Re: [v6ops] Scope of Unique Local IPv6 Unicast Addresses (Fwd: New Version Notification for draft-gont-6man-ipv6-ula-scope-00.txt)

[Brian E Carpenter <brian.e.carpenter@gmail.com>]

On 07-Jan-21 11:23, Fernando Gont wrote:
> On 6/1/21 18:30, Brian E Carpenter wrote:
>> Portmanteau reply to multiple messages:
>>
>> On 06-Jan-21 20:07, Lorenzo Colitti wrote: ...
>>> So I guess I'm somewhere between 1) and 3). The specs are
>>> consistent but they fail to consider human behaviour, so they don't
>>> actually work in practice.
>>
> [...]
>>
>> The problem is largely theoretical, and educational for people who
>> train IPv4 users in IPv6 terminology and practices. As Fernando has
>> pointed out, the use of the word "global" is confusing for something
>> that has L for "local" in its name.
> 
> There is indeed a terminology issue, which ends up making it complicated 
> to explain e.g. the concept of "scope" as a result.
> 
> 
> 
>> On 07-Jan-21 01:17, Ted Lemon wrote: ...
>>> GUA: “valid everywhere on the internet scope” ULA: “not valid
>>> everywhere scope” LLA: “valid only on this link scope”
>>
>> Friendly amendment:
>>
>> GUA: valid everywhere ULA: Unique Limited-domain Address LLA: valid
>> only on this link
> 
> Would certainly also work.
> 
> 
>> On 07-Jan-21 04:13, Philip Homburg wrote: ...
>>> Some things don't need fixing even if they are not 100% correct.
>>
>> +1
> 
> My take is that if the topics is confusing for us, we cannot expect it 
> to be any better for others.
> 
> 
> 
>> On 07-Jan-21 05:26, Gert Doering wrote: ...
>>> Why should applications, or anything that is not an admin, care if
>>> an address is a ULA or a GUA?
>>
>> It depends on what you mean by "application". I've written code that
>> explicitly prefers a ULA, and I could imagine a security spec saying
>> "prefer ULA". But anyway, it's not really a problem, is it? (It's
>> annoying to me that in Python, a ULA has .is_global == False, but I
>> managed to code round that error.)
> 
> The question is: Is it an error?

According to the addressing architecture and the ULA definition, it's
an error. It's also a tricky one to fix, because who knows what running
code might depend on it?

A test for ULA-ness in Python, using only the address properties that the
ipaddress module already defines, is:

def is_ula(a):
    """Test for ULA"""
    return (a.is_private and not a.is_link_local
             and not a.is_loopback
             and not a.is_unspecified)

which also, not coincidentally, returns True for RFC1918 addresses.
(Of course you could equally well do a bit-mask test.)

> I've just checked the most "up to date" textbook that I have at hand on 
> IPv6. Page 335 has a subsection entitled "Global addresses versus ULAs".
> The discussion in the textbook is indeed fine.
> 
> Could one actually make the case that e.g. Python's library should 
> change? If it did, it would be counter intuitive. It would match 
> RFC4193/4291, but not RFC4007, e.g. the textbook I've checked, and the 
> intuitive meaning of private/global.

That's of course exactly why the term "globally reachable" was added
by RFC8190. My objection to the Python library is not that it provides
the property .is_private, which is very clear, but that it asserts that
ipaddress.IPv6Address("fd63:45eb:dc14:0:8546:6ab7:1529:b435").is_global
is False. Because according to the Proposed Standard RFCs,
ULAs are both private and global.

Unfortunately I don't think it's reasonable to ask for a non-backwards-
compatible change in the Python library. If you were maintaining such
a widely used library, would you want to break compatibility?
 
> FWIW, I don't think there's a problem with how ULAs work. But I do think 
> that the terminology problem does have ramifications.

Yes.
   Brian