IETF Logo Mail Archive

Re: [v6ops] I-D Action: draft-horley-v6ops-lab-00.txt

Ed Horley <ed@hexabuild.io> Mon, 14 June 2021 22:50 UTC

Return-Path: <ed@hexabuild.io>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0AED3A11A4 for <v6ops@ietfa.amsl.com>; Mon, 14 Jun 2021 15:50:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.888
X-Spam-Level:
X-Spam-Status: No, score=-1.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hexabuild-io.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s3CB5tZJ6dxE for <v6ops@ietfa.amsl.com>; Mon, 14 Jun 2021 15:50:53 -0700 (PDT)
Received: from mail-ua1-x933.google.com (mail-ua1-x933.google.com [IPv6:2607:f8b0:4864:20::933]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1C673A11A2 for <v6ops@ietf.org>; Mon, 14 Jun 2021 15:50:53 -0700 (PDT)
Received: by mail-ua1-x933.google.com with SMTP id g34so6019350uah.8 for <v6ops@ietf.org>; Mon, 14 Jun 2021 15:50:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hexabuild-io.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Ug3Y3nWhEiBxMT7SWHOO16TFo7Lgxvjh1Ki5D3Gccl4=; b=T/9rcuwwAP7X+d6I5zfhEqz/uZVU9p5p+Ep7A2PFkaENs/2h42g+ikbE4VwrvrHQwL 0ex9DiHFjb3jfTKhlYqJvwEOG/nmUViX/qlWq5lRmSeTfsTlF8Tn2NTBSsjqbb3mOM7/ F/xyPcM/Q1bCRZopTJzyMhUepMlapUsJNDRNHwfF4jE45zjcH8eH7S2grsG/WBClVR5A tvTYnwVoi37BFVwUvtnK7C/5B//CFeb2uXYGUlZ+XCpopQwqQ05yOT+Jgay5G4HA85Mf l1965aPlrPWKbSc6/XZjBC4kfp5OINfEcuVTWAnAZq3kYFcp8XUXb5B6b3swFYaVfLnn 4n/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Ug3Y3nWhEiBxMT7SWHOO16TFo7Lgxvjh1Ki5D3Gccl4=; b=QzbmojoM33M/Qp9DqBBbCLvxgZiu3KyAeC7doEFkRuTVNBW6jUvwBGaPNc/wjN8eyh 4nlji8d8PiNqmD9R4QEFotukKjasfRsTbzKNPly6WNxuTxrKYjTN95QjBn+ZnJ/2MmKY VHbhZuSU8RFMcgyM+5bo2gexed4mNsF/v9fioahDTw05uFHmczWQWppo3s7PtKuA3fCj +i5OmdoouX/E6/cYG3TBpjzQbkGxjaqnYFqsp0sSRZ94SuhpNw09vPIZT0scawnIN8BF nE1oej/OHBI8Oe2nBoO0Fz0eKqXYINUzG9RcPyatqGyAJOhvKi11X7nXi0s2k4PGwwrI ZdEA==
X-Gm-Message-State: AOAM530r31nfM76zYXWD1685ZO/NDdleEL2B71K789GE3wItKodasCW+ OyG1RXZmJVZzSo5b8dIb1a9qMca0mlVGHlZDObIXdg==
X-Google-Smtp-Source: ABdhPJwsNkYrqbth+3jNPFPwfz++mgNN4pd7xV3sDSHf53Ks0KNmedh+IICAq9nRmXJwIw7dCslCW09Jh5WhtjFR+EE=
X-Received: by 2002:ab0:3750:: with SMTP id i16mr15285632uat.84.1623711051661; Mon, 14 Jun 2021 15:50:51 -0700 (PDT)
MIME-Version: 1.0
References: <162293202497.20978.11278185466573537743@ietfa.amsl.com> <d928f260-e0b1-7672-7114-7ac09dace037@gmail.com> <YMeqmaptccNjQnDM@dwc-desktop.local>
In-Reply-To: <YMeqmaptccNjQnDM@dwc-desktop.local>
From: Ed Horley <ed@hexabuild.io>
Date: Mon, 14 Jun 2021 15:50:40 -0700
Message-ID: <CAE=N4xfvMJw59qQE9gg24GcoK9XXOfjw-CXJ3DsKm3dU4Bk-Mw@mail.gmail.com>
To: "Dale W. Carder" <dwcarder@es.net>
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, IPv6 Operations <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000073dc1005c4c1b078"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/kf2kgxaZfn5SotC7piPREEV79PY>
Subject: Re: [v6ops] I-D Action: draft-horley-v6ops-lab-00.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Jun 2021 22:50:59 -0000

Dale,
Comments inline below with [ETH] starting my comments

On Mon, Jun 14, 2021 at 12:15 PM Dale W. Carder <dwcarder@es.net> wrote:

> Thus spake Brian E Carpenter (brian.e.carpenter@gmail.com) on Fri, Jun
> 11, 2021 at 10:22:51AM +1200:
> > My concern about this draft is that it intentionally creates ambiguous
> address space, something we have very carefully avoided since the beginning
> of IPv6.
>
> I'm not sure I worry as much about ambiguous as having more prefixes
> be marked "special", some of the implications of which seem may be at
> the heart of this proposal.
>
> In draft-horley-v6ops-lab-00.txt,
>
> "For instance, designing labs utilizing ULA fc00::/7
>    [RFC4193] is problematic due to the random global ID requirement
>    preventing hierarchical network prefix design possibilities."
>
> Have the authors considered updating 4193?  Is the randomness the issue,
> or is the resultant /48 the issue?  (of course, one could utilize
> multiple random /48's as I think has been pointed out)
>

[ETH] RFC 4193 section 3.2 is pretty clear.
"  The allocation of Global IDs is pseudo-random [RANDOM].  They MUST
   NOT be assigned sequentially or with well-known numbers.  This is to
   ensure that there is not any relationship between allocations and to
   help clarify that these prefixes are not intended to be routed
   globally.  Specifically, these prefixes are not designed to
   aggregate."

The authors of RFC 4193 felt the pseudo-random property important enough
aspect of ULA to make it a "MUST NOT" use without it. In addition, because
of that specific requirement, there are operational implementations of ULA
that have this REQUIREMENT already built into it. For us to come back and
change that fundamental characteristic now would likely cause more pain and
confusion. It is far simplier to assign the use of a currently deprecated
address space (we are proposing 200::/7, but I am certainly open to hearing
if others have a better recommendation) and move forward without changing a
fundamental attribute of ULA.


>
> "Further, default address selection behavior [RFC6724] by end nodes
>    may result in a depreferencing of such addresses and prevent lab
>    deployments from accurately modeling their desired non-lab
>    equivalents."
>
> And this is the implication of having prefixes marked as special.  The
> default behavior (which is only a SHOULD, i think) is not configurable or
> at least not in a sane manner on a variety of platforms.  Presumably the
> closed ecosystem devices (handhelds, particularly) have a goal of
> minimizing user complaints and implement the table as specified, notably
> with ULA at a lower precedence than GUA.  Would your document also need
> to update 6724's table?  If I were a closed ecosystem vendor, once I
> found out that $new_prefix gets assigned for lab use, I would probably
> be inclined to move it fc00::/7 now that it becomes "special" rather
> than as a stock GUA.
>
> [ETH] If we adopt something other than ULA (fc00::/7), Site-Local
(fec0::/10), 6bone (3ffe::/16) then there is nothing that needs to be done
to RFC 6724. I would prefer to not update or touch RFC 6724 at all. The
current prefix policy table in 6724 is:

      Prefix        Precedence Label
      ::1/128               50     0
      ::/0                  40     1
      ::ffff:0:0/96         35     4
      2002::/16             30     2
      2001::/32              5     5
      fc00::/7               3    13
      ::/96                  1     3
      fec0::/10              1    11
      3ffe::/16              1    12


Everything below (less than Precedence 35 for ::ffff:0:0/96) is
functionally useless on an dual-stack network. The majority of lab
implementations, we believe, will utilize a dual-stack approach and if ULA,
Site-Local or even 6bone address space is used for lab purposes, you will
NOT have a realistic set of host OS behaviors compared to when you actually
deploy with GUA. To state it simply, ULA is not a functional solution for
the lab prefix without fundamentally changing both RFC 4193 (see comments
above about why that is a poor idea) and also RFC 6724.

To avoid this very simple problem, we felt the solution was to just assign
GUA space that is for a lab function, mark it as "MUST" be filtered at the
Internet edge, have IANA reserve it for that purpose and the problem is
solved. We picked, as I mentioned above, 200::/7 because it is reusing a
large prefix allocation that is currently marked as deprecated by IANA (not
useable). So we are bringing life back to an address space, that will still
work for the lab functional requirement, and not allocating something that
could break up the larger address prefixes that could be assigned to any of
the RIRs. We saw this as a win/win/win. We don't have to change RFC's, we
don't need to change software OS code, we are recycling/reusing without
breaking out additional address space from the useable GUA ranges not
allocated yet.

Dale
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>


-- 
Ed Horley
ed@hexabuild.io | (925) 876-6604
Advancing Cloud, IoT, and Security with IPv6
https://hexabuild.io
And check out the IPv6 Buzz Podcast at
https://packetpushers.net/series/ipv6-buzz/

v2.23.0 | Report a Bug | By Email