:fade::a  (AAAA record in local DNS)
> >
> >         www.theirnet.example.com <http://www.theirnet.example.com> has:
> >
> >         192.0.2.15  (A record in global DNS)
> >         2001:db8:cafe::f  (AAAA record in global DNS)
> >
> >         What do we *want* to happen?
> >
> >         If user opens a connection to printer, we want it to choose
> >         SA = fdee:face:fade::1
> >         DA = fdee:face:fade::a
> >
> >         If user opens a connection to www, we want it to choose
> >         SA = 2001:db8:fade::1
> >         DA = 2001:db8:cafe::f
> >
> >         Now, if user does a DNS lookup, via getaddrinfo(), the results
> >         will look like this (in the Python universe):
> >
> >         For printer:
> >
> >         (<AddressFamily.AF_INET: 2>, 0, 0, '', ('10.1.0.10', 0))
> >         (<AddressFamily.AF_INET6: 23>, 0, 0, '', ('fdee:face:fade::a',
> 0, 0, 0))
> >
> >         For www:
> >
> >         (<AddressFamily.AF_INET6: 23>, 0, 0, '', ('2001:db8:cafe::f', 0,
> 0, 0))
> >         (<AddressFamily.AF_INET: 2>, 0, 0, '', ('192.0.2.15', 0))
> >
> >         At this point, consider what RFC6724 says:
> >
> >              As a consequence, we intend that implementations
> of APIs such as
> >              getaddrinfo() will use the destination address selection
> algorithm
> >              specified here to sort the list of IPv6 and IPv4
> addresses that they
> >              return.  Separately, the IPv6 network layer
> will use the source
> >              address selection algorithm when an application or upper
> layer has
> >              not specified a source address.
> >
> >         Thus, to get the desired behaviour, what matters is destination
> >         address selection: if we select DA = fdee:face:fade::a, then the
> >         ULA source address will follow.
> >
> >         Of course this is a small matter of programming, and most
> programmers
> >         just pick the first address. That's why we need the Section 10.6
> >         mechanism of RFC6724, to insert an appropriate precedence like
> >
> >              fdee:face:fade::/48 45 14
> >
> >         which will prioritize local use of ULAs but will change nothing
> >         for off-site access.
> >
> >         At that point in my thinking, I started coding the program that
> >         I posted yesterday.
> >
> >         Nit:
> >
> >         s/gai.cnf/gai.conf/
> >
> >         Regards
> >              Brian
> >
> >         _______________________________________________
> >         v6ops mailing list
> >         v6ops@ietf.org <mailto:v6ops@ietf.org>
> >         https://www.ietf.org/mailman/listinfo/v6ops <
> https://www.ietf.org/mailman/listinfo/v6ops>
> >
> >     ᐧ
> >     _______________________________________________
> >     v6ops mailing list
> >     v6ops@ietf.org <mailto:v6ops@ietf.org>
> >     https://www.ietf.org/mailman/listinfo/v6ops <
> https://www.ietf.org/mailman/listinfo/v6ops>
> >
> >
> >
> > --
> > Ed Horley
> > ed@hexabuild.io <mailto:ed@hexabuild.io>| (925) 876-6604
> > Advancing Cloud, IoT, and Security with IPv6
> > https://hexabuild.io <https://hexabuild.io/>
> > And check out the IPv6 Buzz Podcast at
> https://packetpushers.net/series/ipv6-buzz/ <
> https://packetpushers.net/series/ipv6-buzz/>
>
>

-- 
Ed Horley
ed@hexabuild.io | (925) 876-6604
Advancing Cloud, IoT, and Security with IPv6
https://hexabuild.io
And check out the IPv6 Buzz Podcast at
https://packetpushers.net/series/ipv6-buzz/

v2.23.0 | Report a Bug | By Email