[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipng
Subject:    Re: L=0 [was draft-pioxfolks-6man-pio-exclusive-bit-02.txt]
From:       Mark Smith <markzzzsmith () gmail ! com>
Date:       2018-01-31 16:44:17
Message-ID: CAO42Z2zRRnV-Uc2PAg3KOYGyDTer7beWMXev_jYn1Lx5uRi9vw () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


On 31 Jan 2018 20:49, "Mikael Abrahamsson" <swmike@swm.pp.se> wrote:

On Wed, 31 Jan 2018, Mark Smith wrote:

RFC8273 fails the proper layer 2 isolation/per-host link/LAN requirement
> too.
>

No, it doesn't. It just doesn't specify how this is to be achieved. I am of
the opinion that it doesn't need to, and it shouldn't. Yes, someone
implementing this should make sure that L2 assures that customers can't
spoof each other, that source validation etc is in place, but I am of the
opinion that RFC8273 doesn't need to specify how that should be done.


The hosts are all sharing the same Link-Local prefix, rather than each host
> having its own instance of the Link-Local prefix. They're all using the
> same router interface, rather than each host having its own dedicated
> router interface. There is sharing of IP layer resources between multiple
> hosts, so the hosts are not on separate links.
>

Sure.


Per RFC4291, in the Addressing Model section,
>
> "Currently, IPv6 continues the IPv4 model in that a subnet prefix is
>   associated with one link."
>
> multiple hosts that share just one common IPv6 subnet of possibly a
> number on the link are members of the same one link.
>

But the GUA prefix isn't the same, just the LLA.



You're saying hosts that have a common LL prefix *aren't* on the same link?




So when a host attaches to a port, the layer 2 device allocates a new
> virtual link, dedicated to the host, and then signals the router, which
> then allocates a new Link-Local prefix, new GUA and possibly ULA prefix,
> and then creates a new router interface for that individual host?
>

No. Those are your requirements, it's you who are saying all of those are
needed. Not me.


I don't have any experience or detailed knowledge of it , however I'm
> reminded of Access Node Control Protocol - RFC6320. Perhaps a generalised
> version of that for other types of layer 2 edge devices might be an option.
>

PPPoE doesn't solve the mac address duplication problem, either. Only
separate L2 per user solves that.

So what I have been proposing for lots of years is to keep the 1:N model
for IPv4 (because that's what a lot of people do), but create
one-vlan-per-user for IPv6, using ethertype based vlans. This requires no
host changes.

[Attachment #5 (text/html)]

<div dir="auto"><div><br><div class="gmail_extra"><br><div class="gmail_quote">On 31 \
Jan 2018 20:49, &quot;Mikael Abrahamsson&quot; &lt;<a \
href="mailto:swmike@swm.pp.se">swmike@swm.pp.se</a>&gt; wrote:<br \
type="attribution"><blockquote class="quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex"><div class="quoted-text">On Wed, 31 Jan 2018, Mark Smith \
wrote:<br> <br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"> RFC8273 fails the proper layer 2 isolation/per-host link/LAN \
requirement too.<br> </blockquote>
<br></div>
No, it doesn&#39;t. It just doesn&#39;t specify how this is to be achieved. I am of \
the opinion that it doesn&#39;t need to, and it shouldn&#39;t. Yes, someone \
implementing this should make sure that L2 assures that customers can&#39;t spoof \
each other, that source validation etc is in place, but I am of the opinion that \
RFC8273 doesn&#39;t need to specify how that should be done.<div \
class="quoted-text"><br> <br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"> The hosts are all sharing the same Link-Local prefix, rather \
than each host having its own instance of the Link-Local prefix. They&#39;re all \
using the same router interface, rather than each host having its own dedicated \
router interface. There is sharing of IP layer resources between multiple hosts, so \
the hosts are not on separate links.<br> </blockquote>
<br></div>
Sure.<div class="quoted-text"><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"> Per RFC4291, in the Addressing Model section,<br>
<br>
&quot;Currently, IPv6 continues the IPv4 model in that a subnet prefix is<br>
   associated with one link.&quot;<br>
<br>
multiple hosts that share just one common IPv6 subnet of possibly a<br>
number on the link are members of the same one link.<br>
</blockquote>
<br></div>
But the GUA prefix isn&#39;t the same, just the \
LLA.</blockquote></div></div></div><div dir="auto"><br></div><div \
dir="auto"><br></div><div dir="auto">You&#39;re saying hosts that have a common LL \
prefix *aren&#39;t* on the same link?</div><div dir="auto"><span \
style="font-family:sans-serif"><br></span></div><div dir="auto"><span \
style="font-family:sans-serif"><br></span></div><div dir="auto"><div \
class="gmail_extra"><div class="gmail_quote"><blockquote class="quote" \
style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div \
class="quoted-text"><br> <br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"> So when a host attaches to a port, the layer 2 device \
allocates a new virtual link, dedicated to the host, and then signals the router, \
which then allocates a new Link-Local prefix, new GUA and possibly ULA prefix, and \
then creates a new router interface for that individual host?<br> </blockquote>
<br></div>
No. Those are your requirements, it&#39;s you who are saying all of those are needed. \
Not me.<div class="quoted-text"><br> <br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"> I don&#39;t have any experience or detailed knowledge of it \
, however I&#39;m reminded of Access Node Control Protocol - RFC6320. Perhaps a \
generalised version of that for other types of layer 2 edge devices might be an \
option.<br> </blockquote>
<br></div>
PPPoE doesn&#39;t solve the mac address duplication problem, either. Only separate L2 \
per user solves that.<br> <br>
So what I have been proposing for lots of years is to keep the 1:N model for IPv4 \
(because that&#39;s what a lot of people do), but create one-vlan-per-user for IPv6, \
using ethertype based vlans. This requires no host changes.<br> \
</blockquote></div><br></div></div></div>



--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic