IETF Logo Mail Archive

Re: [v6ops] I-D Action: draft-ietf-v6ops-unique-ipv6-prefix-per-host-07.txt

Mark Smith <markzzzsmith@gmail.com> Thu, 10 August 2017 01:25 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D57E1324EF for <v6ops@ietfa.amsl.com>; Wed, 9 Aug 2017 18:25:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.197
X-Spam-Level:
X-Spam-Status: No, score=-2.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id atcfumGttV-H for <v6ops@ietfa.amsl.com>; Wed, 9 Aug 2017 18:25:20 -0700 (PDT)
Received: from mail-vk0-x22b.google.com (mail-vk0-x22b.google.com [IPv6:2607:f8b0:400c:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 878D11324E7 for <v6ops@ietf.org>; Wed, 9 Aug 2017 18:25:20 -0700 (PDT)
Received: by mail-vk0-x22b.google.com with SMTP id d124so31931250vkf.2 for <v6ops@ietf.org>; Wed, 09 Aug 2017 18:25:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=R4X+W2wkCk+38ipAx3TCVtDFBxSdOpt1fzYJIR9TLNM=; b=t3Eo/ImfJAjcXWRK8+NT2/v2+MZQALW4jknxq4kiRnMKPze800Q1RWuE0DoVDUyIc3 FlTYeU5EgIofBLwE2dwOMO94GDp2WYH+catGVVBr0Rcy+g1Ba/no0RpGhTMNA8bxzwqV c/ccOwEg0fvI/rGrOX2KVpeMFiyTqHarX9SdMF7A3NVBl4OUrrLaSMrjDE74KiPYfEZg WythHiJOkbcOiGFp6YVTWnFcIyCNswmp2n+HDgVyMXkIdCMBWG/78hfdXFRUuxrZWybq gyRjMpCBL6G7iWbtCRi8YdG//WPuWusYJMEzb/SXYEJFVqSMAcjzusA5zt9jhiAa/u3B qD6g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=R4X+W2wkCk+38ipAx3TCVtDFBxSdOpt1fzYJIR9TLNM=; b=IOpyA6AVNpdY6NGzrQ1JpM+rqiK6V4dJqYL7yDnyh24dIfyZQwj0pWJXDbYoellufj wV+41TJiW47C4XR0G2z6mgyineFVDzbbxmvG5/rCpNbuOPkJfblCFCUDmwzIQvNrn7Ym 44IdZcjZUJ6fTDgtHFF9MADLROnDlHCpueRkbA0XG/DwdeQlw2O/PXfTjY62HZX0ttjH TITDYmsc/ryvpZvRbHsuBjm9xfWipk/aVl+R3vpW00wAIiNDB3YjEnUMeV69RtWYCiGF VZ2UI2NvdDntv7yQJJLqLUNARQ7HKv+Q2vuPibUK+WtJ7RD6eTIYZVP1kBWfxwOz7gfJ 4cHA==
X-Gm-Message-State: AHYfb5ixSJXy/B6gUUpHzaxp/d5tXr5goiDYmanX3XzQc5+v5OtPRaGF SsqrvLHLnmeGlgaaW3zibrPAy7rkvg==
X-Received: by 10.31.215.6 with SMTP id o6mr6715516vkg.179.1502328319529; Wed, 09 Aug 2017 18:25:19 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.22.105 with HTTP; Wed, 9 Aug 2017 18:24:48 -0700 (PDT)
In-Reply-To: <20170807110746.GG45648@Space.Net>
References: <CAO42Z2zLgw3cYapf=1y9pm4cWMZZ32DT2ryfPb6BGUFjCfmrMg@mail.gmail.com> <4939D55E-D37D-4551-9EB0-916FBACBC2BD@thehobsons.co.uk> <CAO42Z2wJBCo1yjguWSy-jzSvndeZTPgtN71FfdEhvqrVAUhZUA@mail.gmail.com> <9bd9f886-f53b-109f-d998-1d4c7adaf3b1@gmail.com> <B6A257C9-7E8A-452D-9C0F-0B10A31990CB@thehobsons.co.uk> <796A0ED0-0F58-43FA-9F81-D4D736A35F3B@steffann.nl> <BD3B4153-2EEF-4BFB-832D-D126A75AEC11@thehobsons.co.uk> <CAN-Dau2jzbQPuE5diEz-XzfRBHY=O1znE8hfy8P-Eee=MVwC_w@mail.gmail.com> <7C6C4FCC-26B9-493D-9992-4663DE6EB9CE@jisc.ac.uk> <3A69468C-98E4-4631-A52F-3D8772646EEE@consulintel.es> <20170807110746.GG45648@Space.Net>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Thu, 10 Aug 2017 11:24:48 +1000
Message-ID: <CAO42Z2xXXjKUZ8qQY+b1NgDagX2ZJkqL5gieD+_js59ucp0EMw@mail.gmail.com>
To: Gert Doering <gert@space.net>
Cc: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>, v6ops list <v6ops@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/PNorqfrDs3nLIrQ-8dKK6aaXYLY>
Subject: Re: [v6ops] I-D Action: draft-ietf-v6ops-unique-ipv6-prefix-per-host-07.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Aug 2017 01:25:23 -0000

On 7 August 2017 at 21:07, Gert Doering <gert@space.net> wrote:
> Hi,
>
> On Mon, Aug 07, 2017 at 12:35:25PM +0200, JORDI PALET MARTINEZ wrote:
>> Most of the RIR policies allow a shorter prefix than /48 for a single site
>> if justified.
>
> "If justified" has traditionally been along the lines of "number of buildings,
> number of subnets, number of aggregation levels", so, number of *networks*.
>
> "Number of hosts" has not been a justification argument in (at least)
> RIPE IPv6 policy, so that would be a fairly significant change.
>
> Personally, I would be very careful here - permitting assignments of
> larger address blocks because we *waste* a /64 on a potentially very
> large number of hosts in a network might cause shortage further up.
>
> And yes, I think this is extremely wastive, well over the limits of what
> is normal "do not care about wasting addresses!" level of IPv6 normal.
>

So it's worth considering what the word "waste" means. It means
getting no value at all from some quantity of a resource. That
quantity of resource isn't being used for anything of value to the
resource's user.

What we get from /64s/64 bit IIDs is simplicity (in planning and
operation), robustness (because if there is only one valid value for
something, every other value is an error and easy to see), and the
ability to give a addresses useful privacy and security properties.
They are all of use and value to the end-users users of the Internet,
so /64s/64 bit IIDs are not wasteful.

Of course, it would be possible to be reckless with resource
consumption such that you encounter unexpected and unnecessary
resource scarcity. The induced scarcity will then cause people to have
to start to make choices and trade-offs as to which beneficial uses
and values they get from the resource to give up.

So there needs to be a balance. Consumption must not be reckless,
however it also should not be so intentionally and artificially
constrained that trade-offs between beneficial uses and values have to
be made.

Brian's beach sand maths shows that there isn't a scarcity of /64s, in
particular as his calculations were within the 1/8th of the IPv6
address space we are currently using for global addresses (i.e.,
2000::/3). Leaving 1/8th for ULAs, Loopback etc., would still have
enough /64s in the other 6/8ths of the IPv6 address space to give one
to each grain of beach sand on 6 other Earth like planets.

> On a subnet, having a "it is big enough for everything, no matter how
> many hosts" is a desirable property because it makes network planning much
> easier - single size fits all, focus on more interesting work.  A /64
> is already excessive here, but given that the number of subnets is
> bound by factors like "how many different purposes can you come up
> with?", "router config", etc.  I'm willing to accept a /64 here.
>
> A /64 per *host* is much less bound - while far beyond anything you can
> configure on that host, so the trade-off "waste vs. useful number of bits"
> is not reasonable for me.
>

I don't think anybody is suggesting that a "host shared /64" model is
to be universally replaced with a universal "per-host /64 prefix"
model. It is an alternative option that has benefits in some
situations.

Sticking with a /64 boundary in this prefix per host model is for
simplicity and compatibility with existing specifications and
implementations. We should only give it up (and pay the costs of
giving it up) if it can be shown it can't work.

>
> Should this topic come up in RIPE policy discussion, I'll chair the
> discussion and refrain from having an opinion, but will reserve the right
> for a "told you so" later.
>

I assume RIPE give out /32s as the minimum to an ISP, or 4+ billion
/64s? If an ISP isn't giving out at least /56s to customers, the
problem isn't with the /64 boundary, it is the ISP carrying IPv4
address scarcity management practices over to IPv6 where they aren't
needed.

We are wasting our time (getting no value from it) trying to
accommodate unneeded IPv4 practices carried over to IPv6. We end up
trying to make things accommodate more and more perverse and
unnecessarily conservative IPv4 carried over practices. If we
accommodate them, we're also tacitly endorsing them.

Regards,
Mark.

v2.23.0 | Report a Bug | By Email