Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-01.txt
Nick Buraglio <buraglio@es.net> Tue, 10 May 2022 16:01 UTC
Return-Path: <buraglio@es.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24206C15E6DA for <v6ops@ietfa.amsl.com>; Tue, 10 May 2022 09:01:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.852
X-Spam-Level:
X-Spam-Status: No, score=-5.852 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=es.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6prsHBc9lm0S for <v6ops@ietfa.amsl.com>; Tue, 10 May 2022 09:00:57 -0700 (PDT)
Received: from mail-lf1-x12c.google.com (mail-lf1-x12c.google.com [IPv6:2a00:1450:4864:20::12c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99069C15E6E5 for <v6ops@ietf.org>; Tue, 10 May 2022 09:00:57 -0700 (PDT)
Received: by mail-lf1-x12c.google.com with SMTP id b18so30115195lfv.9 for <v6ops@ietf.org>; Tue, 10 May 2022 09:00:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=es.net; s=esnet-google; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to:cc; bh=WZHBgGAKcKZe8CRd76Noo8rFT7kkwffd687HHUEb9FM=; b=lXLWVTuoeULCTs/bClIrvCQa3otqH3INuFeWvlJxD/19477DJn+Y36rXcxXRGtEhw0 YkD33YV0lWBAyTzt4ry+uj9B99IcuoG/sdH3UBYKEjheHOnfgqdD9mdvXnaN6FbW1AWW CAXPVb6jNLpwGNwOe6+UN6967y3xrH7JAHFCqxXL72WBK0QMDqmhWIlv1pzKQ3wNxwyW stB6KjGAE56CjG0RfGeeyGtC5Cq0cKzEqplMPvBtToDg408nj9XX+BBjo4I6GVtfTt3S jRqWlux3yxfLH+Q6PyNSvuES+HO6BI0lHjF8SWEnEzVOhFUvXiWr1xV+HESV5KkXqs3U Vljg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=WZHBgGAKcKZe8CRd76Noo8rFT7kkwffd687HHUEb9FM=; b=bpII/o2kvPpTzzuUSZA60COBj3EJQRJcYeqx82MhuMrum9n3FljZaaKvXs8SDrhe0J /MgRrp1xC9Wip5G6nOSU7bxHqwdZ8TVRWoED0FrntOaT8O5sM9XSf5jJojxq7gmE1hFm M3uq4LYG9S3w6w4AMsPlD8lElbesU79sFtGRMg2QJCZxqRfGaE6VFaUSKLI+ndxKYkQz 1IOWO2S0PqrvgOYwsdUX8DFoMUCGK5GTT86H2MDy2DBuTdIz53RWbI2Fn1UPYZ9TcuhC dblaHdStPfPigEGJl81TOP6e4PZ5kqLbcvkUv/dgo45I1UC4dQJ8YQnRa2dcE7rKkXxu tSjg==
X-Gm-Message-State: AOAM532gmeHf/EWdCygE1Qzy7uDRwHCisUblZ8/uZx0GarCeVkHjiQD+ Y59V8bL/eoyVONO8gia7G8MWeyyQrRiqO6OcAN4IWZDPbFQuIupnIT1otfDty1hiEW/6Ix9H7CB QpXw8A6U6hjBvzAxF8RhqGPrbtLkJkqH/yTvtJ5QEYz3QDdGtchxv3REtaz2f7V333zySVFXjck I=
X-Google-Smtp-Source: ABdhPJzXzNbo36jz1Fr7WqlmIG87PCZ7Xb3NrqQ6THjtngnp71JTRPBhO04S1k+jm9ONm9M11fj5/8HtiaTNU8qC2KE=
X-Received: by 2002:a05:6512:220d:b0:473:9ee1:660d with SMTP id h13-20020a056512220d00b004739ee1660dmr17330035lfu.326.1652198454702; Tue, 10 May 2022 09:00:54 -0700 (PDT)
MIME-Version: 1.0
References: <165064500009.9969.16134230557484818454@ietfa.amsl.com> <87aa5bcf-05cf-d170-1efb-d9caa6b48e6c@gmail.com>
In-Reply-To: <87aa5bcf-05cf-d170-1efb-d9caa6b48e6c@gmail.com>
Reply-To: buraglio@es.net
From: Nick Buraglio <buraglio@es.net>
Date: Tue, 10 May 2022 11:00:42 -0500
Message-ID: <CAM5+tA8P1iSwYArY_Qch=AiA4kw7m=ajHjKjeB5KmHgbeU8MHg@mail.gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: IPv6 Operations <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000fe1b5405deaa6d50"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/hkIfShNgwxzMiJ2zgjDWbMAq60A>
Subject: Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-01.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 May 2022 16:01:02 -0000
I added some additional verbiage based on your suggestions and addressed the NIT. nb On Sun, May 8, 2022 at 6:23 PM Brian E Carpenter < brian.e.carpenter@gmail.com> wrote: > Hi, > > Thanks for this draft. I have a few comments (and a tiny nit at the end). > > > The core issue is the stated interpretation from gai.conf that has the > following default: > > > > #scopev4 <mask> <value> > > # Add another rule to the RFC 6724 scope table for IPv4 addresses. > > I'm not sure why this matters. RFC6724 is quite correct to indicate that > most IPv4 unicast addresses formally have global scope, but auto-config > and loopback addresses have link-local scope. IPv6 is pretty much the > same, and in particular ULAs have *global scope* even though they are > not globally reachable. RFC1918 addresses are identical to ULAs in > that respect. > > Citing RFC4291 and https://www.rfc-editor.org/rfc/rfc8190.html#section-2.1 > would clarify the difference between global scope (architectural) and > globally reachable (practical). What we care about here is whether an > address is globally reachable ("no" for both RFC1918 and ULA, although > they are both architecturally global). Unfortunately this distinction is > lacking in the description of gai.conf and, I suspect, in the code of > Linux getaddrinfo(). > What I think is lacking in the draft is an explanation of how > getaddrinfo() works and why it matters. Here's a walkthrough that > I hope will help clarify what I mean: > > Consider an end-user network with the following properties: > > It is dual stacked. > It uses 10.1.0.0/16 > <https://streaklinks.com/BCrgR95yMi36cGo4vgrfW-nn/http%3A%2F%2F10.1.0.0%2F16> > (NATted to the Internet). > It uses (or wants to use) fdee:face:fade::/48 for internal IPv6. > It uses 2001:db8:fade::/48 for external IPv6 > > We'll neglect for now whether it has a subnet structure. It shouldn't > matter. > > Consider a host user.mynet.example.com, a local server > printer.mynet.example.com, > and a remote server www.theirnet.example.com. Assume they have these > various > addresses: > > user.mynet.example.com has: > > 10.1.0.1 > fdee:face:fade::1 > 2001:db8:fade::1 > > printer.mynet.example.com has: > > 10.1.0.10 (A record in local DNS) > fdee:face:fade::a (AAAA record in local DNS) > > www.theirnet.example.com has: > > 192.0.2.15 (A record in global DNS) > 2001:db8:cafe::f (AAAA record in global DNS) > > What do we *want* to happen? > > If user opens a connection to printer, we want it to choose > SA = fdee:face:fade::1 > DA = fdee:face:fade::a > > If user opens a connection to www, we want it to choose > SA = 2001:db8:fade::1 > DA = 2001:db8:cafe::f > > Now, if user does a DNS lookup, via getaddrinfo(), the results > will look like this (in the Python universe): > > For printer: > > (<AddressFamily.AF_INET: 2>, 0, 0, '', ('10.1.0.10', 0)) > (<AddressFamily.AF_INET6: 23>, 0, 0, '', ('fdee:face:fade::a', 0, 0, 0)) > > For www: > > (<AddressFamily.AF_INET6: 23>, 0, 0, '', ('2001:db8:cafe::f', 0, 0, 0)) > (<AddressFamily.AF_INET: 2>, 0, 0, '', ('192.0.2.15', 0)) > > At this point, consider what RFC6724 says: > > As a consequence, we intend that implementations of APIs such as > getaddrinfo() will use the destination address selection algorithm > specified here to sort the list of IPv6 and IPv4 addresses that they > return. Separately, the IPv6 network layer will use the source > address selection algorithm when an application or upper layer has > not specified a source address. > > Thus, to get the desired behaviour, what matters is destination > address selection: if we select DA = fdee:face:fade::a, then the > ULA source address will follow. > > Of course this is a small matter of programming, and most programmers > just pick the first address. That's why we need the Section 10.6 > mechanism of RFC6724, to insert an appropriate precedence like > > fdee:face:fade::/48 45 14 > > which will prioritize local use of ULAs but will change nothing > for off-site access. > > At that point in my thinking, I started coding the program that > I posted yesterday. > > Nit: > > s/gai.cnf/gai.conf/ > > Regards > Brian > > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops > ᐧ
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… otroan
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Nick Buraglio
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Nick Buraglio
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Nick Buraglio
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Ed Horley
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Fred Baker
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Ed Horley
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Nick Buraglio
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Nick Buraglio
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Nick Buraglio
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Nick Buraglio
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-buraglio-v6ops-ula-… David Farmer