IETF Logo Mail Archive

Re: [v6ops] I-D Action: draft-ietf-v6ops-unique-ipv6-prefix-per-host-07.txt

Mikael Abrahamsson <swmike@swm.pp.se> Mon, 07 August 2017 10:48 UTC

Return-Path: <swmike@swm.pp.se>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 614C7132194 for <v6ops@ietfa.amsl.com>; Mon, 7 Aug 2017 03:48:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=swm.pp.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gex8-zstnTl0 for <v6ops@ietfa.amsl.com>; Mon, 7 Aug 2017 03:48:40 -0700 (PDT)
Received: from uplift.swm.pp.se (ipv6.swm.pp.se [IPv6:2a00:801::f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55F651321A4 for <v6ops@ietf.org>; Mon, 7 Aug 2017 03:48:40 -0700 (PDT)
Received: by uplift.swm.pp.se (Postfix, from userid 501) id 64EF2A2; Mon, 7 Aug 2017 12:48:38 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=swm.pp.se; s=mail; t=1502102918; bh=vY4jbXrE7GRlwwtnp2uXby5t2QDn3/ymR3JQ9MXtzXo=; h=Date:From:To:cc:Subject:In-Reply-To:References:From; b=czA80joviL9ytSsq7A/Augc8U0xIKOpHWcyaxDMhaK0exV7H18mDd2h1b4FTwDa+C zxTrzOb9VduES2SDq+UyLIBlMGH8XX8NKRwwZZTqDFhVKNDf6MTsdXlZDGA0WooOgD J0FjlFXdEXtnmYjumH7RtVIQPrHYYOJAMtHfcbn0=
Received: from localhost (localhost [127.0.0.1]) by uplift.swm.pp.se (Postfix) with ESMTP id 4B845A1; Mon, 7 Aug 2017 12:48:38 +0200 (CEST)
Date: Mon, 07 Aug 2017 12:48:38 +0200
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: Simon Hobson <linux@thehobsons.co.uk>
cc: v6ops list <v6ops@ietf.org>
In-Reply-To: <4B4511FB-5E38-46B9-870C-3882B55F852B@thehobsons.co.uk>
Message-ID: <alpine.DEB.2.02.1708071235420.2261@uplift.swm.pp.se>
References: <150148445751.17707.15424999122129322815@ietfa.amsl.com> <E6AC9174-3D6E-4FAD-B84B-B7E58FB149BC@gmail.com> <CAO42Z2xEs6RauD6Oo_NbqOh+FRVAu3NuveewSvRx7g1hS2-ToQ@mail.gmail.com> <94BC4E17-D490-4F50-9E99-2AAA081CD43C@gmail.com> <CAO42Z2zR_bWPqOHM7-RNsPX78np45UV=J67YD5gbpoCPUaLkAQ@mail.gmail.com> <FB14455C-F00E-49A4-936F-03BD44C4D42C@gmail.com> <CAO42Z2zLgw3cYapf=1y9pm4cWMZZ32DT2ryfPb6BGUFjCfmrMg@mail.gmail.com> <4939D55E-D37D-4551-9EB0-916FBACBC2BD@thehobsons.co.uk> <CAO42Z2wJBCo1yjguWSy-jzSvndeZTPgtN71FfdEhvqrVAUhZUA@mail.gmail.com> <9bd9f886-f53b-109f-d998-1d4c7adaf3b1@gmail.com> <B6A257C9-7E8A-452D-9C0F-0B10A31990CB@thehobsons.co.uk> <796A0ED0-0F58-43FA-9F81-D4D736A35F3B@steffann.nl> <BD3B4153-2EEF-4BFB-832D-D126A75AEC11@thehobsons.co.uk> <CAN-Dau2jzbQPuE5diEz-XzfRBHY=O1znE8hfy8P-Eee=MVwC_w@mail.gmail.com> <7C6C4FCC-26B9-493D-9992-4663DE6EB9CE@jisc.ac.uk> <4B4511FB-5E38-46B9-870C-3882B55F852B@thehobsons.co.uk>
User-Agent: Alpine 2.02 (DEB 1266 2009-07-14)
Organization: People's Front Against WWW
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/tGqN_-In7AXswZD3mVo9MBgC9j8>
Subject: Re: [v6ops] I-D Action: draft-ietf-v6ops-unique-ipv6-prefix-per-host-07.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Aug 2017 10:48:42 -0000

On Mon, 7 Aug 2017, Simon Hobson wrote:

> Presumably that means another separate prefix. And when 2003:: is used, 2004:: will get allocated and so on.

We have 2000::-3fff:: to get this right. If we deem that we're now wasting 
addresses, we'll have to come up with different policy for 4000::-5fff::: 
(the next /3.

> At what point will people be suggesting that we could have avoided the 
> routing table bloat by allowing better use of the prefixes ?

Routing table bloat happens because the allocated prefixes at the higher 
level are too small, not because they're too big.

If someone spends their /29 then next time we should give them a 
significantly larger prefix to avoid routing table bloat.

RIPE at least allocates a 8 times the size of your initial allocation off 
the bat, so anyone going to them saying "I have a million customers and I 
want to give each a /48" should receive a /28 or a /27, with a /25 
reserved for growth for them (in case they did receive a /28). This is to 
avoid routing table bloat.

> AFAICS the insistence that it must be /64 per host, rather than anything else (eg /80/host or /96/host) seems to be more religion than technical requirement.

> I can see the security (through obscurity) and privacy reasons why 
> individual addresses should come from a /64 (or at least, large) prefix 
> - but I fail to see much, if any, merit in allocating 2^64 addresses to 
> a single host "because we can".

It's /64 because we can't agree on a smaller size that makes sense to 
everybody, that at the same time isn't too small. I wouldn't call it 
religion, but I would call it "healthy sceptisism about what might happen 
otherwise".

Today a non-trivial amount of ISPs hand out /64 to residential users, 
probably because they they reason that a site is a single subnet. If we 
allowed /80, what stops them handing out /80? Or /79, because, why not?

I kind of like having this hard limit, it means there is reasonable 
expectation just by looking at the address that "this is a subnet", 
without having to know the remote end addressing policy. Sure there could 
be multiple customers within that /64, but we should drive towards having 
fewer customers sharing the same /64, as opposed to the other way around.

-- 
Mikael Abrahamsson    email: swmike@swm.pp.se

v2.23.0 | Report a Bug | By Email