Re: [v6ops] A good example of why we need to careful about ULAs
Mark Andrews <marka@isc.org> Thu, 30 May 2013 23:54 UTC
Return-Path: <marka@isc.org>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 28C7921F9920 for <v6ops@ietfa.amsl.com>; Thu, 30 May 2013 16:54:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[AWL=-2.600, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, MANGLED_BEST=2.3, MANGLED_WORKS=2.3]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ROnDhdS8qFL5 for <v6ops@ietfa.amsl.com>; Thu, 30 May 2013 16:54:57 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) by ietfa.amsl.com (Postfix) with ESMTP id 7700621F9698 for <v6ops@ietf.org>; Thu, 30 May 2013 16:54:57 -0700 (PDT)
Received: from mx.pao1.isc.org (localhost [127.0.0.1]) by mx.pao1.isc.org (Postfix) with ESMTP id 72AC4C9427; Thu, 30 May 2013 23:54:48 +0000 (UTC) (envelope-from marka@isc.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=dkim2012; t=1369958097; bh=I5rY8fVJyXRtE7LVmi/tJ+YWhM9QFto5X9oPKcyEw48=; h=To:Cc:From:References:Subject:In-reply-to:Date; b=VIjo6VF3ovpGrq+ID6AB/WHFSAgwKYIlTxA6MO6YGnMaqQwKq8NsfXCwl505Lv7JS sgQHDSvdgYMMm8OQB9zdw0pNLPCDXr+G8J/FDxYy7fb+xrKggeBvN3BQ0RW4i4GPPA L7QuzblCZBcpIcbt/Z/7MMP6CvoWx7DC9MHvy28Q=
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "mail.isc.org", Issuer "RapidSSL CA" (not verified)) by mx.pao1.isc.org (Postfix) with ESMTPS; Thu, 30 May 2013 23:54:48 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (c211-30-172-21.carlnfd1.nsw.optusnet.com.au [211.30.172.21]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by bikeshed.isc.org (Postfix) with ESMTPSA id AC177216C40; Thu, 30 May 2013 23:54:47 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (localhost [IPv6:::1]) by drugs.dv.isc.org (Postfix) with ESMTP id BD66034F6EDB; Fri, 31 May 2013 09:54:42 +1000 (EST)
To: Mark Smith <markzzzsmith@yahoo.com.au>
From: Mark Andrews <marka@isc.org>
References: <CAKD1Yr29kf1Me=6JR66Gq0dFYgQx2wq=pjW8WZyHByPA0POsMQ@mail.gmail.com> <1369901467.70362.YahooMailNeo@web142506.mail.bf1.yahoo.com> <CAKD1Yr1oBr54t2ze57KQ08BLhQKX8qS4vfr_D=LjWyidKt6evA@mail.gmail.com> <1369948995.76791.YahooMailNeo@web142505.mail.bf1.yahoo.com>
In-reply-to: Your message of "Thu, 30 May 2013 14:23:15 -0700." <1369948995.76791.YahooMailNeo@web142505.mail.bf1.yahoo.com>
Date: Fri, 31 May 2013 09:54:42 +1000
Message-Id: <20130530235442.BD66034F6EDB@drugs.dv.isc.org>
X-DCC--Metrics: post.isc.org; whitelist
Cc: "v6ops@ietf.org WG" <v6ops@ietf.org>, "draft-ietf-v6ops-ula-usage-recommendations@tools.ietf.org" <draft-ietf-v6ops-ula-usage-recommendations@tools.ietf.org>
Subject: Re: [v6ops] A good example of why we need to careful about ULAs
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 May 2013 23:54:59 -0000
In message <1369948995.76791.YahooMailNeo@web142505.mail.bf1.yahoo.com>, Mark S mith writes: > > >Cc: "v6ops@ietf.org WG" <v6ops@ietf.org>; "draft-ietf-v6ops-ula-usage-reco= > mmendations@tools.ietf.org" <draft-ietf-v6ops-ula-usage-recommendations@too= > ls.ietf.org> = > > >Sent: Thursday, 30 May 2013 7:07 PM > >Subject: Re: [v6ops] A good example of why we need to careful about ULAs > > = > > > > > > >On Thu, May 30, 2013 at 5:11 PM, Mark Smith <markzzzsmith@yahoo.com.au> wr= > ote: > >In the early news, not really a new problem. > >> > > > > > >The part where an RFC asserts says that we can generate globally unique ad= > dresses with no global coordination is a new problem. Yes, in theory it wor= > ks, but in practice it doesn't, because everyone ends up using fd00:: - bec= > ause that's the way it worked in IPv4, and ULA is just RFC1918 all over aga= > in, right? > > > > I don't agree with trying to create a registry for the non-centrally assign= > ed ULAs (because I think those people probably think they now own that pref= > ix), however here is quite a list to show that a lot of people from a varie= > ty of organisations get that ULAs aren't set to fd00::/8 All locally assigned ULA are in fd00::/8. I think you meant fd00:0000:0000::/48. Yes I deliberatly added the extra zeros make it clearer. The example that started this thread was not in fd00:0000:0000::/48. They may not have configured their border routers to block traffic to/from fc00::/7 and their router may not have appropriate source address selection rules for the reply. Both of those are correctable. fd00:3303:0000::/48 may not *look* random but it may well be random. > http://www.sixxs.net/tools/grh/ula/list/ > > > > > >The key point here is that people are going to assume is that ULA is like = > RFC1918 and we should carefully document all the ways in which it isn't. > > > > Agree with documenting it. Site-locals were "fd00::". The site-local deprec= > ation RFC is pretty much the inverse of all the ways ULAs aren't site-local= > s and RFC1918s. > > > > >So is this draft aiming for BCP status and therefore should only reflect b= > est common practice? > > > > > >I think documents coming out of v6ops should reflect scenarios where there= > is operational experience. I don't think v6ops is the place to say "here's= > what we could build". It's the place to say "here's what we've built; here= > 's what works, and here's what doesn't". > > > > > > >As an example: we've already discovered one of the use cases in this draft= > (the "use ULA as a pref64") is not a use case after all, because it causes= > devices to prefer IPv4 transition technologies like 464xlat over NAT64. We= > didn't know this because nobody had actually tried to *operate a network* = > in such a use case. I happened to catch that one because I wrote and tested= > an implementation, but who knows if there are caveats in any of the others? > > > > > >If as an operational group we publish guidance to operators that doesn't w= > ork in the real world (like the pref64 case above), it will be embarrassing= > for us and wasteful of operators' time. We should strive to do better than= > that. > > > > > > Ok. So then a follow up question is how to provide perhaps more tutorial or= > iented information? RFCs, quite reasonably, provide enough information to j= > ustify what is=A0proposed, and usually one use case, but not all of them. T= > hat may not be enough information for more of a novice fully understand the= > problem that is being solved, the variety of opportunities to use it, and = > the pros and cons of the use of what is proposed in those scenarios. I have= > n't thought v6ops was just a place to document what has been done, but rath= > er to document any topics related to operations, including advice and more = > information on how things invented here and in other IPv6 working groups co= > uld be used. > > Regards, > Mark. > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- [v6ops] A good example of why we need to careful … Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Mark Smith
- Re: [v6ops] A good example of why we need to care… Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Mark Smith
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… joel jaeggli
- Re: [v6ops] A good example of why we need to care… Mark Andrews
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Liubing (Leo)
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Ole Troan
- Re: [v6ops] A good example of why we need to care… Gert Doering
- Re: [v6ops] A good example of why we need to care… Sander Steffann
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Arturo Servin
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Alexandru Petrescu
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Fred Baker (fred)
- Re: [v6ops] A good example of why we need to care… Gunter Van de Velde (gvandeve)
- Re: [v6ops] A good example of why we need to care… Brian Haberman
- Re: [v6ops] A good example of why we need to care… Gunter Van de Velde (gvandeve)
- Re: [v6ops] A good example of why we need to care… Gunter Van de Velde (gvandeve)
- Re: [v6ops] A good example of why we need to care… Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Wuyts Carl
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Gert Doering
- Re: [v6ops] A good example of why we need to care… Wuyts Carl