IETF Logo Mail Archive

Re: [v6ops] ULA draft revision #2 Regarding isolated networks

Owen DeLong <owen@delong.com> Fri, 30 May 2014 01:44 UTC

Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0D4E1A0776 for <v6ops@ietfa.amsl.com>; Thu, 29 May 2014 18:44:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.041
X-Spam-Level:
X-Spam-Status: No, score=-1.041 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, DKIM_SIGNED=0.1, J_CHICKENPOX_27=0.6, LOTS_OF_MONEY=0.001, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uc2zpv4biQQj for <v6ops@ietfa.amsl.com>; Thu, 29 May 2014 18:44:37 -0700 (PDT)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id C83A11A0775 for <v6ops@ietf.org>; Thu, 29 May 2014 18:44:37 -0700 (PDT)
Received: from [IPv6:2620::930:0:225:ff:fe44:af17] ([IPv6:2620:0:930:0:225:ff:fe44:af17]) (authenticated bits=0) by owen.delong.com (8.14.2/8.14.2) with ESMTP id s4U1fd9e020867 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Thu, 29 May 2014 18:41:40 -0700
X-DKIM: Sendmail DKIM Filter v2.8.3 owen.delong.com s4U1fd9e020867
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=delong.com; s=mail; t=1401414100; bh=i/xM5NujqVX7J/Ze/aXRq5GBAQ8=; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc: Content-Transfer-Encoding:Message-Id:References:To; b=HSy7SxMk1S48wAF2INm7s+KbYdnMSC4ZDST0mdDeoX9sGxdiFeppXAf+P1LoNWKhf wcOdcMAYZbWrnuQYcGQkirlBBsiNuvnh+V5oX8v88QU4HL6RGsT6xbWIgeSQ4A5Tpr 6dbNbc24aDpxQLuDJMdZiDt4rnWXWtEmbW/D7oRY=
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Owen DeLong <owen@delong.com>
In-Reply-To: <20140528223020.4849316CCFC0@rock.dv.isc.org>
Date: Thu, 29 May 2014 18:45:01 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <08B0CED4-DFE3-4993-8343-2388540348E3@delong.com>
References: <8AE0F17B87264D4CAC7DE0AA6C406F453D8B6B9A@nkgeml506-mbx.china.huawei.com> <m261ks7xww.wl%randy@psg.com> <53840070.90801@gmail.com> <m2y4xn7wep.wl%randy@psg.com> <53840723.8010606@gmail.com> <CAKD1Yr1O_poMR200sjU=ttRvGaeQRkC1ZfXC0Ok4uQxdq3K=NQ@mail.gmail.com> <m2mwe37tbn.wl%randy@psg.com> <CAKD1Yr2t3-vxuG=iDi4biBNFpJwuzuHgfpB74i_uydWWRV7qZg@mail.gmail.com> <8AE0F17B87264D4CAC7DE0AA6C406F453D8B6E02@nkgeml506-mbx.china.huawei.com> <m2fvjv7q4h.wl%randy@psg.com> <m1WpDcc-0000BMC@stereo.hq.phicoh.net> <43BB867C-7BCA-45F6-8ADC-A49B34D6C0DC@nominum.com> <5384937A.90409@foobar.org> <m2iooq4oqi.wl%randy@psg.com> <5385762E.5020901@dougbarton.us> <5385AA97.1050207@fud.no> <6740CB67-2CE3-4F41-A513-971C3307975D@delong.com> <20140528223020.4849316CCFC0@rock.dv.isc.org>
To: Mark Andrews <marka@isc.org>
X-Mailer: Apple Mail (2.1874)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0rc1 (owen.delong.com [IPv6:2620:0:930::200:2]); Thu, 29 May 2014 18:41:40 -0700 (PDT)
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/cv_L8cs8lVLNpkHmIxNzCQbRj08
Cc: V6 Ops List <v6ops@ietf.org>, Tore Anderson <tore@fud.no>
Subject: Re: [v6ops] ULA draft revision #2 Regarding isolated networks
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 May 2014 01:44:40 -0000

On May 28, 2014, at 3:30 PM, Mark Andrews <marka@isc.org> wrote:

> 
> In message <6740CB67-2CE3-4F41-A513-971C3307975D@delong.com>, Owen DeLong write
> s:
>> 
>> On May 28, 2014, at 2:21 AM, Tore Anderson <tore@fud.no> wrote:
>> 
>>> * Doug Barton
>>> 
>>>> We have a substantial number of medium-sized enterprises which share
>> the
>>>> following characteristics:
>>>> 
>>>> 1. They are large enough to have some internal resources that need
>>>> addressing (printers, file servers, maybe a web site or two)
>>>> 
>>>> 2. They are small enough that PI space and their own ASN are not
>> practical
>>> 
>>> You don't need an ASN to use PI space.
>> 
>> Except possibly in the APNIC region due to previously discussed very high
>> fees,
>> I'm not sure why you think PI space is not practical for small
>> organizations. I've
>> set up multi homed connections for a number of small businesses,
>> including even
>> some one-man operations with gross revenues under US $250,000 annually.
> 
> Because it is actually more error prone than ULA when you are not
> able to use the prefix for routing as there is no automatic built
> in support.  Also running two GUA in parallel (PA + non-routeable
> PI) will be harder to debug.  I realise that your PI is being routed.
> You are the exception here.

Who says we didn’t use the prefix for routing. All of the situations
I was describing are doing BGP with their upstreams and advertising the
prefixes in question.

> This will actually encourage more NATPT or traditional NAT than ULA
> will as the defaults are right for ULA + PA.

They’re even more right for PI+Routing.

> You are trading off P(collision) of epsilion when merging two ULA
> domains with a continual debugging and configuration issues.  Every
> time you add a router you need to remember to filter this prefix
> to get ICMP unreachable returned.  If you have multiple sites then
> you have lots of per site configuration.

Only if you’re not using the prefix for routing.

> With ULA I can see fd..... and identify that it is a ULA address
> so I can easily see when a node is choosing the wrong address when
> debugging.

Sure.

> Remember also homenet is doing SADR.  It so there will be even more
> pressure to not announce yet another prefix as support for that
> gets added to the very low end CPE devices.  If they can do it all
> the more professional devices will need to support it so there will
> be no escaping it.

We’re not talking about home net here, though I’d never implement what
home net is currently considering in my home.

> If you get to the stage where you can get a PI routed, then sure use
> that, but until you are at that stage non-routed PI is actually worse.

My point is that the point where that stage occurs is MUCH MUCH lower than
many people appear to think it is.

It can be done on very cheap hardware with free software very effectively for
very little cost.

Owen

v2.23.0 | Report a Bug | By Email