IETF Logo Mail Archive

Re: [v6ops] I-D Action: draft-horley-v6ops-lab-00.txt

Nick Buraglio <buraglio@es.net> Fri, 11 June 2021 22:13 UTC

Return-Path: <buraglio@es.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A5F43A0E02 for <v6ops@ietfa.amsl.com>; Fri, 11 Jun 2021 15:13:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=es.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9WRFRJwlZxen for <v6ops@ietfa.amsl.com>; Fri, 11 Jun 2021 15:13:18 -0700 (PDT)
Received: from mail-lf1-x12e.google.com (mail-lf1-x12e.google.com [IPv6:2a00:1450:4864:20::12e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5797E3A0DFF for <v6ops@ietf.org>; Fri, 11 Jun 2021 15:13:18 -0700 (PDT)
Received: by mail-lf1-x12e.google.com with SMTP id v22so10709675lfa.3 for <v6ops@ietf.org>; Fri, 11 Jun 2021 15:13:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=es.net; s=esnet-google; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to:cc; bh=HqwhKevrvy0HyTt1C1dLyrg7MDr3nTjsavlBta6sTaI=; b=a9lVzU44pFCWw4No+zcEkIb/YNODMBaBPUBjpOYx3d5v2jFycG0ckVlIXJAwMEQsMn TlmD2PR+uko7wvC9ZDMqbhDGV2sWEZ8Xlh04dpYgGJGMXh5pSr59OY+Q8Et/FN+SmnfF F1m6Vc1f4yfNeanO6KcEhdg0EuNxvt4tmMAE7sxlj/89e99aOA5cjUoU8z4tcPpylMl7 PQ1My/HLcj1mHTMaMHpsTeEgpJ/ICDwi6pf14cdYlJ1GeUNScJpljIsOWxE3zuTm2dTL jXiDnWo1HRXcqHO/Y/Qw6PNGwdWkBP5RYr+AAA/VSNT3EHCxGEgzGrosccQliqaRN+JN pn7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=HqwhKevrvy0HyTt1C1dLyrg7MDr3nTjsavlBta6sTaI=; b=QeWGs5zD6ztq1J9datPxDirwvYQ6j2TdEEPPBZIW2aOS10mKWNvjaSirhcc0NoAo5e 7soPyvYWxIHoPAaBy4fG7+6Dn6hOXoJ9Lp3MxjyWfvvPQFEvb6aEdsHW7n7lpAXBVIaT +wJSxKxaFHdZ3uIlwBIaqBcWO2jy0QAyyYPGq64rWNzhoxRegxicvz58DlZmpce+mJ3L +tej2QP76cCN0DGYAVoGvj3cqpih/A/Po72QsopYSZNIaj7W+ggyta9h4txvDTOraLRB v6v3PzX8MTFiStTDExrPWLy9NAzkCFAqhAMGV2QHKA/MGYUCp1GB7Ay9fd09YQyZ8Olk TrrA==
X-Gm-Message-State: AOAM531UkEbX/bEV5grcrVAymRlvuonxrS2bZGVGhIPW6BXtrMTx0nnk s8vStlZ91K3/yyjngNk4AfnJQ5za4uD4+zaQ+ID6SeiAhOhyxd4USGU0MD2w3VIIvzkR5LmY32G 1WJy4LcojIraPvixXm9MgEGACa7C8MJvSuuPxd8YwBodjVRVhemsZG25CMOXDxi/1PQOl34d+Sl E=
X-Google-Smtp-Source: ABdhPJz/tHtVEmIHsD56N2bzhrUUM3nmqEVfbyXMxh6FMrVX+EeGftM7100LOE9tq9b59lO/CTc1PPeFNGbqEQkBhDg=
X-Received: by 2002:a19:c10c:: with SMTP id r12mr3956065lff.152.1623449594699; Fri, 11 Jun 2021 15:13:14 -0700 (PDT)
MIME-Version: 1.0
References: <162293202497.20978.11278185466573537743@ietfa.amsl.com> <d928f260-e0b1-7672-7114-7ac09dace037@gmail.com>
In-Reply-To: <d928f260-e0b1-7672-7114-7ac09dace037@gmail.com>
Reply-To: buraglio@es.net
From: Nick Buraglio <buraglio@es.net>
Date: Fri, 11 Jun 2021 17:13:03 -0500
Message-ID: <CAM5+tA8qt0Z9jKnfFYHWVpX8MC8zkFOnnmUvFboBnBS_OURoxg@mail.gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: IPv6 Operations <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000067b58d05c484d0f4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/XLsffm1SqsxWKbAFT_PsuZi7CU0>
Subject: Re: [v6ops] I-D Action: draft-horley-v6ops-lab-00.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jun 2021 22:13:24 -0000

Our reasoning behind this is that it is not practical for all organizations
to request and justify new address space simply for modeling their network
in order to test migrations / tests / prototyping, particularly when
building drop in replacement architectures or brownfield migrations for
very, very large networks with allocations larger than /32 (nor should they
have to do so). As such, the use cases here are drawn directly from
operational pain and inefficiencies.
For example, having to make a request in the ARIN region for IPv6 resource
allocation requires a network design. Entities that are building a very
large network requesting an allocation of /24 are left between a rock and a
hard place since the design has no real mechanism for both address planning
and prototyping / labbing. The current way this is accomplished is to use
often clunky compromises on numbering, a mix of whatever address space is
randomly chosen which in turn requires some level of extra and arguably
avoidable effort in order to migrate to production, and uses some randomly
chosen address block which may or may not be allocated somewhere else.
Since building a prototype using an address schema that won't reflect the
end state as well as it could is very often either a mash up of
documentation prefixes, randomly chosen unallocated space, or a mirror of
the GUA allocation, it introduces a lot of margin of error in both
configuration and migration operations.
The last of the aforementioned list -  a mirror of the GUA allocation - has
its own set of "...and here be dragons" problems, not the least of which is
potential for leaking into the existing network, confusion about devices,
and other very real human errors.

Documentation prefixes already exist which are arguably in that category of
"ambiguous" due to the lack of any kind of reserved and speciality block
for prototyping and labbing, of which they are very often used. Leveraging
a block from the global address space also loses the advantage of being
dereferenced ala rfc6724 as some of the other blocks are (ULA, etc. ). This
could be added to an update to also become deprioritized if adopted.

Additionally, we also have a very recent example of the block in question
being used in an available platform that is running production traffic in
their overlay. It is largely undocumented, functionally squatting the
0200::/7 block. It is structurally important for, for example, cloud
providers, energy industry (i.e. power meters)  that have extremely large
networks that do not want to risk using their actual GUA space in a lab
that could potentially be leaked by misconfiguration. Since the 0200::/7 is
very close to 2000::/3 and can be fairly trivially migrated from lab /
prototyping to production with very straightforward programmatic means.

Moreover, we believe this prototype / lab prefix should be different from
documentation address space in order to retain unique address space for
actual documentation to avoid the haphazard way it is typically done in the
wild in v4 land. for example, code snippets intended for cut-and-paste
should be lab, documentation should be documentation prefix.

I hope this helps inform our reasons for proposing it. We're all happy to
discuss this further!

nb



---
Nick Buraglio
Planning and Architecture Group
Energy Sciences Network; AS293
Lawrence Berkeley National Laboratory
buraglio@es.net
+1 (510) 995-6068


On Thu, Jun 10, 2021 at 5:23 PM Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> My concern about this draft is that it intentionally creates ambiguous
> address space, something we have very carefully avoided since the beginning
> of IPv6.
>
> Regards
>    Brian
>
> On 06-Jun-21 10:27, internet-drafts@ietf.org wrote:
> >
> > A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> >
> >
> >         Title           : Expanding IPv6 Lab Use Space
> >         Authors         : Ed Horley
> >                           Tom Coffeen
> >                           Scott Hogg
> >                           Nick Buraglio
> >                           Kevin Myers
> >                           Chris Cummings
> >                           Russ White
> >       Filename        : draft-horley-v6ops-lab-00.txt
> >       Pages           : 5
> >       Date            : 2021-06-05
> >
> > Abstract:
> >    TTo reduce the likelihood of addressing conflicts and confusion
> >    between lab deployments and non-lab (i.e., production) deployments,
> >    an IPv6 unicast address prefix is reserved for use in lab, proof-of-
> >    concept, and validation networks as well as for for any similar use
> >    case.  This document describes the use of the IPv6 address prefix
> >    0200::/7 as a prefix reserved for this purpose (repurposing the
> >    deprecated OSI NSAP-mapped prefix).
> >
> >
> > The IETF datatracker status page for this draft is:
> > https://datatracker.ietf.org/doc/draft-horley-v6ops-lab/
> >
> > There is also an htmlized version available at:
> > https://datatracker.ietf.org/doc/html/draft-horley-v6ops-lab-00
> >
> >
> > Internet-Drafts are also available by anonymous FTP at:
> > ftp://ftp.ietf.org/internet-drafts/
> >
> >
> > _______________________________________________
> > I-D-Announce mailing list
> > I-D-Announce@ietf.org
> > https://www.ietf.org/mailman/listinfo/i-d-announce
> > Internet-Draft directories: http://www.ietf.org/shadow.html
> > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> >
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>

v2.23.0 | Report a Bug | By Email