randy/draft-classless6
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Updated txt based on my latest changes

Browse source
This commit is contained in:
Fernando Gont 2017-05-06 11:17:48 +02:00
parent 9bfaaf5469
commit 6c7294bd2a
1 changed files with 125 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

194
draft-nbourbaki-6man-classless-ipv6.txt
View file

@ -4,8 +4,8 @@
Network Working Group N. Bourbaki Network Working Group N. Bourbaki
Internet-Draft The Intertubes Internet-Draft The Intertubes
Intended status: Standards Track April 19, 2017 Intended status: Standards Track April 2017
Expires: October 21, 2017 Expires: October 3, 2017
IPv6 is Classless IPv6 is Classless
@ -15,7 +15,7 @@ Abstract
Over the history of IPv6, various classful address models have been Over the history of IPv6, various classful address models have been
proposed, particularly Top-Level Aggregation (TLA) and Next-Level proposed, particularly Top-Level Aggregation (TLA) and Next-Level
Aggregation(NLA) Identifiers. They have all proved to be mistakes. Aggregation (NLA) Identifiers. They have all proved to be mistakes.
The last remnant is a rigid boundary at /64. This document removes The last remnant is a rigid boundary at /64. This document removes
that rigidity as far as routing is concerned. that rigidity as far as routing is concerned.
@ -34,7 +34,7 @@ Status of This Memo
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 21, 2017. This Internet-Draft will expire on October 3, 2017.
Copyright Notice Copyright Notice
@ -53,7 +53,7 @@ Copyright Notice
Bourbaki Expires October 21, 2017 [Page 1] Bourbaki Expires October 3, 2017 [Page 1]
Internet-Draft IPv6 is Classless April 2017 Internet-Draft IPv6 is Classless April 2017
@ -64,15 +64,15 @@ Table of Contents
2. Suggested Reading . . . . . . . . . . . . . . . . . . . . . . 2 2. Suggested Reading . . . . . . . . . . . . . . . . . . . . . . 2
3. Background . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Background . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. A simple Statement . . . . . . . . . . . . . . . . . . . . . 3 4. A simple Statement . . . . . . . . . . . . . . . . . . . . . 3
5. Notes and Recommendations . . . . . . . . . . . . . . . . . . 3 5. Recommendations . . . . . . . . . . . . . . . . . . . . . . . 3
6. Security Considerations . . . . . . . . . . . . . . . . . . . 3 6. Security Considerations . . . . . . . . . . . . . . . . . . . 4
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4
8. Authors . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 8. Authors . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 4 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 4
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 4
10.1. Normative References . . . . . . . . . . . . . . . . . . 4 10.1. Normative References . . . . . . . . . . . . . . . . . . 4
10.2. Informative References . . . . . . . . . . . . . . . . . 4 10.2. Informative References . . . . . . . . . . . . . . . . . 5
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 5 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6
1. Introduction 1. Introduction
@ -92,24 +92,24 @@ Table of Contents
arguments for operational flexibility in address allocation remain arguments for operational flexibility in address allocation remain
compelling. compelling.
It is also assumed that the reader understands IPv6, [RFC2460], IP It is also assumed that the reader understands IPv6 [RFC2460], the IP
Version 6 Addressing Architecture, see [RFC4291], and the proposed Version 6 Addressing Architecture [RFC4291], the proposed changes to
changes to [RFC4291], see [I-D.hinden-6man-rfc2464bis]. RFC4291 [I-D.hinden-6man-rfc4291bis], and the recent recommendations
for the generation of stable Interface Identifiers [RFC8064].
NOTE: do we mean 4291bis (currently moribund) or 2464bis?
An important recent development in IPv6 is that for host computers on An important recent development in IPv6 is that for host computers on
local area networks, the way in which interface identifiers are local area networks, the way in which interface identifiers are
formed is no longer bound to layer 2 addresses (MAC addresses) formed is no longer bound to layer 2 addresses (MAC addresses)
[RFC7217]. We can therefore appreciate that their length, previously [RFC7217] [RFC8064]. We can therefore appreciate that their length,
fixed at 64 bits [RFC7136], is in fact a free parameter as stated in previously fixed at 64 bits [RFC7136], is in fact a free parameter as
[RFC4862]. stated in [RFC4862].
Bourbaki Expires October 21, 2017 [Page 2]
Bourbaki Expires October 3, 2017 [Page 2]
Internet-Draft IPv6 is Classless April 2017 Internet-Draft IPv6 is Classless April 2017
@ -118,9 +118,7 @@ Internet-Draft IPv6 is Classless April 2017
Some confusion has been caused by the IP Version 6 Addressing Some confusion has been caused by the IP Version 6 Addressing
Architecture, [RFC4291], and the proposed changes in Architecture, [RFC4291], and the proposed changes in
[I-D.hinden-6man-rfc2464bis] with respect to allowed maximum prefix [I-D.hinden-6man-rfc4291bis] with respect to the minimum subnet size.
lengths and the minimum host part (sometimes known as interface
identifier) on a link.
Meanwhile, link prefixes of varied lengths, /127, /126, /124, /120, Meanwhile, link prefixes of varied lengths, /127, /126, /124, /120,
... /64 have been successfully deployed for many years. Having the ... /64 have been successfully deployed for many years. Having the
@ -135,15 +133,15 @@ Internet-Draft IPv6 is Classless April 2017
or Using 127-Bit IPv6 Prefixes on Inter-Router Links [RFC6164] is in or Using 127-Bit IPv6 Prefixes on Inter-Router Links [RFC6164] is in
use. use.
5. Notes and Recommendations 5. Recommendations
For historical reasons, when a prefix is needed on a link, barring For backwards compatibility, when a prefix is needed on a link,
other considerations, a /64 is traditional [RFC7136]. barring other considerations, a /64 is RECOMENDED [RFC7136].
The length of the prefix identifier in Stateless Address The length of the Interface Identifier in Stateless Address
AutoConfiguration, [RFC4862] is a parameter; its length needs to be AutoConfiguration [RFC4862] is a parameter; its length needs to be
sufficient for effective randomization for privacy reasons. For sufficient for effective randomization for privacy reasons. For
example, a /48 might be sufficient. But operationally we recommend, example, a /48 might be sufficient. But operationally we RECOMMEND,
barring strong considerations to the contrary, using 64-bits for barring strong considerations to the contrary, using 64-bits for
SLAAC in order not to discover bugs where 64-bits was hard-coded, and SLAAC in order not to discover bugs where 64-bits was hard-coded, and
to favor portability of devices and operating systems. to favor portability of devices and operating systems.
@ -152,24 +150,43 @@ Internet-Draft IPv6 is Classless April 2017
not operate with different interface identfier lengths on different not operate with different interface identfier lengths on different
physical interfaces. Thus a correct implementation of SLAAC must in physical interfaces. Thus a correct implementation of SLAAC must in
fact allow for any length of prefix, with the value being fact allow for any length of prefix, with the value being
parameterised per interface. parameterised per interface. For instance, the Interface Identifier
length in the recommended (see [RFC8064]) algorithm for selecting
stable interface identifiers [RFC7217] is a parameter, rather than a
hardcoded value.
NOTE: should we comment on the fact that at least Linux and Windows NOTE: should we comment on the fact that at least Linux and Windows
seem to assume that the default prefix is /64 in the management CLI? seem to assume that the default prefix is /64 in the management CLI?
6. Security Considerations
This document has no known security impact, assuming that user
devices use an unpredictable interface identifier [RFC7721] for
privacy.
Bourbaki Expires October 21, 2017 [Page 3]
Bourbaki Expires October 3, 2017 [Page 3]
Internet-Draft IPv6 is Classless April 2017 Internet-Draft IPv6 is Classless April 2017
6. Security Considerations
Assumming that nodes employ unpredictable interface identifiers
[RFC7721], the subnet size may have an impact on some security and
privacy properties of a network. Namely, the smaller the subnet
size, the more feasible it becomes to perform IPv6 address scans
[RFC7707] [RFC7721]. However, that for some specific subnets (such
as point to point links), this may be less of an issue.
On the other hand, we assume that a number of IPv6 implementations
fail to enforce limits on the size of some of the data structures
they employ for communicating with neighboring nodes, such as the
Neighbor Cache. In such cases, the use of smaller subnets
essentially enforces an operational limit on such data structures,
thus helping mitigate some pathological behaviors (such as Neighbor
Cache Exhaustion attacks).
7. IANA Considerations 7. IANA Considerations
This document has no IANA Considerations. This document has no IANA Considerations.
@ -189,42 +206,12 @@ Internet-Draft IPv6 is Classless April 2017
10.1. Normative References 10.1. Normative References
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, December 1998. (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460,
December 1998, <http://www.rfc-editor.org/info/rfc2460>.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, February 2006. Architecture", RFC 4291, DOI 10.17487/RFC4291, February
2006, <http://www.rfc-editor.org/info/rfc4291>.
10.2. Informative References
[I-D.hinden-6man-rfc2464bis]
Crawford, M. and R. Hinden, "Transmission of IPv6 Packets
over Ethernet Networks", draft-hinden-6man-rfc2464bis-02
(work in progress), March 2017.
[RFC3587] Hinden, R., Deering, S., and E. Nordmark, "IPv6 Global
Unicast Address Format", RFC 3587, August 2003.
[RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing
(CIDR): The Internet Address Assignment and Aggregation
Plan", BCP 122, RFC 4632, August 2006.
[RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
Address Autoconfiguration", RFC 4862, September 2007.
[RFC6164] Kohno, M., Nitzan, B., Bush, R., Matsuzaki, Y., Colitti,
L., and T. Narten, "Using 127-Bit IPv6 Prefixes on Inter-
Router Links", RFC 6164, April 2011.
[RFC7136] Carpenter, B. and S. Jiang, "Significance of IPv6
Interface Identifiers", RFC 7136, DOI 10.17487/RFC7136,
February 2014, <http://www.rfc-editor.org/info/rfc7136>.
Bourbaki Expires October 21, 2017 [Page 4]
Internet-Draft IPv6 is Classless April 2017
[RFC7217] Gont, F., "A Method for Generating Semantically Opaque [RFC7217] Gont, F., "A Method for Generating Semantically Opaque
Interface Identifiers with IPv6 Stateless Address Interface Identifiers with IPv6 Stateless Address
@ -232,11 +219,69 @@ Internet-Draft IPv6 is Classless April 2017
DOI 10.17487/RFC7217, April 2014, DOI 10.17487/RFC7217, April 2014,
<http://www.rfc-editor.org/info/rfc7217>. <http://www.rfc-editor.org/info/rfc7217>.
Bourbaki Expires October 3, 2017 [Page 4]
Internet-Draft IPv6 is Classless April 2017
[RFC8064] Gont, F., Cooper, A., Thaler, D., and W. Liu,
"Recommendation on Stable IPv6 Interface Identifiers",
RFC 8064, DOI 10.17487/RFC8064, February 2017,
<http://www.rfc-editor.org/info/rfc8064>.
10.2. Informative References
[I-D.hinden-6man-rfc4291bis]
Hinden, B. and S. Deering, "IP Version 6 Addressing
Architecture", draft-hinden-6man-rfc4291bis-06 (work in
progress), October 2015.
[RFC3587] Hinden, R., Deering, S., and E. Nordmark, "IPv6 Global
Unicast Address Format", RFC 3587, DOI 10.17487/RFC3587,
August 2003, <http://www.rfc-editor.org/info/rfc3587>.
[RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing
(CIDR): The Internet Address Assignment and Aggregation
Plan", BCP 122, RFC 4632, DOI 10.17487/RFC4632, August
2006, <http://www.rfc-editor.org/info/rfc4632>.
[RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
Address Autoconfiguration", RFC 4862,
DOI 10.17487/RFC4862, September 2007,
<http://www.rfc-editor.org/info/rfc4862>.
[RFC6164] Kohno, M., Nitzan, B., Bush, R., Matsuzaki, Y., Colitti,
L., and T. Narten, "Using 127-Bit IPv6 Prefixes on Inter-
Router Links", RFC 6164, DOI 10.17487/RFC6164, April 2011,
<http://www.rfc-editor.org/info/rfc6164>.
[RFC7136] Carpenter, B. and S. Jiang, "Significance of IPv6
Interface Identifiers", RFC 7136, DOI 10.17487/RFC7136,
February 2014, <http://www.rfc-editor.org/info/rfc7136>.
[RFC7707] Gont, F. and T. Chown, "Network Reconnaissance in IPv6
Networks", RFC 7707, DOI 10.17487/RFC7707, March 2016,
<http://www.rfc-editor.org/info/rfc7707>.
[RFC7721] Cooper, A., Gont, F., and D. Thaler, "Security and Privacy [RFC7721] Cooper, A., Gont, F., and D. Thaler, "Security and Privacy
Considerations for IPv6 Address Generation Mechanisms", Considerations for IPv6 Address Generation Mechanisms",
RFC 7721, DOI 10.17487/RFC7721, March 2016, RFC 7721, DOI 10.17487/RFC7721, March 2016,
<http://www.rfc-editor.org/info/rfc7721>. <http://www.rfc-editor.org/info/rfc7721>.
Bourbaki Expires October 3, 2017 [Page 5]
Internet-Draft IPv6 is Classless April 2017
Author's Address Author's Address
Nicolas Bourbaki Nicolas Bourbaki
@ -277,4 +322,15 @@ Author's Address
Bourbaki Expires October 21, 2017 [Page 5]
Bourbaki Expires October 3, 2017 [Page 6]