IETF Logo Mail Archive

Re: [v6ops] AWS ipv6-only features

"Chengli (Cheng Li)" <c.l@huawei.com> Mon, 29 November 2021 06:14 UTC

Return-Path: <c.l@huawei.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF3CA3A0CDB for <v6ops@ietfa.amsl.com>; Sun, 28 Nov 2021 22:14:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DyLvyLEqlxDQ for <v6ops@ietfa.amsl.com>; Sun, 28 Nov 2021 22:14:16 -0800 (PST)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D2A803A0CDC for <v6ops@ietf.org>; Sun, 28 Nov 2021 22:14:15 -0800 (PST)
Received: from fraeml710-chm.china.huawei.com (unknown [172.18.147.206]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4J2Zm86X4Jz6GDTG; Mon, 29 Nov 2021 14:13:28 +0800 (CST)
Received: from dggpemm100004.china.huawei.com (7.185.36.189) by fraeml710-chm.china.huawei.com (10.206.15.59) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Mon, 29 Nov 2021 07:14:11 +0100
Received: from dggpemm500003.china.huawei.com (7.185.36.56) by dggpemm100004.china.huawei.com (7.185.36.189) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Mon, 29 Nov 2021 14:14:10 +0800
Received: from dggpemm500003.china.huawei.com ([7.185.36.56]) by dggpemm500003.china.huawei.com ([7.185.36.56]) with mapi id 15.01.2308.020; Mon, 29 Nov 2021 14:14:10 +0800
From: "Chengli (Cheng Li)" <c.l@huawei.com>
To: "Chengli (Cheng Li)" <c.l=40huawei.com@dmarc.ietf.org>, Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org>, Brian E Carpenter <brian.e.carpenter@gmail.com>
CC: IPv6 Ops WG <v6ops@ietf.org>
Thread-Topic: [v6ops] AWS ipv6-only features
Thread-Index: AQHX4fsYqxBd47KHg0+Uko/p51rt+qwUJp4AgAAJBgCAAAIgAIAAA8MAgAAvPoCABXtN0IAALG4A
Date: Mon, 29 Nov 2021 06:14:10 +0000
Message-ID: <976f336ac0304fcdac6decbd0ed007f4@huawei.com>
References: <CAD6AjGRAkpMDaAh31mVL=+Gcz5PHejUxxLazr4Xb=vVRHfaSpw@mail.gmail.com> <CAO42Z2z8u_DQMd9eNSQp_RhBinXk2KyH4pdbVLMEqOta-hoG1w@mail.gmail.com> <CADzU5g5odQ82FJ0TsdNxFB42OkgLZ+PWanLLrK1roLojAUS54A@mail.gmail.com> <CAO42Z2z+ZJ_pLwZmBjZ_HFsNXQ6jok-PMRTP23ZD2UMch61wtw@mail.gmail.com> <12900505-8861-cdb4-0895-09e4db18e2eb@gmail.com> <CAKD1Yr3jZwORdNsg=FzObaY+7DDGwZR=6EVmu1GjeUgibwTsvQ@mail.gmail.com> <0babde53844143028995ea1c442c5554@huawei.com>
In-Reply-To: <0babde53844143028995ea1c442c5554@huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.112.40.81]
Content-Type: multipart/alternative; boundary="_000_976f336ac0304fcdac6decbd0ed007f4huaweicom_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/QiLwWuonQ7sjYMmzHobeZ0ioglA>
Subject: Re: [v6ops] AWS ipv6-only features
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Nov 2021 06:14:21 -0000

Ha, I mean I don’t really understand…


From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Chengli (Cheng Li)
Sent: Monday, November 29, 2021 11:42 AM
To: Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org>; Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: IPv6 Ops WG <v6ops@ietf.org>
Subject: Re: [v6ops] AWS ipv6-only features

If I don’t remember wrong, ULA has the format of 8(FC00::/7 + L bit)+40 global ID+16 subnet ID. RFC4193.
The only different between Fc00::/8 and Fd::/8 is about how to allocate the 40 bit Global ID, but they are using the same format. Though Fd::/8 is failed in standards over 10 years ago.

I do really understand how can they use fd00:ec2::/16 with manually configuration. Weird. Why not IPv6 GUA? Much easy to be managed. Do they run out of IPv6 GUA or tenants don’t want it?




From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Lorenzo Colitti
Sent: Friday, November 26, 2021 7:52 AM
To: Brian E Carpenter <brian.e.carpenter@gmail.com<mailto:brian.e.carpenter@gmail.com>>
Cc: IPv6 Ops WG <v6ops@ietf.org<mailto:v6ops@ietf.org>>
Subject: Re: [v6ops] AWS ipv6-only features

On Fri, Nov 26, 2021 at 6:03 AM Brian E Carpenter <brian.e.carpenter@gmail.com<mailto:brian.e.carpenter@gmail.com>> wrote:
True, and I can't condone it, but as long as they don't leak it, the only
operator that can be damaged is AWS itself, so it's an own goal. In fact,
even if they do leak it, any competent ISP will drop it.

The damage is not to operators, it is to application developers. Using fd00:ec2::/16 pretty much guarantees that there will be collisions within EC2 itself. If collisions can happen, that means that applications will need to learn to work with NAT66 or at least with NPTv6. That's pretty much the worst thing they could have done for IPv6 I think.

v2.23.0 | Report a Bug | By Email