IETF Logo Mail Archive

Re: [v6ops] draIn ft-ietf-v6ops-design-choices WGLC

"Ackermann, Michael" <MAckermann@bcbsm.com> Thu, 09 April 2015 14:41 UTC

Return-Path: <mackermann@bcbsm.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDEF31A8729 for <v6ops@ietfa.amsl.com>; Thu, 9 Apr 2015 07:41:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qgvEWbCzhEVr for <v6ops@ietfa.amsl.com>; Thu, 9 Apr 2015 07:41:34 -0700 (PDT)
Received: from mx.z120.zixworks.com (mx.z120.zixworks.com [199.30.235.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE4AD1A8727 for <v6ops@ietf.org>; Thu, 9 Apr 2015 07:41:25 -0700 (PDT)
Received: from 127.0.0.1 (ZixVPM [127.0.0.1]) by Outbound.z120.zixworks.com (Proprietary) with SMTP id 1F621102620 for <v6ops@ietf.org>; Thu, 9 Apr 2015 09:41:25 -0500 (CDT)
Received: from imsva2.bcbsm.com (unknown [12.107.172.81]) by mx.z120.zixworks.com (Proprietary) with SMTP id 64D2E1334C0; Thu, 9 Apr 2015 09:41:24 -0500 (CDT)
Received: from imsva2.bcbsm.com (unknown [127.0.0.1]) by IMSVA80 (Postfix) with ESMTP id 16C9D2F5188; Thu, 9 Apr 2015 10:38:31 -0400 (EDT)
Received: from PWN401EA110.ent.corp.bcbsm.com (unknown [10.64.80.218]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by imsva2.bcbsm.com (Postfix) with ESMTP id 01FE52F51B7; Thu, 9 Apr 2015 10:38:31 -0400 (EDT)
Received: from PWN401EA160.ent.corp.bcbsm.com ([fe80::fdcb:603d:469e:b1db]) by PWN401EA110.ent.corp.bcbsm.com ([::1]) with mapi id 14.01.0438.000; Thu, 9 Apr 2015 10:41:23 -0400
From: "Ackermann, Michael" <MAckermann@bcbsm.com>
To: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>, Philip Matthews <philip_matthews@magma.ca>, "Fred Baker (fred)" <fred@cisco.com>
Thread-Topic: [v6ops] draIn ft-ietf-v6ops-design-choices WGLC
Thread-Index: AdBwejVZflkIuUqSRyO7yHiQggoOUQBQBUQAADGQMIAAFEHyUA==
Date: Thu, 09 Apr 2015 14:41:16 +0000
Message-ID: <4FC37E442D05A748896589E468752CAA0CDAFE85@PWN401EA160.ent.corp.bcbsm.com>
References: <7DF32A06-80FA-461A-A387-DE55F1DB79DB@magma.ca> <2004183372.2937208.1428540561672.JavaMail.yahoo@mail.yahoo.com>
In-Reply-To: <2004183372.2937208.1428540561672.JavaMail.yahoo@mail.yahoo.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.10.35]
Content-Type: multipart/alternative; boundary="_000_4FC37E442D05A748896589E468752CAA0CDAFE85PWN401EA160entc_"
MIME-Version: 1.0
X-VPM-HOST: vmvpm01.z120.zixworks.com
X-VPM-GROUP-ID: 682d8942-ef13-4495-bac1-0cd2b13a7e45
X-VPM-MSG-ID: abb0128f-d9de-4854-a0ff-c73b4d27473d
X-VPM-ENC-REGIME: Plaintext
X-VPM-CERT-FLAG: 0
X-VPM-IS-HYBRID: 0
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/s8fB7fLUw0lSp455XCe_fie672E>
Cc: v6ops list <v6ops@ietf.org>
Subject: Re: [v6ops] draIn ft-ietf-v6ops-design-choices WGLC
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Apr 2015 14:41:38 -0000

Thanks for the good points Mark!

Documenting the pros and cons of using link locals as next hops, so that informed decisions can be made (especially by those perhaps less knowledgeable on IPv6),  would be a great benefit.       My organization is  just starting to test this, so I would appreciate input on this from those with more actual, practical experiences,  but  from what I have seen so far,  the link local benies would include:


1.       Omnipresence.

2.       Stability and unaffected by external events.

3.       More Secure

So pretty consistent with what you said.

What I do not know is what the drawbacks to using Link Locals for next hop might be?
I also wonder whether the pros and cons change,  if the device is an end host, vs a middle box?
Final related question is whether this situation is affected by the choice of or the presence of any routing protocols?

Thanks again!

Mike

From: Mark ZZZ Smith [mailto:markzzzsmith@yahoo.com.au]
Sent: Wednesday, April 08, 2015 8:49 PM
To: Philip Matthews; Ackermann, Michael; Fred Baker (fred)
Cc: v6ops list
Subject: Re: [v6ops] draIn ft-ietf-v6ops-design-choices WGLC


________________________________
From: Philip Matthews <philip_matthews@magma.ca<mailto:philip_matthews@magma.ca>>
To: "Ackermann, Michael" <MAckermann@bcbsm.com<mailto:MAckermann@bcbsm.com>>; Fred Baker (fred) <fred@cisco.com<mailto:fred@cisco.com>>
Cc: v6ops list <v6ops@ietf.org<mailto:v6ops@ietf.org>>
Sent: Wednesday, 8 April 2015, 11:10
Subject: Re: [v6ops] draIn ft-ietf-v6ops-design-choices WGLC


On 2015-04-06, at 19:10 , Ackermann, Michael wrote:

> HI Fred
>
> This will be a most beneficial document for those of us contemplating IPv6 deployments.
>
> A couple questions:
>

<snip>

>
> 2.  Section 2.2.1.  Most of the text in this section seems to suggest that using link-locals for next hop addresses is the best approach.  But there are a couple situations where it is not.  And then at the end it says "Today most operators use GUA's as next hop addresses".      As a neophyte reader I was uncertain what conclusion I should draw?

That, despite the specs seeming to say that static-routes should use link-local addresses, that in practice it can sometimes cause problems so most operators use GUAs instead.
Most large providers are large corporations with many employees with varying skill sets. These corporations have established procedures that work for IPv4 and most employees try to apply these IPv4 procedures to IPv6. Anything that causes IPv6 to be different than IPv4 means special procedures must be developed and taught to employees. Using link-local addresses in static routes is a difference, so most large providers don't use them.  Things can be different at a smaller provider where differences can be handled more easily.


/ Perhaps that means there needs to be a bit more explanation of the value of using link-locals so people can more easily make a value judgement?

/ My understanding is that link-locals were chosen to be used as next-hop values are for two reasons (a) link-local prefixes are always present (as per RFC4291), unlike GUAs or ULAs and (b) they allow less disruptive phasing in and phasing out of GUA/ULA prefixes across a network as static or dynamic routing next-hops won't be impacted by GUA/ULA changes.

/ Regards,
Mark


<snip>


The information contained in this communication is highly confidential and is intended solely for the use of the individual(s) to whom this communication is directed. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information is prohibited. Please notify the sender, by electronic mail or telephone, of any unintended receipt and delete the original message without making any copies.
 
 Blue Cross Blue Shield of Michigan and Blue Care Network of Michigan are nonprofit corporations and independent licensees of the Blue Cross and Blue Shield Association.

v2.46.0 | Report a Bug | By Email | System Status