Re: [v6ops] draft-ietf-v6ops-host-addr-availability WGLC
Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 23 September 2015 20:40 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DD0C1B2C09 for <v6ops@ietfa.amsl.com>; Wed, 23 Sep 2015 13:40:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nt807UpQFc29 for <v6ops@ietfa.amsl.com>; Wed, 23 Sep 2015 13:40:35 -0700 (PDT)
Received: from mail-pa0-x230.google.com (mail-pa0-x230.google.com [IPv6:2607:f8b0:400e:c03::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 853631A009E for <v6ops@ietf.org>; Wed, 23 Sep 2015 13:40:35 -0700 (PDT)
Received: by padhy16 with SMTP id hy16so50220465pad.1 for <v6ops@ietf.org>; Wed, 23 Sep 2015 13:40:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-type :content-transfer-encoding; bh=8uwM3+jEYZ66GvRgAIxpHZm0ph+tzxnWOrl1gIEQo9o=; b=ZaXAwZ4qaaY74GK7qytOA5/7Kvy8ZqGlOc1ByuYFa7p5yTHtPIBTxkYl8jo93ffwSp IMxsnSs770QMoi/p5Xofvrjl1fuLPz9Zvxd8VcuvrTzBPoaZRSZFplHksGFQv33ZHMpv OsY3s/wAv+WaLLXxaKdxJshvROfrNUA3t1ZipKHLPENkk6vNkYA02IgbjagnZzyfzx1H tKzFnM8a2lLqbUAKvXZ2ju07CxOPxtjwy2wyG2TTAgl5VAQZQQ7zrBkEtghD0qQ7xRTm /uw+4sMU9D8NHbczdXoYkkht1OxfTXJ+obIb20f4c2WpHpi9J4/ektWYnIFVqS+bOv7R xWdw==
X-Received: by 10.66.102.74 with SMTP id fm10mr17564860pab.151.1443040835105; Wed, 23 Sep 2015 13:40:35 -0700 (PDT)
Received: from [192.168.178.25] (238.225.69.111.dynamic.snap.net.nz. [111.69.225.238]) by smtp.gmail.com with ESMTPSA id d13sm9601407pbu.17.2015.09.23.13.40.31 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 23 Sep 2015 13:40:33 -0700 (PDT)
To: Lorenzo Colitti <lorenzo@google.com>
References: <201509131800.t8DI03cc026651@irp-lnx1.cisco.com> <CAJE_bqdjg+2iT6LzmmFhwvoxq8w41s4CzmD2mvJ2Auy1K0s_Rg@mail.gmail.com> <alpine.DEB.2.02.1509172241410.8750@uplift.swm.pp.se> <CAJE_bqejAFgsDbvm7HwL+6Rb7Be2kjOAECos7ki51U0h4YLoTg@mail.gmail.com> <CAKD1Yr3TRyCc4qqF_6rTO6BB5v+nc=wgfuAj-fzm_Uih+AiWVg@mail.gmail.com> <CAJE_bqfy5puvPO-a1_VeuNo4AUZdAZsjJfu=qEn9QphzcWQzgQ@mail.gmail.com> <CAKD1Yr1QVQCoj4i3ET2kKhc-6YzKSe83d+Nbzdvi_fwtsym3Nw@mail.gmail.com> <5601BDE9.6000609@gmail.com> <CAKD1Yr1YTi3uKmCQN1yVUnE2BbTzuEWBajREhW8OhDYhTCk21A@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <56030E44.9010101@gmail.com>
Date: Thu, 24 Sep 2015 08:40:36 +1200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <CAKD1Yr1YTi3uKmCQN1yVUnE2BbTzuEWBajREhW8OhDYhTCk21A@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/n8Hs_uAq6ywgc64tU4_N-w5NJW4>
Cc: "v6ops@ietf.org" <v6ops@ietf.org>, 神明達哉 <jinmei@wide.ad.jp>
Subject: Re: [v6ops] draft-ietf-v6ops-host-addr-availability WGLC
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2015 20:40:37 -0000
On 23/09/2015 22:38, Lorenzo Colitti wrote: > On Wed, Sep 23, 2015 at 5:45 AM, Brian E Carpenter < > brian.e.carpenter@gmail.com> wrote: > >>> These networks >>> are likely *not* concerned with per-device revenue, but they still >> provide >>> a limited number of addresses for other reasons (some of which may be >>> operational, or even scaling reasons). >> >> And I don't think your document will succeed in its purpose unless it >> explicitly recognises that those operational or scaling reasons may be >> reasonable and valid. As you know, operators will do what they need to do. >> >> Let's see: on a campus with a few tens of thousands of students, mainly >> connected wirelessly, will we have problems if a few hundred of them run >> a popular new app that generates a couple of thousand addresses when >> given a /64 to play with? >> > > It depends whether there are any stateful devices in the path, and how > smart those stateful devices are. A university campus with no stateful > firewall and only IPv6 will never have scaling issues if it assigns a /64 > per device. A campus that uses stateful firewalls might - but note that > this is a problem even today, and even in IPv4 - a determined attacker can > attempt to exhaust NAT or firewall state by opening lots of connections to > lots of different IP addresses, for example. > > Ditto if they catch a Trojan that knows how to have fun with its own /64. >> How quickly will the whole campus be black-listed? >> > > Never, because any server that supports IPv6 today needs to survive in the > presence of residential users with /56 prefixes and spammers / DoSers with > servers in datacenters that get /48s from tunnel brokers. The content > providers and CDNs started seeing and dealing with those attacks a long > time ago. > > >> Will the campus have severe legal problems if a couple of thousand students >> use a new address-agile file sharing app that saturates any form of >> audit logging, so that offending users can't be identified? >> > > Not if the campus assigns a /64 per device or per user. They can just pin > the blame on that /64. And my whole point: if assigning a /64 does *not* cause scaling, logging or security problems the draft needs to explain why not, as you and Mikael and Mark have done. Otherwise, I can pretty much guarantee that those arguments will be used against it. (And I forgot to mention ND cache scaling.) Brian
- [v6ops] draft-ietf-v6ops-host-addr-availability W… fred
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Brian E Carpenter
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandru Petrescu
- Re: [v6ops] finer-grain Extend the Network (was: … Alexandru Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mark Smith
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mark Smith
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Pierre Pfister
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mark Smith
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… David Farmer
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mudric, Dusan (Dusan)
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Owen DeLong
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Brian E Carpenter
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… David Farmer
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… 神明達哉
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Brian E Carpenter
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… David Farmer
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Silvia Hagen
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… 神明達哉
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… sthaug
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mark Smith
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… sthaug
- [v6ops] draft-ietf-v6ops-host-addr-availability W… fred
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Erik Kline
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… joel jaeggli
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… 神明達哉
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mark Smith
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mark Smith
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… STARK, BARBARA H
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… David Farmer
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… 神明達哉
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Brian E Carpenter
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mark Smith
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] ND and Host/Router strength models (w… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Brian E Carpenter
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mark Smith
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… 神明達哉
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Templin, Fred L
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mark Smith
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Matthew Petach
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Brian E Carpenter
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Mikael Abrahamsson
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Brian E Carpenter
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Havard Eidnes
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Templin, Fred L
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Gert Doering
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Gert Doering
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Templin, Fred L
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Brian E Carpenter
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Templin, Fred L
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Joe Touch
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Alexandre Petrescu
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Templin, Fred L
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Fred Baker (fred)
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Brian E Carpenter
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… George, Wes
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Dale W. Carder
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… David Farmer
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Lorenzo Colitti
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Templin, Fred L
- Re: [v6ops] draft-ietf-v6ops-host-addr-availabili… Brian E Carpenter