Internet Engineering Task Force 110, 11 Mar 2021

Previous Meeting Next Meeting

⏯

youtube image

►

From YouTube: IETF110-6MAN-20210311-1600

Description

6MAN meeting session at IETF110
2021/03/11 1600

https://datatracker.ietf.org/meeting/110/proceedings/

A

A

Well, good morning or good afternoon, wherever you are, I don't know what the right solicitation is in utc, but welcome to the second six man session, I'm bob hinden. This is only tron. uh We are the co-chairs of six man next slide.

A

Please note the note: well, we should all have this memorized by now. Next slide the usual administrivia thanks to barbara and xioping for taking minutes we're not doing a.

A

Formal jabber scribe if um we will watch the jabber if someone raises a question and they're not not in the room, otherwise,.

A

Next slide, so, as we talked about earlier this session, we're going to have now is sort of a structure around the way we normally do. A working group session we're going to have document status, a report from the spring compression design team working group drafts and two active or two active in individual drafts.

A

For today, we have two hours next slide.

A

Yeah and here's the agenda.

A

Any agenda bashing.

A

And we will, we will manage the time, but we have about a 20 minute buffer. So we, if there's um good discussions, we won't cut them off, we'll try not to cut them off prematurely but still want to make sure everything all the presentations get time next slide.

B

So if there are no comments on the agenda, let's uh quickly go through the document status. Since the last meeting we have published one rfc, it's 8981 on the temporary address extensions, the uh revision of 49.41.

B

We have two documents submitted to the isg: it's the gratuitous navy discovery work and it's the segment routing oem document.

B

The gratuitous document is awaiting a new id from the author and for the oam document. It's in last call requested state um the uh ipv6 application or the alternate marking method. That's on the agenda for today. It's just going through the last call comments and uh it's on the chairs to to do the write up and advance that document to the isg, um the compact routing header document. It's still awaiting the sr design team.

B

We have a talk on that just following now, and we have two working group documents: it's the minimum path empty hop. I hope option, that's not on the agenda for today and we have the uh improving the robustness of slack by fernando and that's on the agenda later any comments on document status. Before we move on to the sr design team talk.

B

No, then please go.

B

C

Oh charles, do you have me we can hear you please go ahead? Okay, so uh this presentation give a basic report status report for the uh sr compression design team, and currently we focused on two draft. One is for the comprision requirement and the other for the compression analysis. Next page.

C

So uh for the requirement to draft, I think we have uh almost uh finished this draft within the design team. uh We posted a zero five revision and uh uh we hope uh six mind working group uh members can also review that and feedback. Your comments and the other draft is a analysis draft. We just begin to.

C

Discuss this draft and we post the 000 revision already, but in this revision I think we just give some template and we have some proposed uh text for that draft. But we've not have enough time to review that within design team. So we did not post those proposals, but we are confident that we can generate a full version of the analysis draft soon.

C

C

So this is a status for the requirement to draft.

C

As I just mentioned in the latest version, we have included all the requirements we've received and the design team have gone through all of them till now, only three of them with rough, but not a universe, concerns within design team. Now, anyway, we have a poster all of them. This is three items we put it to appendix.

C

uh I think we, if possible, we would like to get more comments on them so compiled to revision. 2. uh The revision 5 move the three items from appendix to the main text, which are the blue highlighted.

C

I think these three items are very important items. They are srv6 based, sr6 functionality, so uh I think it's a big progress for the design team. We can get agreement on those items and we also added none items, new items with the rider highlighted text and those items covers address planning, comprision, libraries and as a domain protections security, and something like that. We think that has data our fundamental requirement for the compression solution.

C

So uh from the design team point of view, we've almost finished the.

C

Requirement draft next page so for the requirements drafts, uh we hope to get more review and a comment from spring working group, because this design team writes by spring working group at first and then as well as we also like six mind.

C

Members can review that, because there are some topics related to six mind work uh and, if possible, we would like to call for adoption as soon as possible. That is the basic.

C

Next step for this draft next page.

C

Yeah, this is a basic status for the analysis draft in this chapter. Currently, I think the biggest uh progress for us is that we had. We haven't.

C

Decided to analyze uh the four uh proposals, uh the this four proposal, at least here one is the cc the other is crh and receipt and the uid.

C

I think this uh uh those four uh proposals give different uh angles uh mechanism. uh I think they are all very useful in the for the ccd.

C

Solution, I think it it combined two drafts. One is from a microseat team and the other is for the gcd. It provided a very simple solution: it doesn't need any srv6 data plan or control plan change and leverages the srv6 network programming model.

C

It provided two flavors, the next sea seed flavor reflect the micro seed solution and the the replace cc the flavor reflect the g seed solution. Both.

C

Framework and for the crh, I think many people in six mind are very familiar with that.

C

The courses also give us some description: uh the site that the crh defined the two new ipv6 routine hiders cih16 and the cih32, and each uh see the map to a cih5 entry.

C

There is a new change to ipv6 forwarding plan all address model and adjust the minimum change to srv6 control plan and for the visit it defines a side of a site of seed behaviors to access a smaller seat within the sr hider.

C

It generalized the srh for any size of seeds and the prefix.

C

It encodes only the visit in sih, not any redundancy prefix, so everything I also use regular 1 28 bits seeds.

C

It doesn't require any srv6 control plan change and it also leverage the srv6 network programming model and the last one is uid. It extends the srh to carry such as amperes labels or ipv6 addresses. It's a give. A basic mapping solution, a comprised srv6 segment list encoding in the sih.

C

It introduces uet flag to unify uh traditional srv6 seed and the unified seed for all the behaviors, so it like leveraged the i76 network programming model with some new flavors.

C

So these are some basic information of those four different solutions.

C

I think they are all useful.

C

We will do some analysis against the current requirement draft, because the requirement drops provided some magic so that we can, based on this metric, to compile those four different solutions.

C

uh This is a status of the analysis dropped next page.

C

So here are some completion plan for analysis. So before the ietf meeting, I think we have already done a lot of work and the next step. We have a rough plan. In the middle of april. We will complete remaining analysis text proposal for the design team review, because when the spring working group writes the design team, they hope we can provide some concerns document to the working group.

C

So we will do the design team review and first and uh we hope to provide a preliminary version at the end of april so that the people in spring working group can review it and accommodate it and at a later may we hope to submit a new revision for itf spring working group and the six-month working group for review, because the analysis draft included some solution, which is from six mind a working group. So we hope the review can be done in the both working group.

C

That that that's all for the report, thank you any comments or questions.

B

Thank you very much just uh jump to the queue we have a few minutes to discuss this. If there is anyone.

B

This has also been discussed in uh in spring right. Okay, andrew, please go ahead.

D

Yeah, um I'm pretty much gonna repeat what I asked in spring. um What is the next step for things like crh? We have to now consider the fact that you now have drafts on this list that are actively shipping in code in production releases.

D

There are people developing on top of those on squatted code points, because there's no other option and we're entering a phase where this has now been going on for so long that effectively, the working group is no longer really getting any say in something that is being developed because it's it's becoming a fatal conflict.

D

This is leading and these delays are leading to the ietf. Sadly, in my view, contributing to a lack of standardization when products are being developed on top of code points that people are using and at the end of the day, when those code points have to change, because we can't get code points, etc, etc.

D

Because of the delays, that's not good for the industry, that's not good for the operators, the vendors might not mind, but it's hurting the operators, and I find it really really really sad the situation that we are in, because we seem to be facing a war of attrition on on certain things and I'd like to know from the chairs and from the ads.

D

When are we going to proceed because this has now been dragging on for a lot longer than a year?

D

And I'm I'm getting very frustrated because I'm watching things that I'm actively developing, knowing that I can't live without them, that I'm gonna have to change them as a result? So please can we get sponsors as to when things are actually going to proceed now.

C

Yeah so uh chairs, could I give a some response for yes.

E

C

I think andrew asked the similar question in last spring meeting and for me I always ask myself one question: why we come here for ietf meeting, because we want to standardize the best solution, all the proper solution for operators and the vendors and the here. I think the analysis dropped here. We list at a list of four different solutions in the from my point of view, I don't know, and the.

C

B

I think we lost audio, or is it just me.

E

A

I think he's back or he's.

B

Muted, we chung, I think we missed or lost you there for a second. Are you back with us.

C

All right, so I I think it we here now we have not get the uh result, which one is a proper one. We don't want to repeat the work one by one and we don't want to uh split the uh the industry chain, so I think the standardized uh something we need to take some time. That is valuable.

C

A

Thank you. Why don't we go to the next? We have four other people in the queue so ron.

F

You can hear me.

F

um First, I'd like to support what way ching said taking our time to get it right is important, but I'd also like to support what andrew said: there is shipping code behind each of them and squatting on good points is not a good thing. Early. This year, the chairs and I started talking about an rfc, 7120 early code, point allocation and, I believe, that's gone to the 80s.

B

Yes, that's correct.

F

We're waiting on the ads um I've been sending musical reminders every week. I hope everybody's enjoying the enjoyed them.

B

I don't know if our ad wants to respond to that uh or give a status on that.

G

Eric yeah, one thing I wanted to uh understand for the early allocation was the number of deployments, so the could anybody speak to deployments that actually need to interoperate as opposed to within sort of one administrative domain, uh or is there like a linux kernel development work? That's going on that would need something a code point to then be tested for interoperability with with another implementation.

B

So andre, do you want to jump ahead and and respond to that.

D

So at the moment there is the juniper implementation. Obviously there are at least six separate things that we are working on, that are linux based.

D

um There is work that we are working on, that is heavily dpdk-based, um so there are a couple of things that are that we're working on with regards to this that um are currently being held back quite badly and and they are pretty critical on the continent on which I operate, because this is something that we really mean.

G

Understood the um the things that you're working on are um well they're. The the intention is that they will not be they're, not just experimental right they're. You know.

D

If they were very much, not not just experimental, in fact, within the next probably two or three weeks, I plan to take certain things: live in market.

G

That's good to know. Thank you.

B

Everyone do you want to continue or were you done.

A

Okay, let's try to get through the we're sort of over time. So let's we have uh I'll go next.

H

Then there this is there yeah, um so I just want to back up weight chang on those on those timelines. I mean on february 11th I sat down and and reread a few of the proposals and came up with uh analysis that I posted to the design team and at the time the design team decided that we couldn't hit the february 22nd date uh for publication uh with internal review.

H

So we we delayed uh releasing that content, but I think that mid april uh is very achievable for the design team once we once we get down to work and and once folks actually finish their finish, the review of the analysis that's been sent out, um and the second point I wanted to make with is, I guess it's a question on that 71 20 uh question.

H

So there's I guess, there's the uh there's the implementation with with andrew um on his network, but I in as part of that is, do the authors expect there to be no further changes and that everything would be backward compatible with that uh with any code points assigned. um I'm just curious on that point as well.

G

That's one of the criteria and uh yeah in the communication that I've received the yeah, the author, committed that the format was stable at this point and that it wouldn't need any changes going forward.

G

Well, okay, this is is what uh baba nule we're told and what I was told.

G

Do you have knowledge to the contrary,.

H

I don't that, okay with one implementation, it was, I guess it's surprising, but okay.

A

Okay: let's go to the next um chingli.

A

He seem to have lost oli and hopefully he'll be back soon, because he has all the slides loaded up.

I

So it would be better to wait till then and- and I thought there are a lot majority modification in the cih draft- so I'm not really sure it is natural right now or not, because it introduced a lot of my psp flavor. Something like that. Intro drops so no idea. Yet it is premature. Maybe.

A

Okay and I'm not trying to pronounce your name right, see hebu who go ahead.

J

The ball from huawei, I think, seagate introduced srv6 native service foundation, training and psp behaves in the last version. I think this job has been changed a lot. We need more time to reveal thanks.

A

And andrew did you anything else to add.

D

No, I I think I've I've pretty much set my piece I mean just like I said I, I don't want a situation where I end up with you know we have a bunch of requirements on the continent at the moment which we kind of started our development work, because we kind of felt that we weren't getting a lot of work done on the continent prior, the vendor is actually looking at the fairly unique requirements that we sometimes deal with in africa, and I don't want to see a situation where I'm building on technologies and being forced to go one way outside of standards because of delays here that have now been going on.

D

When we first raised this, I was there in montreal when we were asking for crh adoption in in spring, etc, etc, and this has been way too long and it's actually really hurting.

D

A

Okay uh ron, real quick and then we're gonna move.

A

On and ollie's laptop has crashed, so I'm going to probably have to pick up presenting slides but.

F

Regarding the stability of the draft, the format of the extension header hasn't changed in, I think about 18 months now. A couple optional um elements were added to the crh fib, mostly as a response to what was going on in this design team, they're, optional and because they're optional, they don't present a backwards compatibility.

K

F

Finally, um an early allocation, you know if, if it turns out that this doesn't fly, early allocations are taken back, so the risk associated with an early allocation is minimal, especially considering the fact we have 255 um uh routing types to assign of those we've assigned only five or six in the last 25 years. So I don't think there's any risk that we're going to run out of them risk of making this allocation is minimal, and I question why the opposition to it is so strong.

G

But I think the whole purpose of uh allowing the spring design team to the time to do uh their review uh was was part of uh why the entire crh adoption call was essentially suspended.

G

um So if it were understood that code points for crh did not uh necessarily imply interference in in in the spring design, teamwork, then uh that I suppose that's that's one consideration.

C

Yeah so for design team, I think we will try our best to provide our analysis draft to the both working groups soon. Thank you.

A

Good, thank you. Ollie. Are you back.

B

I am just back, let me just to get this screen cheer up again. I hope you reached a conclusion in my absence.

A

uh No, but we we got through all the speakers.

B

You can stream all the speakers, oh on the microphone queue. uh Yes, would it be nice if you got through all the speakers.

B

A

Then we're yeah. Can you share slides again.

B

L

Yes, I'm here, can you hear me we can.

M

L

L

N

L

Thank you, uh as uh all I said before, this is a recap about this drafter and the working group plus code in january uh yeah. This is about the application of the alternate marketing meter to ipv6 max fly.

D

L

Will go through a few slides to summarize the main contents of the graph, so this is this slide just gives a night level view of the alternate marking method, so there are two reference documents: rfc 321 and therefore 88.89 about the methodology. The first one describes the base methodology that consists of that batching packets, based on an interval for target class measurement and to select within a second flag, a new set of market packets for delay.

L

The second document generalized the application for multiple unicast flows, and allows the flexible approach for the monitoring. In particular, you can select different sub networks at a different level based on the needed level of detail for the monitor. So next slide.

L

How to apply uh these two rfc in the ipv6, so the agreed way was to define a new option uh that can be encapsulated as of by up options or destination option other, and you can see the details of this option. It's a very simple one, so the first three bits of the type field are all zero.

L

This is important because it means that you have to skip if you don't recognize and data the non-changing route according to rfc8200 and the other important fields are about the two marking fields that are important for the application of alternate marking methods, of course, and the other one is about the flow monitor identification. That is required for a specific reason that I'm going to explain in the next slide.

L

So it is important to say that only the source node writes these options and, depending on what kind of measurement is of biopar and when the nodes on path or only the destination node will process the this option. Next slide.

L

This slide just explain why we need to define this unification.

L

This is required for some specific reason. We it helps to reduce the per node configuration and also allow a flexible granularity for the flow definition. It simplifies the counters handling and also it eases and simplified. The export of that there were. There was also some discussion about the disambiguation of this identification, but in any case, there are two options: if a centralized controller can extract the nodes properly can guarantee, of course, the uniqueness of this identification.

L

Why, in case uh this identification is randomly generated by the source node, there is a chance of collision, but it depends of the application. It can be enough to have a 50 percent of collision for 1 000 to other clothes, but if this is not enough to have more to to have more entropy, uh the this identification can be combined with other flow information in the packet, for example. Yes, the addresses or the flow labels next slide.

L

L

Have you just recap about the alternatives? uh Also, we change the little wording of this to to be aligned with the earthquake, zero, zero and thanks to brian, for this suggestion. So, basically you you can have the destination option, not preceding the routing header, and in this case the measurement can be done only by the the node in this mission address or you can have help by up option and every router on the path can do the measurement.

L

Of course, if they support this feature, uh otherwise destination options preceding the routing gather and in this case every destination node in the root list can do the measurement next slide. Please.

L

Yeah, this is just few words about the security consideration. We also get some comments on that.

L

Basically, we classify the security concerns on the harm caused by the measurement, because the alternate marking, as you know, implies some modification on the option either, but of course, this must be performed in a way that does not affect the quality of service and the second one is about to be harmed to the measurement, because, of course, this measurement could be harmed by routers that can halters the marking of the pocket, also by injecting artificial, artificial traffic.

L

In any case, the precondition and the strong precondition that is common for all these unpacked methodology is that it is applicable to a controlled domain.

L

In this. Under this hypothesis, we can say that the network nodes are locally administered and this kind of attacks attacks can be avoided.

L

In addition, an attacker cannot gain information from a single monitoring point, because you need a synchronization between different monitoring point to to gain network performance information. So this is also another aspect that is in favor of this methodology regarding the privacy concerns that are very limited, because the limited marketing techniques is unlikely to increase the existing privacy risks and, in addition, it is applied to to the option either and without any release of use of that.

L

So next slide, please yeah. Now. Finally, we can go through the the main changes after the last call, in particular the main input from brian about the classification about the hope, bioprocessing.

L

We clarify within the draft that, of course, in theory, the three high order bits are all zero zero and, as I said, this means that you can skip with the recognized and that one changing group, according to the relevant document and rfc8200, also mentioned that the nodes only examine and process the object option, if explicitly configured to do so anyway.

L

In practice, the things may be different and we also highlighted in the graph that it can happen that packet can be forced into the low part, but this is not under our control, so it's it's up to the implementation.

L

The other comment was about the this is very good because we added a new subsection about the controller domain. In order to better highlight um this.

K

L

This answered the question about the deployability.

D

L

Methodology- and we also added the cross reference to the rfs 87 8799.

L

The other point was about the rewarding of the alternatives that I have already described before and also brian suggests, to to relax the condition about the uniqueness of flow monitor identification, because it may not be a problem in most of the cases next slide.

L

Yeah another input was about was from react mystic.

L

I also noticed that the alternate marking leads carried by the option. Adder may affect the pattern view. Of course this is this is true, and we we also add a paragraph in the security considerations. Anyway, we we must all. It is important also to note that the relative small side, so only 48 bit of this option um and it's together with this application to control a domain mitigate this issue.

L

Also, we got other uh editorial comments and changes by bob and dollar. Many thanks for that.

L

Okay, next slide, please.

L

Okay regarding the next steps- okay, with the last goal ended in january, we have found a great way to apply this qrfc for physics, of course, questions and comments are what thank you for time.

B

So, as I mentioned during the document status, we were planning on the next step, for this was to to to close the last call and do a write-up and advance it to the isg. um Is there anyone who have any comments now that we need to do prior to doing that? Please jump in to the queue. Otherwise, we will proceed on that.

A

A

O

A

Not go on so fernando you're up.

L

Okay, thank you.

L

P

Can you hear me.

Q

P

Okay, cool, um okay, so I'm uh fernando and I will be presenting the document uh improving the robustness of slack to flash renumbering events next slide, please.

P

So, essentially, what this document tries to do is to provide mitigations for the problem that is discussed in rfc 8978, which is uh what was published a couple of days ago. uh It's the problem statement.

P

um You know at the time uh we have an individual submission that had, like uh you know several kind of orthogonal mitigations for this problem, so the decision at the time was to um before actually incorporating into the working group uh document. Those mitigations, essentially, you know, discuss each of them in the working group, and you know, based on on on working group, consensus, uh decide whether or not to incorporate them into the working group document.

P

um We have made a lot of progress so far and there's only one item item that seems to be left. That is the a mechanism uh to try to infer that there is a stale information based on incoming root advertisements. Okay, next slide.

P

So um essentially, the the individual version had, like you, know, a proposed mechanism and what we have um and that you know uh that mechanism resulted quite a little quite a bit of of discussion and not everyone was happy with it. So one thing that we did since then is um first of all try to stay, take a step back and um you know think about. You know how these uh mediation should work.

P

Okay, so essentially we can say that uh the mitigation for let's say getting rid of um state information, has two parts uh part of it is the trigger like something that happens in the network. That makes you think that um you know that might be an indication that uh there is information that has become stale and then there is the second part, which is the actual check. What do you do to actually check that? uh That information has indeed become stale, so the mitigation that we had initially didn't separate?

P

You know between these two parts, and you know it was just you know the the mechanism uh proposed right away, uh so we um kind of like we thought uh this idea um quite a bit um when it comes to the trigger. That's probably the easy part: okay, so the obvious trigger you know for checking whether the information has become stale or not is the receipt of a router advertisement that contains missing information.

P

We are talking about bios in our case and then there's the question of you know what a host could possibly do to actually well check or double check if the information has indeed become stale. So um here we have, like uh you know three.

P

B

P

B

It's now you came back, we lost.

P

B

P

Okay, so uh uh long story short, we have we uh reanalyzed the mediation that we had and uh what we did was separate it into two parts a trigger and the actual check the trigger is what will make the host say? Okay, you should probably double check whether this information is a stale or not, and the check is what you actually do to figure that out. The obvious uh thing for the trigger is the receipt of of an array that is missing uh previous information in this case pios.

P

Okay, now when it comes to the possible checks, there are like at least three different options.

P

uh The last one is the one that we, you know eventually, uh you know uh selected, uh but I will mention the other two, uh the other two options too, because one of them is the one that we had the previous option that we had, which is the one that was in the individual submission, was essentially that when you receive an array that was missing, a pio essentially reduce the preferred lifetime and the valid lifetime, and the idea was um what's simple, um you know you reduce the lifetimes and if they were not stale, those timers would be refreshed and that's it.

P

So you don't. Actually you were not actually checking whether the information was still or not, but you, you know, reduce the lifetimes uh like to small values, for example, they prefer lifetime. In the order of you know a few uh seconds, okay or on the other, let's say five, ten twenty a minute but small value, and uh that is a valid lifetime to us to a few minutes now. If they were not stale, they would be refreshed and that's it so the check was kind of like implicit. Okay.

P

There is another option uh which is also kind of like an implicit uh check which is to, for example, when you receive an array and it's missing information rather than do like a more aggressive. I receive reduction of um you know of the lifetimes, for example health health, these uh lifetime values. So the reduction won't be uh that aggressive. But you know you will. You know eventually reduce like the uh this, like the the lifetime left exponentially.

P

Okay, now what we finally uh selected to do, which is probably the most conservative option option- is to do like an explicit check. So when you receive an aid, an array that is missing information, what you do is essentially you schedule uh that of sending a router solicitation to the router that sent you the information to double check, whether that information is stale or not.

P

If you know, while you have scheduled the rs, you receive the information, then that's fine. You don't even need to send the arrays, because the information is there and in the case that you schedule uh that of sending a router solicitation and in the meantime you don't receive it. Then you will send a unicast router solicitation and uh what we propose, which is in the in this in the next uh slide, is that you can.

P

I mean I personally think that you know if you check with an rs once that should be more than enough, but you know if folks uh want to be even more conservative, you can actually, you know, do you'll send our an arrays like multiple times, so you retry multiple times you pull the router multiple times to see. If you know you, uh if the ro, the router eventually sends you that information that was missing uh next slide,.

P

So this is essentially what I just said, but you know with with more detail. um So if you, the concept is exactly the same, this is just getting into the details, so the idea is that if uh we have a, you know a flag that is called root, refresh, which you know if it's false.

P

It means that you know it's like normal behavior, what we have right now and if this flag is set to true, that means that we are in the process of double checking with that router, whether the information you know is fresh or not. So if you receive um an array- and you know you- you are not currently refreshing the information, then you check the pios. If any of them is missing, then that means that you have to enter this router refresh mode if you wish. So what you do you enter this?

P

You set this flag rotor refresh to true, and then you mark what are the pios that are missing. That is pios that you had received from that router before, but that are missing in this packet and the next thing that you do is you set the timer? You are scheduling a timer so that to schedule a router solicitation. Okay.

P

Now, uh if you receive a an array, okay- and uh you were refreshing information, the only thing that rooted refresh was true. The only thing that you have to do is look at the pios and clear the ones that you just received so you're keeping track of which of which ones are missing. So if your refreshing information, then you check the bios, the ones that you have received, you clear them: okay, so that means that those are fresh still fresh. Now what happens if the timer expires, the timers that you have set up before expires?

P

Well, what you do is if all the pios have been received. That means that essentially, all the information is fresh, so you just clear this wrote refresh flag. So you are refreshing information, but you have received everything that you were meaning to receive problem solved. Okay, then you have. We have a secret option. If you have retransmitted a router solicitation more than whatever time whatever number of times the working group wants to do, it could be once if you, if you know we agree that once is enough, but it could be 10.

P

If that's what the working group thinks is the most conservative option? Fine enough, but if you have retransmitted you know the arrays. That number of times then essentially disassociate those pios with a router. That is, you have checked with the router. That means that that information has become stale. Then you have to get rid of it now. In the other case, that is, the timer has expired. What you do is send the router solicitation, so the concept is quite simple: you get an array that has missing pios, you schedule the timer.

P

If, before the timer expires, all the information has been received in other are in other arrays, then problem solved. Otherwise you send a number of times as many as necessary, unicast router, solicitations to the router to double check whether that information, you know, is there? If you have, you know retransmitted the rs and sufficient number of times, then you give up and you remove that information next slide.

P

So uh comments this is not necessary, so I could have easily you know, you know, remove this slide, but some things uh you know could be made easier like even simpler if all options of the same type could be required to be in the same ra packet. This is I I stress this like strongly. This is not required for the mechanism that we just discussed. Okay, I'm just saying that if we were to do that, if we were to, you know, enforce this other requirement, things would be even simpler, but this is not required.

P

Okay, so if we were to require all options of the same type to be in the same packet, this could be even simplified, because you know right now. 4861 essentially says that you can, you know, split the information among any number of packets, that you want even options. From the same time, for example, you could have to send like say 10 pios and you can send each pio in each pio in a different array, but again this is not required for this mechanism to work uh next. One.

P

So question is: if uh there are any comments or concerns about this, so the idea is that you know that what was uh you know agreed was that you know things would be um uh discussed with a working group before we would actually incorporate them into the working group document. So this is this part. If uh there are comments or concerns about this, this mechanism, that um you know we have uh proposed and if they're, if there are not, uh we can, you know, send the detailed text to the mailing list.

P

uh Let's say for a you know, final review or another review before we incorporate into the working group document.

A

A

A

um So I think yeah. We would like to see more review of this what's proposed here, so, if I'd like to so, if we can solicit a couple, some reviewers, if you're interested in doing this, please contact the chairs.

A

I think that'd be very helpful because there are a bunch of changes to a fairly basic part of ipv6, perfect.

B

Good, okay, thank you fernando, I think bob you might be uh might be the next one. Let me see I.

A

Think I might be.

A

But in gory may um my co-author may jump in. I think he's online.

A

Yes, so if I get it wrong, he'll correct me, so uh I'm going to talk about the draft, I wrote um a while back for changing the way we process hop. I hop options.

A

um I got the idea for doing this after some discussions at the last ietf meeting and tried to write it all down to see if it would make sense. As usual, writing stuff down, causes you to try to flush out issues and it ended up a little bit different than I thought so next slide.

A

So I mean the underlying problem: is that hopper hop options are not working end-to-end in the internet. um You know it's common: that packets, with hot pie options get dropped. um I think, based on the measurements that gory and anna did regarding the path mq option. um I think we discovered that there are some edge routers. You know the the isp that who serves the actual customer were just dropping these they didn't want.

A

um They didn't want packets to go to the the slow path they didn't want to have them interfere with the operation of the router, um and so my conclusion was that you know we need to do something different if we expect hot pie up options to be useful in the future. Right now, they're not very, um very useful, and this is an approach to try something different.

A

I'm not, I think neither of us are sure this is the perfect solution, but it wanted to entertain thinking about this and how we might make this better, so next slide, and so by the way, so I'm gonna, basically the way the presentation is organized. It first basically talks about what's in the draft, and then it has a section that goes through the issues that were raised in the mailing list discussion and I think I captured them all.

A

But um then we can um talk about you know and then hopefully we will can have a robust discussion after that. So the terminology, I'm using that we're using in the draft is you know fast path and slow path and fast path means hardware, forwarding network processor for any asex asic packet.

A

um You know it's the way, it's the usual processing in the router for most packets. You know it's how you get wire speed. It's also a lot of times called the forwarding plane and the slow path is. You know where packets that are usually processed by the router go um in a lot of cases. It's software processing, um you know so it's used for special processing, it's where routing protocols go and the like.

A

It's also called the control plane, so you know we're using fast path and slow path in this draft, but it you know, I think it's synonymous with forwarding forwarding, plane and control plane next slide.

A

So the you know in the first ipv6 specification, um it was required that you know hop hop options be processed by all nodes. At that time it was not feasible to do this at wire speed in hardware.

A

This was a while ago. um Packets without buy options were sent to the slow path.

A

In fact, one of them, the router alert, was designed just to tell the the router to go look carefully in this packet, but it was also then observed that this mechanism could be used as a denial of service attack, because it allows you, you know, nodes any hosts on the internet to send packets that you know caused the router to have to do a lot more work, and I think this is a big issue as to why they get packets with halfway options aren't processed, um and then I think that you know it's made worse, that we allow multiple hop by up options in in the option.

A

Header next slide.

A

um The current specification changed this a little bit.

A

You know it tried to document the reality when we published um the ipvp v6 specification as a ietf standard, the last step in the standards process, um and we basically changed it to only require processing if the router is configured to do so and and this basically matched what was currently being done operationally, um and I also note based on discussion that you know.

A

I think this is really only talking about routers with specialized hardware forwarding um software only routers, I think don't have this issue, but I think the denial of service attack is still an issue even in software next slide- um and you know, motivation again is hoping hop. Options are not practical currently to be used widely. It's common to drop packets without by hub options.

A

I think multiple options make the problem worse and any mechanism that you know that packets extent that are sent externally to slo to slow down a router is can be exploited as a denial of service attack and the goal goal. When I wrote this was to redefine the procedures to make alpe options more practical to use because I think they are, they have a lot of good potential, but um you know right now: it's you know. You can't use them consistently across the internet.

A

A

So yeah, so I'm going to basically summarize the draft, um so 8200 um is defined. Top pay options are identified by next header value of zero and they must be the first extension header in the packet.

A

The change is, one of the changes is only to allow one hop-hop option in the header and this results in requiring that all hop. I hope options be. Eight octet aligns because aligned because the way the pop-up option header, you know it has to be eight octet aligned, and so, if it was shorter, then you would need pads, and I was trying to avoid that um as I'll talk about later, it turns out most currently defined.

A

Hop-Up options are eight octet, aligned um and, and as part of this, I'm saying that nodes must discard packets with more than one option next slide and the other big change is. Basically, if you can't process a hop by hop head option in the fast path you um you know, or the processing must be done in the fast path and and then this is a change and it's a significant change. Is that saying here?

A

Otherwise, you just skip it, and this this in itself, I think, is I I think it will solve the dropping problem in that it they'll still get to the next hop, but you know it's also means that you're forwarding a packet with something you don't know what's inside it, so it's so I wanted to call that out.

A

um Another change is that section 4.2 and rfc 8200. You know the bits in the first bits in the type field define what to do, um what to do with the option. If it's not recognized and I'm basically changing it to 0 0 will mean skip this option, continuing processing and then otherwise discard the packet, and the change here is to not no longer require the sending of icmp error messages which I suspect is problematic at full speed.

A

A

And you know, as I said, 8200 allows to control hop, I hop processing by local configuration, and so I'm just suggesting that routers maintain a lookup table based on option type. So it would be very easy or quick to.

A

To see if an option is supported in the router um and if not follow the what it says in the bits in the option type field, whether to just drop it or to skip it next slide, and so I went through um the existing options and this lists the options that are hop options. There are some other options that are either deprecated or our destination options: destination header only options, so I'm not showing those- and I discovered that many of these are eight octet aligned.

A

But there are three that um are not, um and so these would either need to be deprecated or modified um one of them, at least at the time I wrote, the draft is still an id, so it should be more possible, but it's. The effect of this was not as severe as I was expecting.

A

A

Slide and of course, then any new hop-up options defined must have eight octet alignment. um It's probably also good to include when they should be sent. Do they need to be in all packets? Can they be in occasional packets? You know using the path mtu option as an example that those are particularly not intended to be in all packets, because in fact they only want to be in the short packets, not in the long packets, because otherwise they they won't do what you want them to get in through the network end to end.

A

So I think this needs to be specified in any future hop by hop options. Next slide.

A

So I'm going to attempt to go through the issues I have these in.

A

These are issues largely raised on the mailing list and um and then some other things- that's come up in offline discussion and there might well be more so, and this is loosely sorted in the order they received. uh There was a request: can we allow hot buy options elsewhere in the packet?

A

I wouldn't, I think, that's not a good idea. I think it would make it harder to process. I think the current ipv6 design of making them always be the first one is intended to make it easier. You don't have to look through the whole packet in the fast path to see if there's any there. I think I think that's a very good property. I don't think we want to lose that next was reduces flexibility to have only one hop.

A

I have option and fast path only, um and it is true, it does reduce flexibility, but you know our current amount of flexibility has made this not be useful across the end to an internet. um Another you know issue is you know, restricting options, isn't the right approach um and it's you know it's it'd be nice.

A

If we didn't have to do something in my opinion, but you know if we want to be able to use these, I think we need to do something different um and the next was you know to require them to be processed in the fast path was too restrictive?

A

I mean we could the document could be changed to make this a? Should you know? Do it this way unless you have a good reason not to I mean that certainly also covers software implementations, but we do have the issue about um you know if you do allow them to go to the slow path, then how do you avoid this becoming used as a denial of service attack? You know if you keep them in the fast path and you only process the ones that you are configured to do then.

A

I think the router is pretty well protected against a denial of service attack, because you should be able to do that processing at speed next slide.

A

There we go, and so they were this. This was a very active um topic in the email thread, and so these are sort of all pulled together.

A

um You know you know, but how many hop I hop options are should be allowed. You know I'm proposing one um and it is restrictive. I agree, um but different hopper options could be used in different packets. You know they don't all have to be in the same ones, don't need to be in every package. Obviously it depends on the design of the option.

A

You know the path mtu option is particularly designed to not be in all packets, and I think that could be. um You know I I mean. Maybe a general comment here is that hop. I hop. Options can be a very useful and powerful mechanism, but if they're overused, then it's sort of it sort of breaks the ability to use them, um and so I think they need. You know thinking about this in the future.

A

I think we need to be careful about what we would define as hot by hop um then there's the you know would would a different limit be better as opposed to any number um could we have two three four etcetera, um and you know I sort of wonder how much flexibility do we need. I mean we know that the current mechanism isn't working end-to-end in the internet.

A

um You know right now the host can send as many as they want with what I'm proposing they would know they could send one per packet. That's fairly easy to understand. If it's a different limit, then.

A

Then you have to have a way of the host need to know how many to send and in unless you also have the requirement for a octet alignment that you you may need to use the pad options which makes it more complicated and then the last one was, if there's more than one um you know. Should this be a global or a node limit, and I think it probably wants to be global.

A

um You know hosts need to know what the limits are. um You know, because if you send less than it's fine, but if you send more, then the packet's going to be dropped next slide.

A

And then another set of issues um you know, is it better to keep icmp error messages? um I'm you know I'm proposing to not do that. You know. I wonder how practical it is. You know is this.

A

I mean I think routers have mechanisms to limit the number they send, but if you're not sending them consistently, they may not be getting back to the source, so the host the source can't take any actions. I I think this is a sort of an open question.

A

um There was a question about relationship to srh, um and but srh is a routing. Header does not have hop properties, um it's processed by the node identified in the destination address of the packet, so the nodes in between that don't shouldn't be looking at them.

A

um Of course, any router any node can look at anything if they choose to, we don't we're. Not the protocol police um will forwarding packets with unknown hopper hop options work at the edge. uh I think that's a good question. You know right now. We have examples of you know, isps at the edge dropping packets with hot pipe options with will they let them through will firewalls and the like?

A

uh Allow top high options they don't understand through. That's, I think something we need to understand better um and then this general question is operational deployment possible. You know this can require changes in all all nodes to be useful, and I think clearly this will take time. It can request and, of course, require support from router, vendors and operators. You know vendors have to build this in, and operators have to decide it's useful to allow it to be used.

A

And again I think this comes back to are the hop by hop options that are currently or will be defined, actually useful and that's that's, I think, a harder problem to grapple with on next slide.

A

And so, um thanks for all the feedback and editorial comments, I don't address the latter here.

A

We clearly need to hear from router vendors and operators about this. You.

P

A

They be willing to support something like this and enable it or just continue the current behavior and then the general question is: is this? Is this document, but particularly, does the working group want to work on this? um So I.

B

Think we have a microphone to you already ron. Do you want to go ahead.

F

Yes, um if you look today, you'll find many drafts trying to repurpose bits in the base ipv6 header, because what they really need is a hop extension header, but you know they don't have one that works. So for that reason, I think that this draft is probably the most important draft in six men today and should probably go to the top of our priority list.

F

Second comment: is the draft isn't both both important and difficult? The reason it's difficult, hbh as it is today, is unimplementable, because the hph can be 2k long. It can carry a thousand different uh options in it. Obviously nobody can implement that. So you need to be able to you need to scale it back. But the question is: how much one problem is. You need to be able to predict the future. You need to be able to predict future requirements. We can't see the future to make it worse. We can't even see the present.

F

We don't know what a minimum acceptable requirement would be, what a good number of uh route pro a good number of forwarding engines would be able to process. We don't know if you know one two and three or three options is right. We don't know quite what every every vendor, uh what what a reasonable minimal standard would be, but in any event, important work plea. Please keep going.

B

Excellent. Thank you ron, uh fernando you're.

Q

Next, can you hear me we can hear yeah? Oh.

P

So I um so my comment is that um you know as much as I would like uh to see the situation with uh you know extension headers improve I'm. uh I don't think that um you know the specific proposal of limiting the number of extension headers or the options within the extension headers will help much.

P

What I see from the work that we have done in b6 ops is that the biggest challenge is that you know the the ultimate length of the extension header chain. So it doesn't really matter that much how many options you have within the header or how many headers you actually have. But the point is, at the end of the day, what's the length of the extension header, you could have, for example, a single um you know a single uh hope, I hope options heather, but which has a single option.

P

That is quite long and that would still be a problem. So uh if one wants to do this kind of thing, like you know, let's say limiting or constraining the extension headers in a way that you know might help them survive in the internet. I think that the the goal or what one should be targeting is to target the extension header uh chain length, as opposed to the number of um you know, powers or the number of options uh you know within the header.

B

Okay, thank you fernando uh ching li. Please go ahead.

I

Monica and and fernando I, I do really think the extension the the solution to address this issue hover hub issue is really important, but it seems like if the uh the devices will drop the package when it meets the hover hub header, so this solution cannot work as well. So I don't see how this mechanism can address the issue and also I I agree with ron bonika that we do not know how many options we will need in the future.

I

We cannot say that in in right now, so I'm not really sure that it is a good way to go, but I would suggest that if a operator build their new network, it would possible to like lease requirements that every device should support hardware processing that will solve the address. That's that was not the issue. I I think yeah. Thank you.

B

Thank you eric. Please, go ahead.

K

So does he need a problem to be addressed? This hope, I hope and not support it over the internet. I guess it's mainly because originally probios was a vector for dos, so it was shot and cut at the edge. But beside this I think, even if the program is solved, hope bio in over the internet over a multi-ass system will never be followed and executed right. We know that this sort of code points, for instance, are only applicable within one domain.

K

They are completely ignored once you leave your own domain and this will be the same for hobbyhop, so the limitation of a single option into the hobby of extension header will not change this anyway over the internet, but will prevent innovation and extension within a single domain, and that's why, honestly, I do not like too much this proposal and then the last point putting a must drop a hot biopic extension address, having more than one option uh should most likely become a shoot or may, uh because the mass is too strong.

K

It force all the routers on the pass to inspect or buy hop, which is in itself a kind of a dose anyway. That is a problem to be addressed so, but I don't have a solution here.

A

Right but I mean the definition of hop by hop is that the routers are supposed to look at the option. I mean that is what it is.

K

B

Thank you, eric g dong. You are you're next.

N

Hi, uh I agree with the other people that this is a really important work, and that is a hubba hub. External header has been designed for this hyper hub forwarding and a lot of features are requiring such kind of functionality.

N

Well, I understand that limiting the into only one option may encourage the implementation and help its deployment in a larger network.

N

Is it possible to allow maybe a few more options in a limited domain? This may also help to increase the flexibility in using this external header for wider applications.

B

Yeah. Okay, thank you. That's rush! Please go ahead.

R

Hey um so uh bob like this is a really good draft and I think the problem should be explored for sure, and uh so this is something like.

R

I think we've been trying to do for like about 20 years now like, if I understand correctly right, like you know, starting with, uh like I had a draft like I think in 2003 or so like looking at the same thing, uh I think the important thing bob right, which I think you are trying to nail down correctly, is like to reduce the the barrier on routers to look at the stuff right while trying to limit how much cycles they need to put in.

R

I think that's the right direction to go because like no, if we don't have some way of limiting uh how much time a router is going to spend on a packet like nothing is ever going to happen.

R

So I think, as long as you can keep that envelope down, I think it's like a positive move in there, but and and going back to eric's comment I'd like we don't know if this is going to get routers to widely implement this and let's pack it through and also the fernando's point, but I think this is worth trying for sure. Thank you.

B

Thank you thanks. Suresh.

B

Gion is, is next, please go ahead. I hope I said your name correctly. There.

S

Yes, uh hi: this is guillaume with verizon, um yes, so bob. This is a definitely a really important subject. I think I guess, with a lot of other uh applications, wanting to be able to use h, take advantage of hph and at this point uh hph is really not a viable option to be used really for any type of application.

S

uh The the problem is definitely um multifaceted and and many layers to it. I think one of the big big layers that I think that was mentioned is, I guess you know the christmas tree extension header. So that's. That is something that you know. That's a difficult unit variable right there, uh the other, the other one.

S

That's also big, is uh chip manufacturers and really the control you know of what the vendors use you know, whether you they use fixed function, a6 versus npus, which have better processing capabilities and that that's a variable, that's kind of out of our control and even the vendors you know, they'll pick one versus the other and and then you run into issues so that that's another major variable. um Another issue that exists is that I guess getting the operators really to uh understand.

S

You know, I guess, because they're they wanted, they had the understanding, just the cash separation of control and data plane, and just the fear that the impact of the management plan, um even even once, we kind of get through it and we're make progress trying to change the the uh mindset that uh that there could possibly be impacting the drop.

S

You know, the kind of the standard is to you know, drop hbh due to worry of impact of the managing plane, so that that's another difficult, like operational caveat of how to make uh make hph viable and another uh idea which, which is very you, know, closed a vein versus public domain, and this is in the framework, is, if you have a closed, closed domain, where you're, uh just within your operator network.

S

But you have like an underlay overlay and there are many cases where uh a service provider um core network may may actually carry the internet routing table either in the global table or in a vpn, and this is in one of the other hph drafts that we we've reviewed on the uh with on v6 ops. I'm related to this concept.

S

That is was something that I'd added to that draft, but what it rolls down to like, if you, if you do separate it out and you have your global, your uh internet traffic carried in a vpn, your underlay- is actually not impacted by the uh by the by the flows by the hp adoption, because now it's in the payload. So that's that's another caveat that exists. So operators are not as impacted if you are carrying internet traffic and an mpls and an overlay versus sitting in the underlay.

S

If you're, actually sitting global table now, you're impacted your operator, internal network's impacted as well as any appearing points are impacted. You know end to end you're impacted by hbh options. So um that's that's another impact and then I think, with what um what uh bob is trying to do. I guess limiting the a speech processing by reducing the number of uh limiting number.

S

I mean, I think, that's a definitely a uh a valid attempt to try to help the processing so we're not punting everything to the to the control plane and that helping with that separation of control, plane and data plane. So I mean I think that is definitely helpful. I think fine-tuning and trying to figure out a way to stop the cycle of continuing down the road of dropping operators. Dropping all hph and trying to you know, make a headway. It is.

S

It is a very complex and multifaceted, so definitely but good work, and I think I think it's something that we really need to continue to figure out a solution for. Thank you. Okay,.

Q

Good. Thank you thanks again uh changly you are next.

I

I I think this issue is really important and we have a lot of notification: uh uh innovation uh based on hobby, hub extension, header, so it it is worth to discuss the solution and we do have uh like the new hobby hub extension draft, something like this and I I heard some other solutions, so we can uh like combine together to discuss how to address this issue yeah. Thank you.

B

Thank you, igor.

E

Hi uh this is the verizon media. um One of the big issues, with extension, and especially hub by hop options, is that there's a lot of data center class devices that are actually used out on the internet that are limited to let's say 120 byte bars.

E

K

E

Like to echo what uh fernanda said and the size of the option is actually a bigger issue than the number of options and if you're limited to only 120 byte bars that doesn't leave a lot of room for hot by hop options.

A

Okay, but that I mean that is truly a a number that will change over time.

E

The number that will change over time, however, that that number has been around for several years.

A

Okay, well, this would be good to hear from the folks who make this to um talk about that, not not probably right here, but thank you.

B

Thanks and uh mackerman you are, in the queue feel free to state your full.

B

B

We cannot hear.

B

B

Yeah, okay, I think we'll we'll move on.

B

So a lot of comments bob, I think it's uh it's perhaps not ready to for an adoption call. I think we'll continue this on the on the mailing list.

T

You guys hear me now there you are, please go ahead, I'm I'm so sorry about that. uh I just want to say I'm with an enterprise, and a lot of us are not deploying ipv6, because we think it lacks some management and control and other information that I think hop by hop could provide very nicely. So I think this is really important work and I hope it continues.

T

I have a couple issues or questions along the lines of what both igor and fernando and eric said, but I think those can be worked out, so I really hope this continues and I think it'll be real, strong work. Thank you bob. Thank you very much.

B

Thank you and gauri. You uh have the last word on this topic.

U

Now, I'm just going to say thanks bob for presenting, and both authors were really serious about taking inputs on this. We want this to work. So um please talk to us and please adopt it next time around.

U

B

Excellent, thank you, gory and fernando. I think you have uh the last presentation of the day you step into the pink box.

E

There you go, can you hear me we can hear you.

P

Good um okay, so uh this is me again uh presenting the document on the scope of unique local ipv6. Unicast addresses uh next slide. Please, uh before getting into the uh you know into the topic itself, uh let me um discuss a little bit how you know this. I um you know how this issue came up. um You know I was doing an ipv6 training course and I was essentially explaining the ipv6 architecture and I had questions asked about the scope of addresses.

P

So I wasn't that sure. So I checked the specs regarding you know how the scope was defined uh in the you know: scope addressing architecture, the ipv6 address in architecture, the uls specification, and then I found that there were conflicting uses of the definition of scope. So I said: okay! Well, it's not nice that you know. uh You know if I wanted these folks to. If I wanted to refer these folks to the you know, actual architecture and specifications they find stuff. That is conflicting. So that's uh how I you know ended up rising this.

P

um You know this topic in in six months, so um essentially we have like a conflicting usage of scope in different itf standards. um You know there's uh 4007, which is the scope, aggression, architecture, there's uh 4291, which is the ipv6 addressing architecture, and then we have um the specification for ulas. Okay.

P

Now, if you wonder uh okay, why should I care about this? Or should I care about this? um This is how I see it. um The let's say issue that we have is that if you try to understand the architecture from you know in this respect, we are talking about the scope uh from the current documents that we have you know, since they are, you know conflicting, that's difficult, so uh you know among people.

P

uh You know that the people that you know devote a lot of time to this you know well, might be conflicted by well. We kind of like all understand what we mean, even if we don't say it, but you know from forks that you'd like to refer to the specs, uh you have to explain. Well, the terminology is not exactly very precise.

P

uh If you wonder well, is something breaking as a result of this? No certainly not I mean this is mostly a definition thing or an architectural thing, and you know. Certainly, definitions will not cause networks to break so there's nothing that is breaking as a result of this. Just to make the point clear now there are practical implications of this and we will discuss one of them because there are cases in which the semantics of ipv6 addresses matter and that's where definitions kick in and if the when.

P

We will see quite clearly that you know when the definitions are not clear, you know there are, will be issues there. uh Next slide.

B

uh Do you want to take a question uh real, quick.

P

M

Jumped into the queue please go ahead: jim um hi, fernando um just hopefully a simple question: what are the conflicts? You say there are conflicts in those three rfcs, but I don't immediately know what those conflicts are.

P

It's in the next few slides, so I I will describe that like clearly.

M

Okay. Thank you. Sorry,.

P

And well so, let's talk about the definition of scope, so this is what we have in 4007. Okay, uh scope is defined as the topological span, where uh within which an address may be used to uniquely identify an interface. Okay, uh that's the scope and global scope. As a result of that means that you know, if an address has global scope, it means that it uniquely identifies the address the interface sorry anywhere in the internet. Okay, so a global address is supposed to uniquely identify an uh you know, an interface anywhere on the internet urls.

P

We will go into detail later, but you know from the very beginning. You know. Obviously, ulas don't conform to that. Why? Well, because you are randomizing the prefixes and you know if we happen to have you know like for some reason randomly we ended up, selecting the same prefix. Obviously the resulting addresses will not uniquely identify an interface anywhere in the internet.

P

So that's you know first reason next slide.

P

Then, if you want to add a little bit more to that, this is the scope definition uh uh you know in uh 4193, which is the ura specification. So it says you know one hand. Okay, these prefixes are globally unique.

P

Well, we will see the next slide about this later, but you know they cannot really be globally unique if they are being if they are being randomly generated in an uncoordinated matter that that's that's, not possible, but then uh you know, if you continue with the same definition, they say their limitation is in the rootability of the prefixes, which is limited to a site and any explicit you know, wrote an agreement so in a sense in you know in essence, what the specific definition is telling you is that you know these addresses are limited to a site which is when they are meant to be employed.

P

Now next slide.

P

Now, when uh discussing you know the scope of ulas, uh normally people say: oh no, but that's not correct. If you look at the you know the um the ula specification 4193, you will have the math there that well, okay, it doesn't say that the addresses are unique, but it essentially tells you that the probability of collision is, you know, really low, so low that in practice you can claim that they are unique.

P

Now, if you really think about for what 4193 is saying, what it's really saying is if you grab a number a reduced number of ula based networks- and you interconnect them, then this is what the probability of collision will be. So you connect only two networks that you get. You know blah blah blah. You connect 10 networks, you get this probability, you connect 10 000 networks and you get this number which is still low.

P

You could say, but based on the definition that we have from global scope, which was in the previous addresses in order for ulas to really be global scope. That means that all absolutely all of the ula networks, when interconnected together should have a small probability collision.

P

Now, if you compute the birthday paradox about the math of interconnecting all ula based networks, the number wouldn't be 10 000, of course, there's no, only ten thousand deployments in the internet.

P

That would be, I don't know, what's the number 10 million 100 million- I don't know, what's the number now when you do the when you compute the birthday paradox for that number, then now the probability of collisions becomes roughly one, so you are guaranteed that you will actually have collisions okay now, based on the definition that we had before for for what's a global scope address. Well, then uls can obviously not be global scope, because if you have almost certainty of collisions, then you cannot claim that the ula uniquely identifies an interface. Okay, next slide.

P

Now some practical implications because you could say: okay well, the definition is not really precise. Well, okay! Now this is an interesting. You know case this was raised by you know brian, so credit goes for him to you know to to spotting this one. There's a library in python we take with processes, uh ipe addresses, okay, including them. It processes, ipv6 services and for each address object. It has some attributes. Okay.

P

So if you know you set some address- and you know the id the attributes would will be set accordingly, you can check for those attributes. So there are two attributes which are defined specified by the library as follows: is private, which is true. If the address is allocated for private networks is global, which is true. If the address is allocated for public networks and what happens if you have a ula well, private is set to true global is set to false.

P

Now you might say: okay! Well, these guys are wrong. That might be, you know an option, but when you look at the actual definition of you know the actual definition of scope that you have, you cannot really blame them uh because you know from when it comes to the definition of scope and global scope itself. You know, ulas cannot be global, you know it doesn't utilize, don't comply with the definition of global. So here you have like a practical case. So is this library right or wrong?

P

I'd say that you know from a conceptual point of view. They are right if you ask whether they are compliant with the specifications. I would say I don't know, I mean, there's a conflict in the specification, so it they they my, I think that they comply with 4007, because this is you know what I you interpret the scope of your lace-to-be, but this doesn't comply with, let's say 4291, because 4291 lists um ulas as global addresses.

P

uh So this is again practical case. What do you do in this case like? Do you ask them to fix them? And why are they wrong? Are they right? So this is the case where you know the semantics and the definitions matter do matter, but you know because of the conflicting specs that we have right now.

P

You cannot really tell what this guy should do with the library, uh and this is just one case. So uh this is one case spotted by brian carpenter. There might be others, okay, I don't think there are any, but you know you do have also macros. You know uh that you can use in the you know when you, when you code in c, to check some things as far as remember, there's no marker that'll check for this, but there might be in the future and then again you need to be able to tell you know.

P

What's global and what's not next slide.

P

So this is what our document proposes. Okay, uh so this is when you know, first version of the document. This is what we know what we propose to do. Essentially, what we said is the easiest way to do.

P

It is to simply you know, update 4291 in the part that says just specify the ela prefix, because right now what you have is like you have a lot of listed prefixes and what 4291 says is that well at least otherwise noted the addresses are global scope, that's what they expect says and since it doesn't, you know, have anything special about the ula prefix by default, they're global. So what we say is that you know update 4291 in the sense that now you mark the ula prefix as something else.

P

What you want to call it, I don't care about. The name could be private addresses domain local addresses whatever I mean for me, the name doesn't matter like no, it's for the working group to to select that. um Then uh you know, since there is text in 4193 that essentially claims that ulas are um are global scope. This is the update that would be necessary. You know in in the day, for 42.91 is like a one-liner.

P

When you have the list of prefixes, you just add the ula prefix, and you say this is something else scope something else address type whatever. Whatever name you want to use for 4193, there is a bar in which talks about ulas being global scope, so the fix is simple uh and is the text that we have here essentially saying that, whatever term that we use to define the scope in 4291, we would reuse that term.

P

Here, for example, the scope of these addresses is local, and how do you find the score well larger than link local and smaller than global? It's something in between you. Don't really know where you know the scope ends, because you can't you can't and the all the other thing that is uh necessary is that in the ayanna ipv6 special special purpose address registry, you know where you have like essentially pointers to rfcs.

P

uh You know that explain the different others types essentially have the entry that describes ula utilize, pointing to this document. uh Next.

P

Slide so these are among the you know, the possible options. um First option is, you know, adopt this document as a working group item in the hopes of working or trying to fix. You know the the the ambiguity, for example, in the way that we are trying to you know to fix it in our document, uh but there are other options. I obviously I have a preference for the first one. Another option would be okay. Okay, if there are conflicting definitions like uh you could, for example, we could, for example, do a 4007 bs.

P

uh There are other things to be fixed there and those have been. You know discussed on the mailing list, um but you know if you want to keep the same definitions for ulas like claim that ulas are a global, you know you'd end up, we would end up, you know changing 4007 and we would you know come. We will have to come up with a definition of uh global.

P

That, I would say would be quite interesting, so you know yeah I mean you can change the definition, but you know I think that not the only definition that would you know fix this would be counterintuitive to what you expect. You know global scope to mean then obviously, there's always the option of do nothing. Okay, um I personally think that that's not uh you know attracted.

P

uh You know if this was something that you know was like. um Let's say conflicting definition in I in ipv4 you might say: okay, well, we are supposed to you know, get rid of. You know ipv4. Well, at least we have the hope for that, but um but in the case of ipv6 I guess we all expect it to be around for quite some time.

P

So I don't think that of you know having something that is conflicted and that you cannot really point people like you cannot refer people to to actually better understand that the the topic is, like you know, it's an you know an acceptable way out like I would have liked it. In that case, where I had the discussion to point to to tell people okay. Well, go and read this this and this document and everything will be clear now, if I had done so well, they would have probably came up with this like well.

P

What you know told me to read doesn't make a lot of sense, so this is for the working group to discuss.

A

Okay, jen go ahead.

V

Hello hernandez: I have a few comments.

V

First of all, I kind of still do not see the real problems there, because I think what we're talking about here is a different way to interpret a couple of rfc, because I believe the uas are absolutely unique if they use properties the same way, normal global addresses are uniquely used properly, because I see people just using random addresses assigned to other companies, and you can imagine their network right in this case. We cannot call any address you need, because it's actually could be an application.

V

If someone does the wrong thing right also, I don't ever expect to get 10 000 network fusion, uls, interconnected right. The probability of being unique are rather high in the expected use case. I don't think it's a real problem and again I do not think that existence of one library we probably could be fixed and, as discussed in the chat brian actually has suggested ways to fix. It should be a reason to do such a drastical change, and now, let's explain why. I think that we shouldn't change the scope.

V

If we change the scope, we will get a problem with scoped address architecture. When I use my ula source to reach the global destination looks like I cannot, because the router is not supposed to forward it, because now the scope of the source address will be less than the scope of destination and the packet will leave the zone.

V

So I and I suspect there are plenty of use cases. People might use the.

W

V

Source to read global destinations, I think it's a kind of dangerous change. You propose yeah.

P

Two two comments uh about that. Like um I obviously I agree with you that you wouldn't end up interconnecting more than 10 000 ula networks. Probably I would.

K

Say that you wouldn't.

P

You you wouldn't even interconnect like a hundred of them most likely, okay, not even let alone ten thousand. What I'm saying is that what the definition says? Okay is that they still need to be. If it's global scope, global implies the whole internet, then if you connect them or not, that's a different question. I agree with you that you wouldn't interconnect them, but the definition says that if you claim that something is global scope, whether you interconnect them or not, that's a different issue.

P

You could block them, there's a lot of things that you could do, but what the definition says is unique. Internet-Wide for global scope, that's one of that's in one of the previous slide that I discussed it doesn't say: global scope is unique in the area where you decide to use it, that's different, so I agree with what you say, but what I'm? What I'm saying is that the formal definition doesn't agree with what you're saying global implies the whole internet, not where you decide to use it.

P

That's the formal definition of global scope. Only can we go back a few slides. I think it's like. Why don't we.

A

Yeah fernando, why don't we.

V

A

The other people in the queue yeah please.

W

Fred yeah, thanks for the presentation, fernando, um I just wanted to point out that, in addition to llas ulas and guas, we also have host identity tags hits from rsc 7401 and they are more preferable than ulas in some cases, but less preferable than a true gua. In other cases, can we somehow fit that into the hierarchy.

P

Well, definitely, um you know, I think it was david farmer that he also writes it not just the case that you rise, but even other ones. So definitely, yes, there are other cases. So in this, this is the one that you know, the the one that you know popped up the the issue, but I do agree with you that there are other cases that you know most likely follow the same. The same.

A

A

Well, I think you're, muted or something.

B

ah Bob you're in the queue that was the only thing I.

A

Can do all right, so um thank you, um so I'm I'm one of the authors of the ula spec, um so I'm speaking in that regard, I actually don't agree with the with fernando's proposal here. I think the spec is actually fairly clear about the the level of uniqueness and it's also very clear about the way ulas are intended to be used and I'm not hearing any kind of operational problem that this is causing.

A

I think this is uh um I'm not sure if I want to use the an academic issue, but I don't think this is worth um the benefit I think of changing. Anything here is very small and it potentially also does harm in that it's going to maybe cause more confusion than there is now about this and just to nitpick a little bit.

A

I think the the birthday para paradox analysis isn't quite right, because the intention of like when you you know the draft talk the document, the rfc talks about how you might use this in vpns between some number of say, enterprise sites, and and to do that you would get your your isps to coordinate advertising prefixes.

A

There was never intent that the prefixes could be would be routed globally everywhere, like rar based prefixes are so the chance of a collision is is practically zero, so I I'm not sure I'm not hearing any kind of problem that I I think is worth solving. Thank you.

J

A

B

Yeah well, okay, go on! Finally, here quick, see.

P

B

P

Comment is that um so this is the this slide is where we, you know they have the the definitions that we are referring to. So I agree with that. You say that okay, within the scope or within the area, not let's not stop, let's not say scope, because that's a formal definition, if you say within the area that I would end up using the ulas, they are going to be unique. Agreed fully agree with that. Now.

P

The way in which 4007 defines scope is like this and global scope means the whole internet, not where you decide to use them.

P

That's what I'm referring to now, if you say okay, this is uh you know, let's say an academic definition. I mean in a way. Yes, but you know, architecture is academic. If you want, you know doing, an architectural document is academic and then there are implications like there's the python library example that I mentioned is it okay? Should them fix it, and why.

B

Thanks fernando um mike you, uh you have the next and then we have uh eric to end today, um mike.

T

Please go ahead: okay, thank you, michael ackerman, again and again from the enterprises perspective, we're wrestling with deploying of ipv6. Now one of our issues is: what do we do for situations where we currently use 1918 dresses for various reasons, and we think that euless could be a good answer there, but quite frankly, we don't understand them and what the scope is and, like one of fernando's slides said, we come out somewhere between link local and the entire internet.

T

If this document could lend clarity to that, that would help us out a lot in terms of getting deployment. I'm afraid I'm in support, but thank you fernando.

B

Thank you, okay. Eric you have the last word for the sixth man in uh prague.

G

A virtual frog uh yeah. I just wanted to say that the um the python library goes back to, I think some very early ip address library work uh around 2008 or nine at google by various folks. So it's pretty, you know some of that stuff's, pretty old uh and also um you know brian carpenter's draft uh about uh what does global mean talks about some of this stuff.

G

But I think you know the difference between global, addressing and global routing is is a key realization and that ip address library uh did not uh at the time take any of that into consideration. It was, uh you know, meant simply to try to disambiguate, clearly global addresses from other things, so and and also the the temptation to try to map ulas onto rfc. 1918 uh may have been present and it's you know that that mapping is imprecise, so.

P

uh Just y'all for the record, I it's not that I'm suggesting that uh you know the scope of ulas is mapped to that of 1918.

P

I'm just saying that, based on this slide that we have here uh based on this definition, you know it cannot be claimed that your laser global that that's it, what you know.

G

I think that the attack has that is private flag right and that's you know clearly applicable to rfc. 1918 um was probably extended, because that was the limit of the understanding, or that was the the most approximate most proximal understanding at the time.

B

Okay, thank you fernando. I think we are done with today's session. We'll continue on the mailing list, I'm sure um who knows if we meet physically in the summer, probably not, but it's uh in san francisco time zone. I think so. Thank you very much and we'll see you on the mailing list.

A

Yes, thank you all and see you thank.

A