Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)

Owen DeLong <owen@delong.com> Wed, 24 February 2021 00:11 UTC

Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 354693A120A; Tue, 23 Feb 2021 16:11:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=delong.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7LgaL_Q7wy1H; Tue, 23 Feb 2021 16:11:52 -0800 (PST)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id A21813A1208; Tue, 23 Feb 2021 16:11:52 -0800 (PST)
Received: from [IPv6:2001:470:496b:0:a8fb:d2c9:901e:fdbb] ([IPv6:2001:470:496b:0:a8fb:d2c9:901e:fdbb]) (authenticated bits=0) by owen.delong.com (8.15.2/8.15.2) with ESMTPSA id 11O0Bhx02430206 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 23 Feb 2021 16:11:44 -0800
DKIM-Filter: OpenDKIM Filter v2.11.0 owen.delong.com 11O0Bhx02430206
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delong.com; s=mail; t=1614125506; bh=LDL2wWPyG0yyUgNx8SQvWdck/jZOXrCIsfxKFS3Tct8=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=tDqlnZp5ahNl8uIfRGBBcwTESvuIidnX7ga19fUz81WAVdcHr0Vra6zcRzRn345p1 Iv2hz0OESpeQs1hx8FitaY6R2bYFYx8eZtEfcj551VPDlfDCHnkDcP0uWJzfdoKL5d G+jXdwM7VvkFSC2Vcyp7xtZM3tFjirb2RbsHyNH8=
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CAO42Z2yoEjJumjMD_YNQ_wwCV2KUsDvODy58Vg7ar=+hRw4OJA@mail.gmail.com>
Date: Tue, 23 Feb 2021 16:11:42 -0800
Cc: Fernando Gont <fgont@si6networks.com>, "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>, IPv6 Operations <v6ops@ietf.org>, "6man@ietf.org" <6man@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <9648A135-C24E-4A0A-8F6F-8B4C30F9EEB9@delong.com>
References: <a5b9b8566ce446d3a5e5dcc9ca2fbac2@boeing.com> <CAN-Dau1xD21EpqrSXKHLzADPyjeWcwc=phHGSFP8cj6705O2BQ@mail.gmail.com> <5f0f480a-b331-7f0c-a738-5d80bd8569e6@si6networks.com> <02dd48fbe6cc44c482662fdc1978219f@boeing.com> <4908665c-94cf-810f-8bff-7407e3abe099@si6networks.com> <c09cfe42-f74b-ccaf-f03b-fb6942ed890f@gmail.com> <CAO42Z2wdgJXC3v9HtU-tNRAPv-zuhnyGuCq5m-r8T7LO84U3jg@mail.gmail.com> <ff071f80-67d3-b9a3-7352-39a0547da415@si6networks.com> <CAO42Z2yoEjJumjMD_YNQ_wwCV2KUsDvODy58Vg7ar=+hRw4OJA@mail.gmail.com>
To: Mark Smith <markzzzsmith@gmail.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.3 (owen.delong.com [IPv6:2620:0:930:0:0:0:200:2]); Tue, 23 Feb 2021 16:11:46 -0800 (PST)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/cdoX5uiKAzbgt6zoOfu7nvqlf_A>
Subject: Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2021 00:11:54 -0000

> 
> RFC4193 explicitly says that the scope of uniqueness is global:
> 
> "Local IPv6 unicast addresses have the following characteristics:
> 
>      - Globally unique prefix (with high probability of uniqueness)."

Or in other words, “Globally maybe unique prefix, probably, we hope,
_IF_ everyone follows the directions.”

>>> - scope or domain of intended forwarding within a network or across a
>>> set of networks
>> 
>> In this case, same as before.
>> 
>> Normally, both of these are equal:
> 
> In ULAs they aren't.

Well, we don’t really know that… The scope of a collection of cooperating
networks choosing to exchange ULA routes could become global. It’s not
likely to, but it’s not impossible, either.

> Link-Local addresses generated using RFC7271s aren't either.
> 
> The IID is likely to be globally unique, even though the Link-Local
> prefix isn't. Combining the globally unique IID with the Link-Local
> prefix results in a globally unique Link-Local address - the
> forwarding scope of the packets with those addresses is limited to a
> link, however the RFC7217 LL address's scope of uniqueness is global.

Again, you’re talking about its scope of likely uniqueness and said
uniqueness is for all practical purposes nearly accidental and certainly
not a criteria of validity.

The scope of guaranteed uniqueness is link.

> and address uniqueness will limit
>> reachability.
>> 
> 
> I'm not sure I understand what you're saying.

Well… Two hosts with the same address on different networks are pretty
unlikely to be able to communicate. Thus, reachability is impaired.

> I am wondering if my definition of "reachability" is different from
> yours. I see it as describing the likely current forwarding capability
> of the network, because the main use of the term I've encountered is
> in the context of BGP.

I think in this context it refers to the ability to get a packet from
arbitrary host A to arbitrary host B. If A and B have unique addresses,
then this may be possible. If A and B have identical addresses, then this
is unlikely (absent stupid NAT tricks).

> So the "forwarding domain" is what is designed to be the case, whereas
> actual reachability depends on route tables, paths and links being
> available, ACLs or other security policies etc, intentional or not
> duplicate addresses (i.e. anycast).

The forwarding domain is what is intended to be possible within the established
limits. However, lack of uniqueness in addressing certainly constitutes one
of the limits imposed on the possible forwarding domain.

Owen