[v6ops] Re: Dynamic addresses

David Farmer <farmer@umn.edu> Sat, 10 August 2024 22:36 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47D1DC151061 for <v6ops@ietfa.amsl.com>; Sat, 10 Aug 2024 15:36:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.404
X-Spam-Level:
X-Spam-Status: No, score=-4.404 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p6uD_T6h1oQC for <v6ops@ietfa.amsl.com>; Sat, 10 Aug 2024 15:36:14 -0700 (PDT)
Received: from mta-p6.oit.umn.edu (mta-p6.oit.umn.edu [134.84.196.206]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F83BC14F60A for <v6ops@ietf.org>; Sat, 10 Aug 2024 15:36:13 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mta-p6.oit.umn.edu (Postfix) with ESMTP id 4WhFxT0QGCz9vBtL for <v6ops@ietf.org>; Sat, 10 Aug 2024 22:36:13 +0000 (UTC)
X-Virus-Scanned: amavisd-new at umn.edu
Received: from mta-p6.oit.umn.edu ([127.0.0.1]) by localhost (mta-p6.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RMoZxyF3XbXi for <v6ops@ietf.org>; Sat, 10 Aug 2024 17:36:12 -0500 (CDT)
Received: from mail-lj1-f198.google.com (mail-lj1-f198.google.com [209.85.208.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p6.oit.umn.edu (Postfix) with ESMTPS id 4WhFxS11Lvz9vBt6 for <v6ops@ietf.org>; Sat, 10 Aug 2024 17:36:12 -0500 (CDT)
DMARC-Filter: OpenDMARC Filter v1.3.2 mta-p6.oit.umn.edu 4WhFxS11Lvz9vBt6
DKIM-Filter: OpenDKIM Filter v2.11.0 mta-p6.oit.umn.edu 4WhFxS11Lvz9vBt6
Received: by mail-lj1-f198.google.com with SMTP id 38308e7fff4ca-2ef2b0417cdso29502961fa.3 for <v6ops@ietf.org>; Sat, 10 Aug 2024 15:36:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; t=1723329370; x=1723934170; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=WPrCLofnSxGIQP742aGCYnDxa5Wv+LuMCUySLRkT5OY=; b=YXLaK7RGR5e+iySuqx+OOvhdtv0Wn5jnviFBE/YfurtRlpvLIgNlT8J6dXma+rLJtC hEeMSC8mGJMAarMz8St3K2JeTVxICPB5nBZZuEBFKLFVEc8ac5A703KAoXFIyBYy/gFp P6yxiEinwlEs0olROTc7BskJk1FI9UIQ+XsNTlsMJHnPnsfWXbj96agarnRE/MHBkrFd W4GMpA8ZNIqcxzhPXyuQdoQRLc2Sl/d7b9UWbB4h2T3Szwf++zsbZQTND7qPFI3ENgNF fexPb0fbzZ6gT4lOH5d2w5pU5m8/qM4I6bc+lmJNI7LwaFV32KyBUCdQjzGhwc/mWIbF WtxA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723329370; x=1723934170; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=WPrCLofnSxGIQP742aGCYnDxa5Wv+LuMCUySLRkT5OY=; b=tHQ0yvcFu6ngZMIgmw3ut5T7+9iYbxqyJAt+SRuNwt98ty6/Gd8MAOnxLaD6yHPG1y JyiHSPi9WniB0w6Rpi/QALUh3VBZxeePEWbJehO9mNveTDS9jGTkeecjo7AnIEq1o0oD xq6+icWP+1rDyAnkz+fwLbjVMLeLJO4+52JIp9PJ+fRwU4hb4ehRXAsHC3K6McUdr9/4 QPSot7AwTqhvYyV4DIDT07BkU6Bt8rNJYqvjIw+YzO9s+td2Sv1kKMfIgDHasPwfG60N uYWoy9oKTIkVNxZWobTFtaUsSQVUCLN4dJ8Cj71O6RhO/X4+iGY6ArnHddJs74fQHjlv qmow==
X-Forwarded-Encrypted: i=1; AJvYcCXlMqnWtzWHsowFPhgWIemX0VJiNE4G8Y9rwFM/o8u43yj7RKrhgeKZJgaS1anC3ufbuDItDdabr9AswbPfxg==
X-Gm-Message-State: AOJu0YxI22GGJAl9H2u5pCC0U3YbGZV3NKrrycxUrAyeeMB/kyozde8D iPN6ZgdRiVA6a36xRwtwGwvyjrVjUxbZZ71y4SBmWnUG5hzI56O/UOwlftTPQicYCpAul15mehT he1YgcAoHxL6KYz4S8QtOfoYVNhFQx0Kr79TvFKD71rBKJg9B8z9KdechZqwMiSZc65otMCRK7H /cpAU19kHwRnVcfoCeYzm6Xg==
X-Received: by 2002:a05:651c:210f:b0:2ef:28d2:39cc with SMTP id 38308e7fff4ca-2f1a6d0036cmr38963751fa.3.1723329370411; Sat, 10 Aug 2024 15:36:10 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IGFFEAGHouNNF6Zh4UDQWU7jJ55dOxVty/n1I8RZslGAWJCsvi/XE7g0PwPbhatdtalqeQXT2gqx4EVpiUUCK4=
X-Received: by 2002:a05:651c:210f:b0:2ef:28d2:39cc with SMTP id 38308e7fff4ca-2f1a6d0036cmr38963691fa.3.1723329369669; Sat, 10 Aug 2024 15:36:09 -0700 (PDT)
MIME-Version: 1.0
References: <df01e0f8-1b0d-4792-be2c-89a59da7de49.ref@swbell.net> <df01e0f8-1b0d-4792-be2c-89a59da7de49@swbell.net> <CAJgLMKte1H3FaoQOhc7_No=SNdczQFo2_mp2c1FvTOqLCRFm2g@mail.gmail.com> <6e70bed7-6f84-4a4a-90f8-fec1d10a599b@swbell.net> <CAJgLMKsXHcxzu8Kbrg1pu9SDkGDH0b1bWzW__CrfpDaSv3Joog@mail.gmail.com> <CACyFTPFakaDLdTJVc6d1HiR_oaedNOV76MRQxJp=+z95uQFVZQ@mail.gmail.com> <CAPt1N1=rQp5U4_X=2WvCV358S9Qm+E+_+gs_mgUJHP_68dYLmg@mail.gmail.com> <d16406c6-e5d9-4aa4-a16e-7513d04d6b07@gmail.com> <CACyFTPEdh_SL3BJ6WcD18tpYzH=Q6gxYnXanTsHZxF4xQm7LuA@mail.gmail.com> <19b076c0-ff57-471a-8f66-6ad47d7169f4@gmail.com> <f469fd02-f67e-4aa3-80e1-e055e63fadd2@swbell.net> <CACyFTPGNUvKkF+hxg1xJPSRNWo4aZN+jtwO3GeMLmQ1pTY8x3g@mail.gmail.com> <CAPt1N1kLTuKjtvsJ5qGd_kjnc8K2HDc7OemMqtaSavGH6kAqJA@mail.gmail.com> <CACyFTPEjAq0kGHFwiNnqsmyhxavu6HhEBu6X7OQXAgaKpPqa1g@mail.gmail.com> <CAN-Dau05Q2GVydUb8DLfAXYNEtrKPkTFROOWT3cDMr5DSPD8Tg@mail.gmail.com> <CACyFTPEVtd4DXdVq66CFO6E61ZNDNrDQOAu4CEt8yeK9fDBcJg@mail.gmail.com>
In-Reply-To: <CACyFTPEVtd4DXdVq66CFO6E61ZNDNrDQOAu4CEt8yeK9fDBcJg@mail.gmail.com>
From: David Farmer <farmer@umn.edu>
Date: Sat, 10 Aug 2024 17:35:57 -0500
Message-ID: <CAN-Dau1xjQp0W+JYuxFurxj3sJEcWVm9Og-5HrbdPCwnfUwh2w@mail.gmail.com>
To: Daryll Swer <contact=40daryllswer.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e926a5061f5be271"
Message-ID-Hash: HWSBWAQFTRH5OFNCWOX67J55IMNHU6G3
X-Message-ID-Hash: HWSBWAQFTRH5OFNCWOX67J55IMNHU6G3
X-MailFrom: farmer@umn.edu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-v6ops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The Multach's <jmultach@swbell.net>, v6ops@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [v6ops] Re: Dynamic addresses
List-Id: v6ops discussion list <v6ops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/RPhXWGhkZEPaQI8tEBvq-PsWIVk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Owner: <mailto:v6ops-owner@ietf.org>
List-Post: <mailto:v6ops@ietf.org>
List-Subscribe: <mailto:v6ops-join@ietf.org>
List-Unsubscribe: <mailto:v6ops-leave@ietf.org>

On Sat, Aug 10, 2024 at 16:45 Daryll Swer <contact=
40daryllswer.com@dmarc.ietf.org> wrote:

> David
>
> Changing the prefix delegation on power failure of the CPE generally has a
>> fairly low impact, as the devices using the network frequently loose power
>> as well and are rebooted. And, even if they don’t loose power they
>> typically loose link, which is also a signal to reestablish their addresses.
>
>
> Not sure how electrical systems are built in the west, but over here, even
> lower-income households have inverters (or UPS) in place, i.e. the CPE, and
> client devices connected over Wi-Fi do *not* lose power and the Wi-Fi
> interface *stays up*, upstream OLT comes back up/quick fibre patching
> done, and now the clients have broken IPv6 connectivity for X amount of
> minutes/hours depending on pref/valid values.
>

In the US most residential power systems don’t have  backup, power outages
are typically short, a minute or less or they are caused by a power
disruption major fault requiring a truck roll, these typically are caused
by thunderstorms and last 30 minutes to an hour, and occur one or twice a
year for a typical customer. Then once a decade or so you will experience
an extended outage of many hours to a day or two, typically cased by major
damage, like trees falling down in severe thunderstorms, straight line
winds or tornados.

Again, this isn't theoretical, I see this in real life, ALL the time, and
> if you do a quick Google search using this precise search time, plenty of
> other users reported it:
> “Dynamic IPv6 breaks SLAAC”.
>
> As a consultant, I also get these complaints from unaware ISPs' business
> owners and C-suites, who didn't know about BCOP-690 and static ia_pd, I,
> moved them to static ia_pd, lo and behold — customer complaints about
> broken (v6) connectivity, stopped spamming their ticketing software.
>
> Nothing about my feedback on this is “hypothetical”, this is all IRL.
>

I never said it was hypothetical, it is a real issue, especially when a
change is forced on some arbitrary timeframe, instead of opportunistically
with reboot. But even a change on reboot will cause issues in at least some
cases.

That being said, whether or not to maintain the same prefix across reboots
>> should be in control of the end user, not necessarily the CPE manufacturer
>> or the ISP. Only the end user knows if their use case is advantaged or
>> disadvantaged by getting a new prefix on power loss or other reboots.
>>
>
> I agree on this aspect. I am not a protocol designer, but if I was, I'd be
> keenly interested in potentially augmenting both ia_na and ia_pd with a
> “privacy” flag, whereby if the user sets it to 1, they can set a timer to
> renew (per 24 hours, months etc), and the server will feed a fresh ia_na
> and ia_pd that ways. And if the user sets privacy flag = 0, the ia_na and
> ia_pd is permanently (lifetime) static. Probably good to augment it
> further, where privacy flag is independent for each (na, pd), along with
> independent timers giving the user complete control and making the life of
> the ISP and CPE maker, simpler.
>
> Nevertheless, permanent addresses, unchanging for an extended periods of
>> time like months or years, is a threat to privacy, it makes tracking
>> trivial.
>>
>
> This is an arguable/argumentative topic — i.e. “privacy” and “IPs”. Most
> analytics/tracking software rely on system, browser fingerprinting,
> invasive cookies, and even battery API
> <https://eprint.iacr.org/2015/616.pdf> to track users — a lot of
> motivation came for this, from mobile devices where the end-user moves
> between Wi-Fi networks and mobile networks 24/7. Analytics had to figure
> out a way to identify/track the users across different Wi-Fi/Mobile
> networks, and therefore by design can do so even with dynamic IPs.
>

Like I said, changing address doesn’t prevent tracking. But, my point is
without addresses changing once in a while, basic system logging becomes an
effective tracking system, that is tracking is trivial if addresses never
change.

*--*
> Best Regards
> Daryll Swer
> Website: daryllswer.com
> <https://mailtrack.io/l/7070cf174482cea593104513e38e67dd0d19e934?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=b99c4df5e4efd1b8>
>
>
> On Sun, 11 Aug 2024 at 02:39, David Farmer <farmer=
> 40umn.edu@dmarc.ietf.org> wrote:
>
>> I just want to say that I agree simply changing addresses, particularly
>> forcing address changes periodically, does not provide privacy by itself
>> and doesn’t prevent tracking.
>>
>> Nevertheless, permanent addresses, unchanging for an extended periods of
>> time like months or years, is a threat to privacy, it makes tracking
>> trivial.
>>
>> Changing the prefix delegation on power failure of the CPE generally has
>> a fairly low impact, as the devices using the network frequently loose
>> power as well and are rebooted. And, even if they don’t loose power they
>> typically loose link, which is also a signal to reestablish their addresses.
>>
>> That being said, whether or not to maintain the same prefix across
>> reboots should be in control of the end user, not necessarily the CPE
>> manufacturer or the ISP. Only the end user knows if their use case is
>> advantaged or disadvantaged by getting a new prefix on power loss or other
>> reboots.
>>
>> Thanks.
>>
>> On Sat, Aug 10, 2024 at 10:15 Daryll Swer <contact=
>> 40daryllswer.com@dmarc.ietf.org> wrote:
>>
>>> Ted
>>>
>>> > It sounds like the isps who you know of who are doing this are not
>>> following the rfcs. That makes it cheaper, and makes it break IPv6 for the
>>> end user.
>>>
>>> *Most*, ISPs don't conform to RFCs, BCPs and BCOPs. As a consultant, I
>>> get exposed (They email me their diagrams and configs for review) to tens
>>> of networks every year, and I can count on one hand, how many networks
>>> conform to the minimum for networking in general (IPv4 vs IPv6 aside).
>>>
>>> That's why I think the "draft-ietf-v6ops-cpe-lan-pd" should
>>> potentially, have something to give to end-users for them to use against
>>> such ISPs, in order for these users to get a permenaent ia_pd (/56 minimum
>>> or /48 maximum) via support tickets, asking the ISP to conform.
>>>
>>> *--*
>>> Best Regards
>>> Daryll Swer
>>> Website: daryllswer.com
>>> <https://mailtrack.io/l/713f3f681113f0bfb34c34bcf30460679e5a5347?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=fe00cdb4ee3ab02c>
>>>
>>>
>>> On Sat, 10 Aug 2024 at 19:53, Ted Lemon <mellon@fugue.com> wrote:
>>>
>>>> At least in Germany the address shifting was a regulatory thing—the isp
>>>> I was working with on it didn’t want to do it—it was expensive and
>>>> inconvenient.
>>>>
>>>> It sounds like the isps who you know of who are doing this are not
>>>> following the rfcs. That makes it cheaper, and makes it break IPv6 for the
>>>> end user.
>>>>
>>>> Op za 10 aug 2024 om 10:10 schreef Daryll Swer <contact@daryllswer.com>
>>>>
>>>>> > Then again, there is a claim that on those you may not get a prefix
>>>>> at all (just a single IP6 address), and if you do, often its a /64 with no
>>>>> PD.
>>>>>
>>>>> IIRC, US Telcos even have separate billing for mobile
>>>>> tethering/hotspot, right? And IPv6 doesn't always work over that ways?
>>>>>
>>>>> Over here, it appears the tethering interface just bridges with the
>>>>> PDP interface, and the “clients” that connects gets a /128 GUA, shared with
>>>>> a single /64 with the SIM.
>>>>>
>>>>> > For security reasons, one of them has a rule to change the assigned
>>>>> IPv6 address space at least once every 4 hours.
>>>>>
>>>>> You mean conspiracy theories about big bro and “privacy”… It's not
>>>>> “security”.
>>>>>
>>>>> iPhones have built-in security, Ted Lemon can probably elaborate on
>>>>> that. Android, too, has built-in security, the Google folks here can
>>>>> probably elaborate on that.
>>>>>
>>>>> Nope, I am completely against conspiracy theories about “dynamic IP
>>>>> stops big bro from spying on you”. If big bro wants to “spy” on you, no
>>>>> amount of “dynamic IPs” is stopping that.
>>>>>
>>>>> *--*
>>>>> Best Regards
>>>>> Daryll Swer
>>>>> Website: daryllswer.com
>>>>> <https://mailtrack.io/l/ba62818f368e4ab91c6676b1a01e6088ea674e45?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=b8dfc4abc306b3d8>
>>>>>
>>>>>
>>>>> On Sat, 10 Aug 2024 at 19:29, The Multach's <jmultach@swbell.net>
>>>>> wrote:
>>>>>
>>>>>> That triggered a memory about addressing on US cellular carriers, at
>>>>>> least one of which does this.
>>>>>>
>>>>>> Then again, there is a claim that on those you may not get a prefix
>>>>>> at all (just a single IP6 address), and if you do, often its a /64 with no
>>>>>> PD.
>>>>>>
>>>>>> For security reasons, one of them has a rule to change the assigned
>>>>>> IPv6 address space at least once every 4 hours.
>>>>>>
>>>>>>
>>>>>> On 8/9/2024 9:33 PM, Brian E Carpenter wrote:
>>>>>>
>>>>>> On 10-Aug-24 11:34, Daryll Swer wrote:
>>>>>>
>>>>>>  > But I don't understand the statement "breaks SLAAC on the LAN". A
>>>>>> change of prefix renumbers the LAN, but that doesn't break SLAAC, it just
>>>>>> causes SLAAC to renumber everything. It will only break active sessions.
>>>>>>
>>>>>> It will break, on the host side, because they won't know to use the
>>>>>> new prefix, until the pref/valid values expire.
>>>>>>
>>>>>>
>>>>>> https://www.6connect.com/blog/is-your-isp-constantly-changing-the-delegated-ipv6-prefix-on-your-cpe-router/
>>>>>>
>>>>>>
>>>>>> Thanks, yes, I knew that of course but the description of that as
>>>>>> breaking SLAAC confused me. (When my ISP was changing prefixes after a CE
>>>>>> power cut and reboot, the issue was masked by other effects of the power
>>>>>> cut.)
>>>>>>
>>>>>> There's no reason to be promoting dynamic v6 prefixes, in addition to
>>>>>> the SLAAC context, this makes it painful, for end-users to host anything at
>>>>>> home, even basic SSH.
>>>>>>
>>>>>>
>>>>>> I completely agree.
>>>>>>
>>>>>>    Brian
>>>>>>
>>>>>>
>>>>>> *--*
>>>>>> Best Regards
>>>>>> Daryll Swer
>>>>>> Website: daryllswer.com
>>>>>> <https://mailtrack.io/l/8b190af15371d42cba28cde7db9581f1c207dde9?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=0564b87de4f69994>
>>>>>> <https://mailtrack.io/l/8b190af15371d42cba28cde7db9581f1c207dde9?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=0564b87de4f69994>
>>>>>>
>>>>>>
>>>>>> On Sat, 10 Aug 2024 at 04:56, Brian E Carpenter <
>>>>>> brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>
>>>>>> <brian.e.carpenter@gmail.com>> wrote:
>>>>>>
>>>>>>     [Public service announcement: as of now, I'm spam-filtering
>>>>>> messages with 'Digest' subject headers.]
>>>>>>
>>>>>>     My ISP used to change my prefix whenever there was a power cut
>>>>>> and the modem restarted. Now, it appears to be stable.
>>>>>>
>>>>>>     But I don't understand the statement "breaks SLAAC on the LAN". A
>>>>>> change of prefix renumbers the LAN, but that doesn't break SLAAC, it just
>>>>>> causes SLAAC to renumber everything. It will only break active sessions.
>>>>>>
>>>>>>     Regards
>>>>>>          Brian
>>>>>>
>>>>>>     On 10-Aug-24 10:13, Ted Lemon wrote:
>>>>>>      > In order to do this, they would have to not renew a previously
>>>>>> assigned prefix. I think some German telecoms used to do this as a privacy
>>>>>> message, but it was operationally very difficult because it doubled demand
>>>>>> for prefixes.
>>>>>>      >
>>>>>>      > Where are you seeing this irl, and how does it happen?
>>>>>>      >
>>>>>>      > Op vr 9 aug 2024 om 15:08 schreef Daryll Swer <
>>>>>> contact=40daryllswer.com@dmarc.ietf.org
>>>>>> <mailto:40daryllswer.com@dmarc.ietf.org>
>>>>>> <40daryllswer.com@dmarc.ietf.org> <
>>>>>> mailto:40daryllswer.com@dmarc.ietf.org
>>>>>> <40daryllswer.com@dmarc.ietf.org>
>>>>>> <mailto:40daryllswer.com@dmarc.ietf.org>
>>>>>> <40daryllswer.com@dmarc.ietf.org>>>
>>>>>>      >
>>>>>>      >     Tim, is there something we can do to encourage not only
>>>>>> "more than a /64", but also encourage "static ia_pd to ensure the customer
>>>>>> will not experience broken IPv6 connectivity due to ever changing
>>>>>> prefixes".
>>>>>>      >
>>>>>>      >     Too many ISPs out there do dynamic IPs and breaks SLAAC on
>>>>>> the LAN.
>>>>>>      >
>>>>>>      >     I feel this draft could be a powerful tool, in the hands
>>>>>> of the end user to get these ISPs doing the right way of IPv6 more often.
>>>>>>      >
>>>>>>      >     --
>>>>>>      >     Sent from my iPhone
>>>>>>      >
>>>>>>      >
>>>>>>      >     On Fri, 9 Aug 2024 at 7:37 PM, Timothy Winters <
>>>>>> tim@qacafe.com <mailto:tim@qacafe.com> <tim@qacafe.com> <
>>>>>> mailto:tim@qacafe.com <tim@qacafe.com> <mailto:tim@qacafe.com>
>>>>>> <tim@qacafe.com>>> wrote:
>>>>>>      >
>>>>>>      >         Yes.  I've seen several instances of /64 being used
>>>>>> for container networks on CPEs.
>>>>>>      >
>>>>>>      >         ~Tim
>>>>>>      >
>>>>>>      >         On Fri, Aug 9, 2024 at 9:38 AM The Multach's <
>>>>>> jmultach@swbell.net <mailto:jmultach@swbell.net>
>>>>>> <jmultach@swbell.net> <mailto:jmultach@swbell.net
>>>>>> <jmultach@swbell.net> <mailto:jmultach@swbell.net>
>>>>>> <jmultach@swbell.net>>> wrote:
>>>>>>      >
>>>>>>      >             So are these considered a LAN link prefix
>>>>>> assignment under 7084 L2:
>>>>>>      >
>>>>>>      >             - Assignment of a /64 prefix for internal IPv6
>>>>>> communication between a
>>>>>>      >             primary SoC and a secondary chip (e.g., a Wi-Fi
>>>>>> chip which uses IPv6).
>>>>>>      >
>>>>>>      >             - Assignment of a /64 prefix for usage by an
>>>>>> internal container or VM.
>>>>>>      >
>>>>>>      >
>>>>>>      >             On 8/9/2024 7:56 AM, Timothy Winters wrote:
>>>>>>      >              >
>>>>>>      >              >
>>>>>>      >              > On Thu, Aug 8, 2024 at 10:58 PM The Multach's <
>>>>>> jmultach@swbell.net <mailto:jmultach@swbell.net>
>>>>>> <jmultach@swbell.net> <mailto:jmultach@swbell.net
>>>>>> <jmultach@swbell.net> <mailto:jmultach@swbell.net>
>>>>>> <jmultach@swbell.net>>> wrote:
>>>>>>      >              >
>>>>>>      >              >     The following, while being user focused,
>>>>>> fails to take into
>>>>>>      >              >     account that
>>>>>>      >              >     some of those prefixes may be used
>>>>>> internally (or reserved for
>>>>>>      >              >     internal
>>>>>>      >              >     use) by the CPE or for ISP purposes and not
>>>>>> assignable:
>>>>>>      >              >
>>>>>>      >              >     "SHOULD" (or an elongated exception for the
>>>>>> above) would be more
>>>>>>      >              >     appropriate.
>>>>>>      >              >
>>>>>>      >              >     LPD-4: After LAN link prefix assignment the
>>>>>> IPv6 CE Router MUST
>>>>>>      >              >     make the
>>>>>>      >              >     remaining IPv6 prefixes available to other
>>>>>> routers via Prefix
>>>>>>      >              >     Delegation.
>>>>>>      >              >
>>>>>>      >              > I think this covers that case.   After local
>>>>>> assignment, unused
>>>>>>      >              > prefixes MUST be made available.
>>>>>>      >              > LPD-2:  The IPv6 CE Router MUST assign a prefix
>>>>>> from the delegated
>>>>>>      >              >            prefix as specified by L-2
>>>>>> [RFC7084].
>>>>>>      >              >
>>>>>>      >              > 7084
>>>>>>      >              >    L-2:   The IPv6 CE router MUST assign a
>>>>>> separate /64 from its
>>>>>>      >              >           delegated prefix(es) (and ULA prefix
>>>>>> if configured to provide
>>>>>>      >              >           ULA addressing) for each of its LAN
>>>>>> interfaces.
>>>>>>      >              >
>>>>>>      >              >
>>>>>>      >              >
>>>>>>  _______________________________________________
>>>>>>      >              >     v6ops mailing list -- v6ops@ietf.org
>>>>>> <mailto:v6ops@ietf.org> <v6ops@ietf.org> <mailto:v6ops@ietf.org
>>>>>> <v6ops@ietf.org> <mailto:v6ops@ietf.org> <v6ops@ietf.org>>
>>>>>>      >              >     To unsubscribe send an email to
>>>>>> v6ops-leave@ietf.org <mailto:v6ops-leave@ietf.org>
>>>>>> <v6ops-leave@ietf.org> <mailto:v6ops-leave@ietf.org
>>>>>> <v6ops-leave@ietf.org> <mailto:v6ops-leave@ietf.org>
>>>>>> <v6ops-leave@ietf.org>>
>>>>>>      >              >
>>>>>>      >
>>>>>>      >         _______________________________________________
>>>>>>      >         v6ops mailing list -- v6ops@ietf.org
>>>>>> <mailto:v6ops@ietf.org> <v6ops@ietf.org> <mailto:v6ops@ietf.org
>>>>>> <v6ops@ietf.org> <mailto:v6ops@ietf.org> <v6ops@ietf.org>>
>>>>>>      >         To unsubscribe send an email to v6ops-leave@ietf.org
>>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org> <
>>>>>> mailto:v6ops-leave@ietf.org <v6ops-leave@ietf.org>
>>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org>>
>>>>>>      >
>>>>>>      >     45efe8dfc775213ded0fc41c7d84ccccb0d6aa20
>>>>>> _______________________________________________
>>>>>>      >     v6ops mailing list -- v6ops@ietf.org
>>>>>> <mailto:v6ops@ietf.org> <v6ops@ietf.org> <mailto:v6ops@ietf.org
>>>>>> <v6ops@ietf.org> <mailto:v6ops@ietf.org> <v6ops@ietf.org>>
>>>>>>      >     To unsubscribe send an email to v6ops-leave@ietf.org
>>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org> <
>>>>>> mailto:v6ops-leave@ietf.org <v6ops-leave@ietf.org>
>>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org>>
>>>>>>      >
>>>>>>      >
>>>>>>      > _______________________________________________
>>>>>>      > v6ops mailing list -- v6ops@ietf.org <mailto:v6ops@ietf.org>
>>>>>> <v6ops@ietf.org>
>>>>>>      > To unsubscribe send an email to v6ops-leave@ietf.org
>>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org>
>>>>>>
>>>>>> _______________________________________________
>>> v6ops mailing list -- v6ops@ietf.org
>>> To unsubscribe send an email to v6ops-leave@ietf.org
>>>
>>