[ipv6hackers] Dynamic prefixes & privacy (was: IPv6 prefix changing)

Owen DeLong owend at he.net
Thu Mar 22 01:43:38 CET 2012


On Mar 21, 2012, at 2:45 PM, Gert Doering wrote:

> Hi,
> 
> On Wed, Mar 21, 2012 at 12:48:30PM -0700, Owen DeLong wrote:
>>> On Tue, Mar 20, 2012 at 03:52:20PM -0700, Owen DeLong wrote:
>>>> Apple could easily have obtained an IPv6 GUA prefix for this purpose. The use of ULA is entirely optional.
>>>> 
>>>> Free your mind from the IPv4 private vs. public address mindset and allow yourself to consider a world where
>>>> GUA is relatively easy to obtain and can be used for non-connected purposes without penalty or difficulty.
>>> 
>>> "GUAs distributed with the intention of not having them routable world-wide"
>>> is different from ULAs in exactly which way?
>> 
>> Who said anything about intent on distribution. The intent on distribution is to uniquely number networks and hosts. Whether those networks and hosts are immediately connected, connected at some future time, or never connected becomes entirely the purview of the operator and irrelevant to the issuing agency.
>> 
>> That's the difference... GUAs provide maximum flexibility to the operator.
> 
> Unless you find a way to make "routing arbitrary prefixes assigned by
> entity A via ISP B, C or D" *scale*, assigning GUAs outside of the
> context of the operator who is supposed to route them not very much
> different from an ULA - a block of 128 bit numbers, that needs a NPT
> to be used on the Internet.
> 

Scaling it becomes relatively trivial for N where N is <  about 350,000 organizations (or about 10x the current number of BGP speaking ASNs) if (when) we can get rid of IPv4.

Further, we do eventually need to solve the prefix portability problem. It's kind of absurd that IETF chose not to drop the ball, but, to utterly ignore it and refuse to even pick it up and look at it during the design of IPv6.

> But this is becoming somewhat silly.  I'm sure you know that, so I'm 
> wondering which aspect of "use GUAs assigned by some arbitrary entity"
> I'm overlooking that might make it interesting.
> 

I'm just pointing out that ULA doesn't provide any utility that GUA wouldn't while it comes at the price of not being able to subsequently use it for other purposes without renumbering if needs change.

Can you point to any functionality afforded by ULA that would preclude the use of GUA if GUA were readily available?

> 
>>>> I realize that this would require some RIR policy changes and I support those. If the IETF will get on board
>>>> with recognizing that local GUA is a better alternative than ULA, then I don't think it would be hard to get
>>>> the RIRs to adopt appropriate policy around this.
>>> 
>>> ULA-C would be that, but the IETF seems to have abandoned that idea.
>> 
>> Right... ULA-C wouldn't be that. ULA-C would be creating a new artificial PI that was not subject to RIR policies and guidelines and would, therefore have been a disaster. Abandoning it was a really good thing. ULA-R is bad enough.
> 
> And how exactly is "changing the RIR policies to allow assignment of
> local GUAs" different?
> 

Because RIR policies at least provide for some mechanism for community input into the process if things start to get out of hand or if there are unforeseen problems developing with the allocation mechanism/policies having unintended consequences.

Owen




More information about the Ipv6hackers mailing list