Re: [v6ops] AWS ipv6-only features

"Chengli (Cheng Li)" <c.l@huawei.com> Mon, 29 November 2021 03:41 UTC

Return-Path: <c.l@huawei.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C75093A0BDB for <v6ops@ietfa.amsl.com>; Sun, 28 Nov 2021 19:41:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IgesEbQ5e-MG for <v6ops@ietfa.amsl.com>; Sun, 28 Nov 2021 19:41:43 -0800 (PST)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68C993A0BC9 for <v6ops@ietf.org>; Sun, 28 Nov 2021 19:41:43 -0800 (PST)
Received: from fraeml708-chm.china.huawei.com (unknown [172.18.147.206]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4J2WMT3Z08z6L87r; Mon, 29 Nov 2021 11:40:21 +0800 (CST)
Received: from dggpemm500004.china.huawei.com (7.185.36.219) by fraeml708-chm.china.huawei.com (10.206.15.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Mon, 29 Nov 2021 04:41:38 +0100
Received: from dggpemm500003.china.huawei.com (7.185.36.56) by dggpemm500004.china.huawei.com (7.185.36.219) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Mon, 29 Nov 2021 11:41:37 +0800
Received: from dggpemm500003.china.huawei.com ([7.185.36.56]) by dggpemm500003.china.huawei.com ([7.185.36.56]) with mapi id 15.01.2308.020; Mon, 29 Nov 2021 11:41:37 +0800
From: "Chengli (Cheng Li)" <c.l@huawei.com>
To: Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org>, Brian E Carpenter <brian.e.carpenter@gmail.com>
CC: IPv6 Ops WG <v6ops@ietf.org>
Thread-Topic: [v6ops] AWS ipv6-only features
Thread-Index: AQHX4fsYqxBd47KHg0+Uko/p51rt+qwUJp4AgAAJBgCAAAIgAIAAA8MAgAAvPoCABXtN0A==
Date: Mon, 29 Nov 2021 03:41:37 +0000
Message-ID: <0babde53844143028995ea1c442c5554@huawei.com>
References: <CAD6AjGRAkpMDaAh31mVL=+Gcz5PHejUxxLazr4Xb=vVRHfaSpw@mail.gmail.com> <CAO42Z2z8u_DQMd9eNSQp_RhBinXk2KyH4pdbVLMEqOta-hoG1w@mail.gmail.com> <CADzU5g5odQ82FJ0TsdNxFB42OkgLZ+PWanLLrK1roLojAUS54A@mail.gmail.com> <CAO42Z2z+ZJ_pLwZmBjZ_HFsNXQ6jok-PMRTP23ZD2UMch61wtw@mail.gmail.com> <12900505-8861-cdb4-0895-09e4db18e2eb@gmail.com> <CAKD1Yr3jZwORdNsg=FzObaY+7DDGwZR=6EVmu1GjeUgibwTsvQ@mail.gmail.com>
In-Reply-To: <CAKD1Yr3jZwORdNsg=FzObaY+7DDGwZR=6EVmu1GjeUgibwTsvQ@mail.gmail.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.112.40.81]
Content-Type: multipart/alternative; boundary="_000_0babde53844143028995ea1c442c5554huaweicom_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/uNFXgu6a1fcaKq1ddEurRhlBi08>
Subject: Re: [v6ops] AWS ipv6-only features
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Nov 2021 03:41:48 -0000

If I don’t remember wrong, ULA has the format of 8(FC00::/7 + L bit)+40 global ID+16 subnet ID. RFC4193.
The only different between Fc00::/8 and Fd::/8 is about how to allocate the 40 bit Global ID, but they are using the same format. Though Fd::/8 is failed in standards over 10 years ago.

I do really understand how can they use fd00:ec2::/16 with manually configuration. Weird. Why not IPv6 GUA? Much easy to be managed. Do they run out of IPv6 GUA or tenants don’t want it?




From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Lorenzo Colitti
Sent: Friday, November 26, 2021 7:52 AM
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: IPv6 Ops WG <v6ops@ietf.org>
Subject: Re: [v6ops] AWS ipv6-only features

On Fri, Nov 26, 2021 at 6:03 AM Brian E Carpenter <brian.e.carpenter@gmail.com<mailto:brian.e.carpenter@gmail.com>> wrote:
True, and I can't condone it, but as long as they don't leak it, the only
operator that can be damaged is AWS itself, so it's an own goal. In fact,
even if they do leak it, any competent ISP will drop it.

The damage is not to operators, it is to application developers. Using fd00:ec2::/16 pretty much guarantees that there will be collisions within EC2 itself. If collisions can happen, that means that applications will need to learn to work with NAT66 or at least with NPTv6. That's pretty much the worst thing they could have done for IPv6 I think.