Re: [v6ops] Default IPv6 Local Only Addressing for Non-Internet Devices (Fwd: New Version Notification for draft-smith-v6ops-local-only-addressing-00.txt)
Jen Linkova <furry13@gmail.com> Wed, 16 October 2019 09:19 UTC
Return-Path: <furry13@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E96612088B for <v6ops@ietfa.amsl.com>; Wed, 16 Oct 2019 02:19:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Level:
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WICIQg5_ff-H for <v6ops@ietfa.amsl.com>; Wed, 16 Oct 2019 02:19:25 -0700 (PDT)
Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35CC5120889 for <v6ops@ietf.org>; Wed, 16 Oct 2019 02:19:25 -0700 (PDT)
Received: by mail-qt1-x832.google.com with SMTP id 3so35121963qta.1 for <v6ops@ietf.org>; Wed, 16 Oct 2019 02:19:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=anKYzR4l2lpfsWn/Z4Qr3kAHzCIgUmiIgEcodUoVQAg=; b=WgS6/UbaRTnzoj5DniC4v6yD+4MDMAHfCs6fJ7LP13Rdvcl7kd5e38Ve786SZNUE0s eCnYWK44ORTQHLBhHl3E2KaThJapzUKjlpP/CWSvFEPpZ9oMuhYDJSFy0DBKWPrulMmf yJrS14VkJ/CXwLTR6jmIx74dNFmRSdWOgAkyviY0nbqKePZVrN6KXEFVEbj70cfBIVnA /bXebMnAgmMTkdaYRln0JStBX8LOLys1okCW+p5tsWeOuPhLQfb0+7QntVomXsNwm3mX h8LkktBqBDGNgKmh6r/NQ4tto+Z0MJRc9tEpcOPhL4+kbKlDXxZ/aPwZpicMICqktqqa OjgA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=anKYzR4l2lpfsWn/Z4Qr3kAHzCIgUmiIgEcodUoVQAg=; b=npyZt8zITnVbvHw/45cuoG8wFmJAcbPFSXdeYXLVTfKhRMFO/bWR9fo8SFlpEdBfMJ i9N+bEQSlj/p9LPjlDQ0+O3hm6txJt0McFeGgQ/BSvHXRrOuPTXiWedshS0q1fA0Vvh9 8hBMbh+NaNSMSYPMBBN999kEns1yH20i2UCiTUfptzwhjTxh3OgtqeebCG6M68TXFlmw yiJvZXHBST9BSMay7Yu0BT4eHHreJs903DEta1fEHTkpGlBQZVKjaL8zMFAx5/5oVlWl kYASmPRg+gfmLb2pUu3SCNcaYFwQUFR3a/Fw0OCk8ApsS/w4YfNl4232o2tBsteZbdI8 V6IA==
X-Gm-Message-State: APjAAAW/vnQipzhVh//u7UbSNnsF8PVw8qBnadaHkhpfzHX7dl2Kt02B 1yFbzdZFf5kmXZYoglmbmGQT0q4QEsqn7sVQfn267JBa
X-Google-Smtp-Source: APXvYqwUuGO47V3PpYQIks2cp1W9/LVVI3y8rLopVz3XVKR1wufr3ZgyAuDoyPpYtEhoP6XIacvjQPDb+lzC7SGZ54A=
X-Received: by 2002:a0c:b59b:: with SMTP id g27mr41676128qve.184.1571217564000; Wed, 16 Oct 2019 02:19:24 -0700 (PDT)
MIME-Version: 1.0
References: <157110985111.24757.5250925329628210289.idtracker@ietfa.amsl.com> <CAO42Z2wFHVwUG+P8fhFqCJg9X4BN0JLooCtKjiQ8LsxzxKsCDQ@mail.gmail.com> <CAFU7BATLc8dF--hMhEoJj0n4bKD_MEt_BVbbEmGFp_hkrnaPqw@mail.gmail.com> <1E853367-E538-4C30-9689-3075BFB1D64F@gmail.com>
In-Reply-To: <1E853367-E538-4C30-9689-3075BFB1D64F@gmail.com>
From: Jen Linkova <furry13@gmail.com>
Date: Wed, 16 Oct 2019 20:19:12 +1100
Message-ID: <CAFU7BAQfXPzcpDVHu51JpjQUbB1aK+c3iCQEts=7PG842mryDg@mail.gmail.com>
To: Fred Baker <fredbaker.ietf@gmail.com>
Cc: Mark Smith <markzzzsmith@gmail.com>, v6ops list <v6ops@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/pm7__B0CYROGet_BBvGVwmUT9J0>
Subject: Re: [v6ops] Default IPv6 Local Only Addressing for Non-Internet Devices (Fwd: New Version Notification for draft-smith-v6ops-local-only-addressing-00.txt)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Oct 2019 09:19:26 -0000
On Wed, Oct 16, 2019 at 4:54 PM Fred Baker <fredbaker.ietf@gmail.com> wrote: > > On Oct 15, 2019, at 1:11 AM, Jen Linkova <furry13@gmail.com> wrote: > > > > The draft says '...when it is clear to a device manufacturer that a > > device should be isolated from the Internet by default..' > > I'm not sure it's possible to know that. > > It *is* possible for the device to prevent its packets from going elsewhere, Sorry I should have clarified: I'm questioning the statement that it's possible (or should be done) to know at the time of manufacturing that this particular device should be isolated from the Internet. Let's say I'm buying a printer. Or an IoT device (a sensor). How can the manufacturer know if I'm going to install it at my mom's home network with just one subnet (the link-local address would be sufficient), at my place (with subnets, so GUAs are needed or at least ULAs - but I would mean I have to configure my routers) or at my office (so GUA are required for the device to work)? Will I need to look for 'work with multiple network segments' sticker on a box before I buy a device (and shall I test it in the lab because vendors tend to be overly optimistic about their products feature set)? > assuming routers and proxies behave according to the rules and people aren't translating. That is a defined function of ULAs and Link-Local addresses. Not sure about ULAs. The ULA has global scope. If a device has a default gateway and ULAs only nothing would prevent it from sending packets with ULA source to any destinations. The network is expected to have a *policy* configured at its edge to block ULAs - so we are back to 'it's a policy decision if this device should or should not have global connectivity'. Let the administrator decide. -- SY, Jen Linkova aka Furry
- [v6ops] Default IPv6 Local Only Addressing for No… Mark Smith
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Ted Lemon
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Jen Linkova
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Gert Doering
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Dmytro Shytyi
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Ted Lemon
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Fred Baker
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Fred Baker
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Jen Linkova
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Mark Andrews
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Simon Hobson
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Jen Linkova
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Eliot Lear
- Re: [v6ops] Default IPv6 Local Only Addressing fo… Alexandre Petrescu