[v6ops] Re: Dynamic addresses

Daryll Swer <contact@daryllswer.com> Sat, 10 August 2024 22:55 UTC

Return-Path: <contact@daryllswer.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21885C14F6AA for <v6ops@ietfa.amsl.com>; Sat, 10 Aug 2024 15:55:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=daryllswer.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 73m6Wa3xhSJ4 for <v6ops@ietfa.amsl.com>; Sat, 10 Aug 2024 15:55:26 -0700 (PDT)
Received: from mail-yb1-xb31.google.com (mail-yb1-xb31.google.com [IPv6:2607:f8b0:4864:20::b31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C0648C151536 for <v6ops@ietf.org>; Sat, 10 Aug 2024 15:55:26 -0700 (PDT)
Received: by mail-yb1-xb31.google.com with SMTP id 3f1490d57ef6-e0ea24477f0so2690911276.2 for <v6ops@ietf.org>; Sat, 10 Aug 2024 15:55:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=daryllswer.com; s=google; t=1723330525; x=1723935325; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=IrYJLYlkrr1ZtdDOXdFq0vtYXMIzqqOBL63SQ/oRkk4=; b=KE1RxYW5IF5dICnPJe4mXxt2fe/09xxuS7s4intgam1Rm8IUG946tIuCvLJUOG5bIQ YexQ6IR85JIZu2uP9Dks9iqoB8CEZpNQpKDG/u+gw8xhIrdlnw+pXAmtFSwKWfjf4qyw 34fvYAQ+tFxDvP+j8lZFHYBypgHl9JXlQsmuVpDaTxuCSB0ptNEXmha8r7moI5t8VLzJ Y1w4nymSy2ebM/s6H6KUBK+GrmC37dxM5LDQ6dAkjgNTU21wrrL96I7dkslTBoKDmWD6 oPZZ7+qdQ2WR0d8/TKDKycgPafvfQeohlDiAbHapdL+a9ZVfJtkYd+AOciCfP3mxbpYI o64w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723330525; x=1723935325; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=IrYJLYlkrr1ZtdDOXdFq0vtYXMIzqqOBL63SQ/oRkk4=; b=ZtWJBYaV4iLIb/fIv2FaqYG7Eeqm4KON8WuitYccbWZTvKQZ4gQiPtyFF+OB/3mtgm kEo5UzenjBuYKJ6nh6JAKzIJlIZTMB0z8s/5EaSeuWVKuwUEg+qCe8g+VZ+F5r7bsdzC Ou11iHEytbp56JcQKZllrrgBjZj35aonftbRPQkHPl8mqZw8rmQpglFRAZgsxiXRCH+G btJ/Pwv+EmSYMeI/h7fXPjw82NP0KAQSejTqja/l2mLa3syMRVRVJKl/UtSt+TQuiB+x laXf1DcOgIrLVORl3jSvFBg98BdDhvKGQbiJDexj7dzNE1clpA0wYZm9BOcsIyDCzMR2 YSPA==
X-Forwarded-Encrypted: i=1; AJvYcCUidq182/HseQfkwHRYqy1/l3LhuLLlGJpokxJsvpgDhgC6F1Tq3BaNU8/kE2SaW3YNOwW+7ERKG9fgZiSosA==
X-Gm-Message-State: AOJu0Ywe4jCzTU6mTIAqmG6MOWmkjsIDCZzKk6GTcEaoqMNLKBBbw0cE 3N4Idva+GJqUILKI0U/t9L1Il/bEo0Cxdkq0iD3nVM+dK80IjhuMvWdlEKlsrdmAtLE1mipmGbQ qdTU=
X-Google-Smtp-Source: AGHT+IE1lLfKsnWI07+g/LXZQ7iPBcoU+Hh6t7OuEf3sJYoMdPRSIsza9Kzqy4MmxbDoZGt53WYijQ==
X-Received: by 2002:a05:6902:1509:b0:e0e:9371:4e35 with SMTP id 3f1490d57ef6-e0eb98e00e7mr6661801276.8.1723330524687; Sat, 10 Aug 2024 15:55:24 -0700 (PDT)
Received: from mail-yb1-f180.google.com (mail-yb1-f180.google.com. [209.85.219.180]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e0ec8ca637asm498676276.59.2024.08.10.15.55.24 for <v6ops@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 10 Aug 2024 15:55:24 -0700 (PDT)
Received: by mail-yb1-f180.google.com with SMTP id 3f1490d57ef6-e087641d2a2so3146936276.0 for <v6ops@ietf.org>; Sat, 10 Aug 2024 15:55:24 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCU+JiNBbuAdqaB2Gc0ZCgYIM9Vb4ZupXJRlhaMG1t/K43aVeC45Ln3sYfBkFcXxStzDW/HZoEZzRaRxJSNlmQ==
X-Received: by 2002:a05:6902:1204:b0:e05:7ae1:5386 with SMTP id 3f1490d57ef6-e0eb992e5famr6562165276.13.1723330523717; Sat, 10 Aug 2024 15:55:23 -0700 (PDT)
MIME-Version: 1.0
References: <df01e0f8-1b0d-4792-be2c-89a59da7de49.ref@swbell.net> <df01e0f8-1b0d-4792-be2c-89a59da7de49@swbell.net> <CAJgLMKte1H3FaoQOhc7_No=SNdczQFo2_mp2c1FvTOqLCRFm2g@mail.gmail.com> <6e70bed7-6f84-4a4a-90f8-fec1d10a599b@swbell.net> <CAJgLMKsXHcxzu8Kbrg1pu9SDkGDH0b1bWzW__CrfpDaSv3Joog@mail.gmail.com> <CACyFTPFakaDLdTJVc6d1HiR_oaedNOV76MRQxJp=+z95uQFVZQ@mail.gmail.com> <CAPt1N1=rQp5U4_X=2WvCV358S9Qm+E+_+gs_mgUJHP_68dYLmg@mail.gmail.com> <d16406c6-e5d9-4aa4-a16e-7513d04d6b07@gmail.com> <CACyFTPEdh_SL3BJ6WcD18tpYzH=Q6gxYnXanTsHZxF4xQm7LuA@mail.gmail.com> <19b076c0-ff57-471a-8f66-6ad47d7169f4@gmail.com> <f469fd02-f67e-4aa3-80e1-e055e63fadd2@swbell.net> <CACyFTPGNUvKkF+hxg1xJPSRNWo4aZN+jtwO3GeMLmQ1pTY8x3g@mail.gmail.com> <CAPt1N1kLTuKjtvsJ5qGd_kjnc8K2HDc7OemMqtaSavGH6kAqJA@mail.gmail.com> <CACyFTPEjAq0kGHFwiNnqsmyhxavu6HhEBu6X7OQXAgaKpPqa1g@mail.gmail.com> <CAN-Dau05Q2GVydUb8DLfAXYNEtrKPkTFROOWT3cDMr5DSPD8Tg@mail.gmail.com> <CACyFTPEVtd4DXdVq66CFO6E61ZNDNrDQOAu4CEt8yeK9fDBcJg@mail.gmail.com> <CAN-Dau1xjQp0W+JYuxFurxj3sJEcWVm9Og-5HrbdPCwnfUwh2w@mail.gmail.com>
In-Reply-To: <CAN-Dau1xjQp0W+JYuxFurxj3sJEcWVm9Og-5HrbdPCwnfUwh2w@mail.gmail.com>
From: Daryll Swer <contact@daryllswer.com>
Date: Sun, 11 Aug 2024 04:24:37 +0530
X-Gmail-Original-Message-ID: <CACyFTPGEV-zA09XNroD34QdLUGENHwpB=4CkU-v3vEDXVYzODg@mail.gmail.com>
Message-ID: <CACyFTPGEV-zA09XNroD34QdLUGENHwpB=4CkU-v3vEDXVYzODg@mail.gmail.com>
To: David Farmer <farmer=40umn.edu@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b27529061f5c2754"
Message-ID-Hash: ZIGTCGE22QSYV6LCORRUXRI22UTKPXOF
X-Message-ID-Hash: ZIGTCGE22QSYV6LCORRUXRI22UTKPXOF
X-MailFrom: contact@daryllswer.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-v6ops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The Multach's <jmultach@swbell.net>, v6ops@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [v6ops] Re: Dynamic addresses
List-Id: v6ops discussion list <v6ops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/vTdbKGLKRK9HrOaMJSsf8GsOkG0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Owner: <mailto:v6ops-owner@ietf.org>
List-Post: <mailto:v6ops@ietf.org>
List-Subscribe: <mailto:v6ops-join@ietf.org>
List-Unsubscribe: <mailto:v6ops-leave@ietf.org>

>
> Like I said, changing address doesn’t prevent tracking. But, my point is
> without addresses changing once in a while, basic system logging becomes an
> effective tracking system, that is tracking is trivial if addresses never
> change.


I mean, I guess, but a client would get a /56 minimum, out of that, they
can rotate a new /64 per VLAN every month or X amount of time as they
please on their LAN.

But what I do know, is if ia_na and ia_pd had this “privacy” flag I
hypothetically described, it would probably make things easier on both
sides (those who are pro static prefixes/addr. and those who are
pro-dynamic prefixes/addr.).

*--*
Best Regards
Daryll Swer
Website: daryllswer.com
<https://mailtrack.io/l/c0c508ca99a77724b18ed98b826dc1a015e3a26b?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=db5edee179ce0328>


On Sun, 11 Aug 2024 at 04:05, David Farmer <farmer=40umn.edu@dmarc.ietf.org>
wrote:

>
> On Sat, Aug 10, 2024 at 16:45 Daryll Swer <contact=
> 40daryllswer.com@dmarc.ietf.org> wrote:
>
>> David
>>
>> Changing the prefix delegation on power failure of the CPE generally has
>>> a fairly low impact, as the devices using the network frequently loose
>>> power as well and are rebooted. And, even if they don’t loose power they
>>> typically loose link, which is also a signal to reestablish their addresses.
>>
>>
>> Not sure how electrical systems are built in the west, but over here,
>> even lower-income households have inverters (or UPS) in place, i.e. the
>> CPE, and client devices connected over Wi-Fi do *not* lose power and the
>> Wi-Fi interface *stays up*, upstream OLT comes back up/quick fibre
>> patching done, and now the clients have broken IPv6 connectivity for X
>> amount of minutes/hours depending on pref/valid values.
>>
>
> In the US most residential power systems don’t have  backup, power outages
> are typically short, a minute or less or they are caused by a power
> disruption major fault requiring a truck roll, these typically are caused
> by thunderstorms and last 30 minutes to an hour, and occur one or twice a
> year for a typical customer. Then once a decade or so you will experience
> an extended outage of many hours to a day or two, typically cased by major
> damage, like trees falling down in severe thunderstorms, straight line
> winds or tornados.
>
> Again, this isn't theoretical, I see this in real life, ALL the time, and
>> if you do a quick Google search using this precise search time, plenty of
>> other users reported it:
>> “Dynamic IPv6 breaks SLAAC”.
>>
>> As a consultant, I also get these complaints from unaware ISPs' business
>> owners and C-suites, who didn't know about BCOP-690 and static ia_pd, I,
>> moved them to static ia_pd, lo and behold — customer complaints about
>> broken (v6) connectivity, stopped spamming their ticketing software.
>>
>> Nothing about my feedback on this is “hypothetical”, this is all IRL.
>>
>
> I never said it was hypothetical, it is a real issue, especially when a
> change is forced on some arbitrary timeframe, instead of opportunistically
> with reboot. But even a change on reboot will cause issues in at least some
> cases.
>
> That being said, whether or not to maintain the same prefix across reboots
>>> should be in control of the end user, not necessarily the CPE manufacturer
>>> or the ISP. Only the end user knows if their use case is advantaged or
>>> disadvantaged by getting a new prefix on power loss or other reboots.
>>>
>>
>> I agree on this aspect. I am not a protocol designer, but if I was, I'd
>> be keenly interested in potentially augmenting both ia_na and ia_pd with a
>> “privacy” flag, whereby if the user sets it to 1, they can set a timer to
>> renew (per 24 hours, months etc), and the server will feed a fresh ia_na
>> and ia_pd that ways. And if the user sets privacy flag = 0, the ia_na and
>> ia_pd is permanently (lifetime) static. Probably good to augment it
>> further, where privacy flag is independent for each (na, pd), along with
>> independent timers giving the user complete control and making the life of
>> the ISP and CPE maker, simpler.
>>
>> Nevertheless, permanent addresses, unchanging for an extended periods of
>>> time like months or years, is a threat to privacy, it makes tracking
>>> trivial.
>>>
>>
>> This is an arguable/argumentative topic — i.e. “privacy” and “IPs”. Most
>> analytics/tracking software rely on system, browser fingerprinting,
>> invasive cookies, and even battery API
>> <https://eprint.iacr.org/2015/616.pdf> to track users — a lot of
>> motivation came for this, from mobile devices where the end-user moves
>> between Wi-Fi networks and mobile networks 24/7. Analytics had to figure
>> out a way to identify/track the users across different Wi-Fi/Mobile
>> networks, and therefore by design can do so even with dynamic IPs.
>>
>
> Like I said, changing address doesn’t prevent tracking. But, my point is
> without addresses changing once in a while, basic system logging becomes an
> effective tracking system, that is tracking is trivial if addresses never
> change.
>
> *--*
>> Best Regards
>> Daryll Swer
>> Website: daryllswer.com
>> <https://mailtrack.io/l/7070cf174482cea593104513e38e67dd0d19e934?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=b99c4df5e4efd1b8>
>>
>>
>> On Sun, 11 Aug 2024 at 02:39, David Farmer <farmer=
>> 40umn.edu@dmarc.ietf.org> wrote:
>>
>>> I just want to say that I agree simply changing addresses, particularly
>>> forcing address changes periodically, does not provide privacy by itself
>>> and doesn’t prevent tracking.
>>>
>>> Nevertheless, permanent addresses, unchanging for an extended periods of
>>> time like months or years, is a threat to privacy, it makes tracking
>>> trivial.
>>>
>>> Changing the prefix delegation on power failure of the CPE generally has
>>> a fairly low impact, as the devices using the network frequently loose
>>> power as well and are rebooted. And, even if they don’t loose power they
>>> typically loose link, which is also a signal to reestablish their addresses.
>>>
>>> That being said, whether or not to maintain the same prefix across
>>> reboots should be in control of the end user, not necessarily the CPE
>>> manufacturer or the ISP. Only the end user knows if their use case is
>>> advantaged or disadvantaged by getting a new prefix on power loss or other
>>> reboots.
>>>
>>> Thanks.
>>>
>>> On Sat, Aug 10, 2024 at 10:15 Daryll Swer <contact=
>>> 40daryllswer.com@dmarc.ietf.org> wrote:
>>>
>>>> Ted
>>>>
>>>> > It sounds like the isps who you know of who are doing this are not
>>>> following the rfcs. That makes it cheaper, and makes it break IPv6 for the
>>>> end user.
>>>>
>>>> *Most*, ISPs don't conform to RFCs, BCPs and BCOPs. As a consultant, I
>>>> get exposed (They email me their diagrams and configs for review) to tens
>>>> of networks every year, and I can count on one hand, how many networks
>>>> conform to the minimum for networking in general (IPv4 vs IPv6 aside).
>>>>
>>>> That's why I think the "draft-ietf-v6ops-cpe-lan-pd" should
>>>> potentially, have something to give to end-users for them to use against
>>>> such ISPs, in order for these users to get a permenaent ia_pd (/56 minimum
>>>> or /48 maximum) via support tickets, asking the ISP to conform.
>>>>
>>>> *--*
>>>> Best Regards
>>>> Daryll Swer
>>>> Website: daryllswer.com
>>>> <https://mailtrack.io/l/713f3f681113f0bfb34c34bcf30460679e5a5347?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=fe00cdb4ee3ab02c>
>>>>
>>>>
>>>> On Sat, 10 Aug 2024 at 19:53, Ted Lemon <mellon@fugue.com> wrote:
>>>>
>>>>> At least in Germany the address shifting was a regulatory thing—the
>>>>> isp I was working with on it didn’t want to do it—it was expensive and
>>>>> inconvenient.
>>>>>
>>>>> It sounds like the isps who you know of who are doing this are not
>>>>> following the rfcs. That makes it cheaper, and makes it break IPv6 for the
>>>>> end user.
>>>>>
>>>>> Op za 10 aug 2024 om 10:10 schreef Daryll Swer <contact@daryllswer.com
>>>>> >
>>>>>
>>>>>> > Then again, there is a claim that on those you may not get a prefix
>>>>>> at all (just a single IP6 address), and if you do, often its a /64 with no
>>>>>> PD.
>>>>>>
>>>>>> IIRC, US Telcos even have separate billing for mobile
>>>>>> tethering/hotspot, right? And IPv6 doesn't always work over that ways?
>>>>>>
>>>>>> Over here, it appears the tethering interface just bridges with the
>>>>>> PDP interface, and the “clients” that connects gets a /128 GUA, shared with
>>>>>> a single /64 with the SIM.
>>>>>>
>>>>>> > For security reasons, one of them has a rule to change the assigned
>>>>>> IPv6 address space at least once every 4 hours.
>>>>>>
>>>>>> You mean conspiracy theories about big bro and “privacy”… It's not
>>>>>> “security”.
>>>>>>
>>>>>> iPhones have built-in security, Ted Lemon can probably elaborate on
>>>>>> that. Android, too, has built-in security, the Google folks here can
>>>>>> probably elaborate on that.
>>>>>>
>>>>>> Nope, I am completely against conspiracy theories about “dynamic IP
>>>>>> stops big bro from spying on you”. If big bro wants to “spy” on you, no
>>>>>> amount of “dynamic IPs” is stopping that.
>>>>>>
>>>>>> *--*
>>>>>> Best Regards
>>>>>> Daryll Swer
>>>>>> Website: daryllswer.com
>>>>>> <https://mailtrack.io/l/ba62818f368e4ab91c6676b1a01e6088ea674e45?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=b8dfc4abc306b3d8>
>>>>>>
>>>>>>
>>>>>> On Sat, 10 Aug 2024 at 19:29, The Multach's <jmultach@swbell.net>
>>>>>> wrote:
>>>>>>
>>>>>>> That triggered a memory about addressing on US cellular carriers, at
>>>>>>> least one of which does this.
>>>>>>>
>>>>>>> Then again, there is a claim that on those you may not get a prefix
>>>>>>> at all (just a single IP6 address), and if you do, often its a /64 with no
>>>>>>> PD.
>>>>>>>
>>>>>>> For security reasons, one of them has a rule to change the assigned
>>>>>>> IPv6 address space at least once every 4 hours.
>>>>>>>
>>>>>>>
>>>>>>> On 8/9/2024 9:33 PM, Brian E Carpenter wrote:
>>>>>>>
>>>>>>> On 10-Aug-24 11:34, Daryll Swer wrote:
>>>>>>>
>>>>>>>  > But I don't understand the statement "breaks SLAAC on the LAN". A
>>>>>>> change of prefix renumbers the LAN, but that doesn't break SLAAC, it just
>>>>>>> causes SLAAC to renumber everything. It will only break active sessions.
>>>>>>>
>>>>>>> It will break, on the host side, because they won't know to use the
>>>>>>> new prefix, until the pref/valid values expire.
>>>>>>>
>>>>>>>
>>>>>>> https://www.6connect.com/blog/is-your-isp-constantly-changing-the-delegated-ipv6-prefix-on-your-cpe-router/
>>>>>>>
>>>>>>>
>>>>>>> Thanks, yes, I knew that of course but the description of that as
>>>>>>> breaking SLAAC confused me. (When my ISP was changing prefixes after a CE
>>>>>>> power cut and reboot, the issue was masked by other effects of the power
>>>>>>> cut.)
>>>>>>>
>>>>>>> There's no reason to be promoting dynamic v6 prefixes, in addition
>>>>>>> to the SLAAC context, this makes it painful, for end-users to host anything
>>>>>>> at home, even basic SSH.
>>>>>>>
>>>>>>>
>>>>>>> I completely agree.
>>>>>>>
>>>>>>>    Brian
>>>>>>>
>>>>>>>
>>>>>>> *--*
>>>>>>> Best Regards
>>>>>>> Daryll Swer
>>>>>>> Website: daryllswer.com
>>>>>>> <https://mailtrack.io/l/8b190af15371d42cba28cde7db9581f1c207dde9?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=0564b87de4f69994>
>>>>>>> <https://mailtrack.io/l/8b190af15371d42cba28cde7db9581f1c207dde9?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=0564b87de4f69994>
>>>>>>>
>>>>>>>
>>>>>>> On Sat, 10 Aug 2024 at 04:56, Brian E Carpenter <
>>>>>>> brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>
>>>>>>> <brian.e.carpenter@gmail.com>> wrote:
>>>>>>>
>>>>>>>     [Public service announcement: as of now, I'm spam-filtering
>>>>>>> messages with 'Digest' subject headers.]
>>>>>>>
>>>>>>>     My ISP used to change my prefix whenever there was a power cut
>>>>>>> and the modem restarted. Now, it appears to be stable.
>>>>>>>
>>>>>>>     But I don't understand the statement "breaks SLAAC on the LAN".
>>>>>>> A change of prefix renumbers the LAN, but that doesn't break SLAAC, it just
>>>>>>> causes SLAAC to renumber everything. It will only break active sessions.
>>>>>>>
>>>>>>>     Regards
>>>>>>>          Brian
>>>>>>>
>>>>>>>     On 10-Aug-24 10:13, Ted Lemon wrote:
>>>>>>>      > In order to do this, they would have to not renew a
>>>>>>> previously assigned prefix. I think some German telecoms used to do this as
>>>>>>> a privacy message, but it was operationally very difficult because it
>>>>>>> doubled demand for prefixes.
>>>>>>>      >
>>>>>>>      > Where are you seeing this irl, and how does it happen?
>>>>>>>      >
>>>>>>>      > Op vr 9 aug 2024 om 15:08 schreef Daryll Swer <
>>>>>>> contact=40daryllswer.com@dmarc.ietf.org
>>>>>>> <mailto:40daryllswer.com@dmarc.ietf.org>
>>>>>>> <40daryllswer.com@dmarc.ietf.org> <
>>>>>>> mailto:40daryllswer.com@dmarc.ietf.org
>>>>>>> <40daryllswer.com@dmarc.ietf.org>
>>>>>>> <mailto:40daryllswer.com@dmarc.ietf.org>
>>>>>>> <40daryllswer.com@dmarc.ietf.org>>>
>>>>>>>      >
>>>>>>>      >     Tim, is there something we can do to encourage not only
>>>>>>> "more than a /64", but also encourage "static ia_pd to ensure the customer
>>>>>>> will not experience broken IPv6 connectivity due to ever changing
>>>>>>> prefixes".
>>>>>>>      >
>>>>>>>      >     Too many ISPs out there do dynamic IPs and breaks SLAAC
>>>>>>> on the LAN.
>>>>>>>      >
>>>>>>>      >     I feel this draft could be a powerful tool, in the hands
>>>>>>> of the end user to get these ISPs doing the right way of IPv6 more often.
>>>>>>>      >
>>>>>>>      >     --
>>>>>>>      >     Sent from my iPhone
>>>>>>>      >
>>>>>>>      >
>>>>>>>      >     On Fri, 9 Aug 2024 at 7:37 PM, Timothy Winters <
>>>>>>> tim@qacafe.com <mailto:tim@qacafe.com> <tim@qacafe.com> <
>>>>>>> mailto:tim@qacafe.com <tim@qacafe.com> <mailto:tim@qacafe.com>
>>>>>>> <tim@qacafe.com>>> wrote:
>>>>>>>      >
>>>>>>>      >         Yes.  I've seen several instances of /64 being used
>>>>>>> for container networks on CPEs.
>>>>>>>      >
>>>>>>>      >         ~Tim
>>>>>>>      >
>>>>>>>      >         On Fri, Aug 9, 2024 at 9:38 AM The Multach's <
>>>>>>> jmultach@swbell.net <mailto:jmultach@swbell.net>
>>>>>>> <jmultach@swbell.net> <mailto:jmultach@swbell.net
>>>>>>> <jmultach@swbell.net> <mailto:jmultach@swbell.net>
>>>>>>> <jmultach@swbell.net>>> wrote:
>>>>>>>      >
>>>>>>>      >             So are these considered a LAN link prefix
>>>>>>> assignment under 7084 L2:
>>>>>>>      >
>>>>>>>      >             - Assignment of a /64 prefix for internal IPv6
>>>>>>> communication between a
>>>>>>>      >             primary SoC and a secondary chip (e.g., a Wi-Fi
>>>>>>> chip which uses IPv6).
>>>>>>>      >
>>>>>>>      >             - Assignment of a /64 prefix for usage by an
>>>>>>> internal container or VM.
>>>>>>>      >
>>>>>>>      >
>>>>>>>      >             On 8/9/2024 7:56 AM, Timothy Winters wrote:
>>>>>>>      >              >
>>>>>>>      >              >
>>>>>>>      >              > On Thu, Aug 8, 2024 at 10:58 PM The Multach's <
>>>>>>> jmultach@swbell.net <mailto:jmultach@swbell.net>
>>>>>>> <jmultach@swbell.net> <mailto:jmultach@swbell.net
>>>>>>> <jmultach@swbell.net> <mailto:jmultach@swbell.net>
>>>>>>> <jmultach@swbell.net>>> wrote:
>>>>>>>      >              >
>>>>>>>      >              >     The following, while being user focused,
>>>>>>> fails to take into
>>>>>>>      >              >     account that
>>>>>>>      >              >     some of those prefixes may be used
>>>>>>> internally (or reserved for
>>>>>>>      >              >     internal
>>>>>>>      >              >     use) by the CPE or for ISP purposes and
>>>>>>> not assignable:
>>>>>>>      >              >
>>>>>>>      >              >     "SHOULD" (or an elongated exception for
>>>>>>> the above) would be more
>>>>>>>      >              >     appropriate.
>>>>>>>      >              >
>>>>>>>      >              >     LPD-4: After LAN link prefix assignment
>>>>>>> the IPv6 CE Router MUST
>>>>>>>      >              >     make the
>>>>>>>      >              >     remaining IPv6 prefixes available to other
>>>>>>> routers via Prefix
>>>>>>>      >              >     Delegation.
>>>>>>>      >              >
>>>>>>>      >              > I think this covers that case.   After local
>>>>>>> assignment, unused
>>>>>>>      >              > prefixes MUST be made available.
>>>>>>>      >              > LPD-2:  The IPv6 CE Router MUST assign a
>>>>>>> prefix from the delegated
>>>>>>>      >              >            prefix as specified by L-2
>>>>>>> [RFC7084].
>>>>>>>      >              >
>>>>>>>      >              > 7084
>>>>>>>      >              >    L-2:   The IPv6 CE router MUST assign a
>>>>>>> separate /64 from its
>>>>>>>      >              >           delegated prefix(es) (and ULA prefix
>>>>>>> if configured to provide
>>>>>>>      >              >           ULA addressing) for each of its LAN
>>>>>>> interfaces.
>>>>>>>      >              >
>>>>>>>      >              >
>>>>>>>      >              >
>>>>>>>  _______________________________________________
>>>>>>>      >              >     v6ops mailing list -- v6ops@ietf.org
>>>>>>> <mailto:v6ops@ietf.org> <v6ops@ietf.org> <mailto:v6ops@ietf.org
>>>>>>> <v6ops@ietf.org> <mailto:v6ops@ietf.org> <v6ops@ietf.org>>
>>>>>>>      >              >     To unsubscribe send an email to
>>>>>>> v6ops-leave@ietf.org <mailto:v6ops-leave@ietf.org>
>>>>>>> <v6ops-leave@ietf.org> <mailto:v6ops-leave@ietf.org
>>>>>>> <v6ops-leave@ietf.org> <mailto:v6ops-leave@ietf.org>
>>>>>>> <v6ops-leave@ietf.org>>
>>>>>>>      >              >
>>>>>>>      >
>>>>>>>      >         _______________________________________________
>>>>>>>      >         v6ops mailing list -- v6ops@ietf.org
>>>>>>> <mailto:v6ops@ietf.org> <v6ops@ietf.org> <mailto:v6ops@ietf.org
>>>>>>> <v6ops@ietf.org> <mailto:v6ops@ietf.org> <v6ops@ietf.org>>
>>>>>>>      >         To unsubscribe send an email to v6ops-leave@ietf.org
>>>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org> <
>>>>>>> mailto:v6ops-leave@ietf.org <v6ops-leave@ietf.org>
>>>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org>>
>>>>>>>      >
>>>>>>>      >     45efe8dfc775213ded0fc41c7d84ccccb0d6aa20
>>>>>>> _______________________________________________
>>>>>>>      >     v6ops mailing list -- v6ops@ietf.org
>>>>>>> <mailto:v6ops@ietf.org> <v6ops@ietf.org> <mailto:v6ops@ietf.org
>>>>>>> <v6ops@ietf.org> <mailto:v6ops@ietf.org> <v6ops@ietf.org>>
>>>>>>>      >     To unsubscribe send an email to v6ops-leave@ietf.org
>>>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org> <
>>>>>>> mailto:v6ops-leave@ietf.org <v6ops-leave@ietf.org>
>>>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org>>
>>>>>>>      >
>>>>>>>      >
>>>>>>>      > _______________________________________________
>>>>>>>      > v6ops mailing list -- v6ops@ietf.org <mailto:v6ops@ietf.org>
>>>>>>> <v6ops@ietf.org>
>>>>>>>      > To unsubscribe send an email to v6ops-leave@ietf.org
>>>>>>> <mailto:v6ops-leave@ietf.org> <v6ops-leave@ietf.org>
>>>>>>>
>>>>>>> _______________________________________________
>>>> v6ops mailing list -- v6ops@ietf.org
>>>> To unsubscribe send an email to v6ops-leave@ietf.org
>>>>
>>>