[v6ops] Use of MAC addresses in IPv6 link local addresses
Toerless Eckert <tte@cs.fau.de> Thu, 06 July 2017 23:03 UTC
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36398131676 for <v6ops@ietfa.amsl.com>; Thu, 6 Jul 2017 16:03:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iAcfCRxeoIeS for <v6ops@ietfa.amsl.com>; Thu, 6 Jul 2017 16:03:51 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE1C312EC34 for <v6ops@ietf.org>; Thu, 6 Jul 2017 16:03:51 -0700 (PDT)
Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [131.188.34.77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 2681258C4AE; Fri, 7 Jul 2017 01:03:48 +0200 (CEST)
Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id F205FB0C4E5; Fri, 7 Jul 2017 01:03:47 +0200 (CEST)
Date: Fri, 07 Jul 2017 01:03:47 +0200
From: Toerless Eckert <tte@cs.fau.de>
To: v6ops@ietf.org
Message-ID: <20170706230347.GA24940@faui40p.informatik.uni-erlangen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/Ez2L2J7UMlTEWkHcAWLe2OIRFc4>
Subject: [v6ops] Use of MAC addresses in IPv6 link local addresses
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jul 2017 23:03:53 -0000
For a protocol design, we are wondering what the current state of the
art is wrt to IPv6 link local addresses potentially being the same
on multiple interfaces of a network device like a router.
I was told by Brian that RFC7217 is recommended, but recommendations are
one thing and reality can be another thing. If there are widely deployed
network devices that do have the same link local address across multiple
interfaces then it could take quite a while for this to get changed,
so it might be prudent for a protocol design NOT to expect that eg: RFC7217
is supported everywhere.
The one type of datapoint i seem to vaguely remember is that routers
with large number of "cheap" L3 interfaces often derive their MAC
utilization designs from L2 switches where you do not automatically
assign a separate MAC address to every port because thats a cost factor,
and instead there is just a limited number of MAC addresses assigned to
the box (i think i remember '8' from some cisco products) and
once those are exhausted, additional L3 interfaces repeat the MAC
addresses. And of course if the link-local addresses are derived from
interfaces MAC addresses then we have the problem in question.
Standard disclaimer:
Just because i am paranoid does not mean they are not after me.
So, would love to hear that duplicate link-local IPv6 addresses are
not to be found anywhere in deployed IPv6 networks and that i am
just paranoid ;-) Or else we know that we should take this into
consideration.
Thanks
Toerless
- [v6ops] Use of MAC addresses in IPv6 link local a… Toerless Eckert
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Mark Smith
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Brian E Carpenter
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Mark Smith
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Ross Chandler
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Gert Doering
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Toerless Eckert
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Sander Steffann
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Gert Doering
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Brian E Carpenter
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Sander Steffann
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Gert Doering
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Francis Dupont
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Francis Dupont
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Fernando Gont
- Re: [v6ops] Use of MAC addresses in IPv6 link loc… Fernando Gont