Re: [v6ops] Discussion of draft-ietf-v6ops-ula-usage-recommendations

Alexandru Petrescu <alexandru.petrescu@gmail.com> Tue, 21 July 2015 16:26 UTC

Return-Path: <alexandru.petrescu@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D19A81A8F4E for <v6ops@ietfa.amsl.com>; Tue, 21 Jul 2015 09:26:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.983
X-Spam-Level:
X-Spam-Status: No, score=-4.983 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, HELO_EQ_FR=0.35, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_HI=-5, SPF_SOFTFAIL=0.665] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G7v4XPaHV1sg for <v6ops@ietfa.amsl.com>; Tue, 21 Jul 2015 09:26:26 -0700 (PDT)
Received: from sainfoin-out.extra.cea.fr (sainfoin-out.extra.cea.fr [132.167.192.145]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E804D1A0233 for <v6ops@ietf.org>; Tue, 21 Jul 2015 09:26:25 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by sainfoin.extra.cea.fr (8.14.2/8.14.2/CEAnet-Internet-out-2.3) with ESMTP id t6LGQOb9001184; Tue, 21 Jul 2015 18:26:24 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 64A7920266A; Tue, 21 Jul 2015 18:29:58 +0200 (CEST)
Received: from muguet1.intra.cea.fr (muguet1.intra.cea.fr [132.166.192.6]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 58E3720251D; Tue, 21 Jul 2015 18:29:58 +0200 (CEST)
Received: from [127.0.0.1] ([132.166.84.35]) by muguet1.intra.cea.fr (8.13.8/8.13.8/CEAnet-Intranet-out-1.2) with ESMTP id t6LGQNXS008215; Tue, 21 Jul 2015 18:26:23 +0200
To: Mark Andrews <marka@isc.org>
References: <6153A91F-7E9A-4579-BA06-72964568D343@cisco.com> <55AE54D3.7070502@gmail.com> <20150721152434.096C3338A4AD@rock.dv.isc.org>
From: Alexandru Petrescu <alexandru.petrescu@gmail.com>
Message-ID: <55AE72AF.4030609@gmail.com>
Date: Tue, 21 Jul 2015 18:26:23 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <20150721152434.096C3338A4AD@rock.dv.isc.org>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/kqa9SLku63OdANl9uULh3ETmZ7s>
Cc: v6ops@ietf.org
Subject: Re: [v6ops] Discussion of draft-ietf-v6ops-ula-usage-recommendations
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jul 2015 16:26:28 -0000


Le 21/07/2015 17:24, Mark Andrews a écrit :
>
> In message <55AE54D3.7070502@gmail.com>om>, Alexandru Petrescu writes:
>> 1. Brian suggested to recommend that globals should be there on the
>> machines having ULAs as well, if I understand correctly.
>>
>> But I think so only on some Hosts, mainly the Hosts of end users.
>>
>> 2. the ULA RFC suggests a ULA prefix can be generated out of a MAC
>> address.  That sixxs implementation does it.  Except it takes it too
>> serious: it does not accept a MAC address which is not a real MAC
>> address - in that oui.txt.  And random MAC addresses (for privacy)
>> certainly are not in that oui.txt.
>
> This is a ULA generator.  You do not need a MAC.
>
> % dd if=/dev/random bs=7 count=1 | od -t x1 | awk '/0000/ {print "fd" $2 ":" $3 $4 ":" $5 $6 ; exit}'
> 1+0 records in
> 1+0 records out
> 7 bytes transferred in 0.000024 secs (293601 bytes/sec)
> fd61:cb66:8851
> %

Are we sure that if I use this generator it will not clash with somebody 
else using other generator?

>> ULAs because the only tool out there (sixxs) can't refuses a copy paste
>> a MAC address from the widely used windows 7 laptops.
>
> *All* you need is 7 bytes of random numbers.  Many modern CPU's
> will do this for you today.  If you don't have that then you can
> use the pseudo random number generator in the rfc.

I agree.  But we want to make sure randomness is ensured.

> The algorithm is for CPE devices without a good source of randomness.

Ok.

Alex

>
>> I am not sure what the problem is, but it's very good to have a very
>> easy way to generate ULAs.
>>
>> 3. in an enterprise deployment there was a problem of ULAs deployed in a
>> intra-network and another ULA space in another intra-network, of the
>> same enterprise.  So we wanted to make sure two things: the two ULA
>> spaces are distinct, or otherwise make sure the gateway router does not
>> route between the two intranets' ULAs (but yes, route between their
>> respective GUAs).   I am not sure how to translate that into advice,
>> because I am not sure how it will unfold in the near future.
>>
>> Alex
>>
>> Le 21/07/2015 16:02, Fred Baker (fred) a =E9crit :
>>> https://tools.ietf.org/html/draft-ietf-v6ops-ula-usage-recommendations
>>>
>>>
>> "Considerations For Using Unique Local Addresses", Bing Liu, Sheng
>>> Jiang, 2015-05-03
>>>
>>> This draft came up from the floor this afternoon. I think we need
>>> some concentrated constructive conversation regarding it - we have
>>> had a lot of the other kind.
>>>
>>> What issues do we need to address to complete it. and what specific
>>> recommendations would that include?
>>>
>>>
>>>
>>> _______________________________________________ v6ops mailing list
>>> v6ops@ietf.org https://www.ietf.org/mailman/listinfo/v6ops
>>>
>>
>> _______________________________________________
>> v6ops mailing list
>> v6ops@ietf.org
>> https://www.ietf.org/mailman/listinfo/v6ops