[155010] in North American Network Operators' Group
Re: using "reserved" IPv6 space
daemon@ATHENA.MIT.EDU (Stephen Sprunk)
Thu Jul 19 13:20:45 2012
Date: Thu, 19 Jul 2012 12:19:38 -0500
From: Stephen Sprunk <stephen@sprunk.org>
To: nanog@nanog.org
In-Reply-To: <20120718180735.GA11403@pob.ytti.fi>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
This is a cryptographically signed message in MIME format.
--------------ms080202060402040505030901
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On 18-Jul-12 13:07, Saku Ytti wrote:
> On (2012-07-18 11:39 -0500), Stephen Sprunk wrote:
>> Those were not considered requirements for the algorithm in RFC 4193 s=
ince there is no scenario /where RFC 4193 addresses are a valid solution =
in the first place/ for which testability or provability of the algorithm=
's results are important or even useful.
> If collision occurs, if dispute occurs, provability that one party did =
not use BCP method can be useful to solve dispute and decide who renumber=
s.
In my experience, pointing at RFCs is rarely how disputes are resolved
in the real world.
> Other potential problem with RFC, if you have software to generate two,=
if software runs parallel, it may generate same prefixes.
It is incredibly unlikely, and that is all RFC 4193 claims to offer:
/statistically /unique addresses. If you want /provably/ unique
addresses, use GUAs--or lobby for ULA-C, which to date has been soundly
rejected for lack of usefulness.
> IEEE decided 2008 or 2009 to start allocation OUIs randomly, since some=
cheapskates were assigning themselves 'free' OUIs from end of the space,=
confident it'll never collide. So duplicate OUIs can happen. Also some N=
IC vendors ship with non-unique MAC.
You'd still need two systems with duplicate MACs to run the algorithm at
exactly the same timestamp, which IIRC has a resolution of 2^-32 seconds.=
> What makes RFC method good?
RFC 4193 doesn't mandate any particular algorithm; it just provides an
example that was designed to be easily implemented and used. You can
use another RNG if you wish.
S
--=20
Stephen Sprunk "God does not play dice." --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSS dice at every possible opportunity." --Stephen Hawking
--------------ms080202060402040505030901
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIFNjCC
BTIwggMaoAMCAQICAwuIVDANBgkqhkiG9w0BAQUFADB5MRAwDgYDVQQKEwdSb290IENBMR4w
HAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmlu
ZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZzAeFw0xMjAz
MjcxOTQ4NTdaFw0xMjA5MjMxOTQ4NTdaMD0xGDAWBgNVBAMTD0NBY2VydCBXb1QgVXNlcjEh
MB8GCSqGSIb3DQEJARYSc3RlcGhlbkBzcHJ1bmsub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1qAUmWE5Nv/9HFl7f52VrEoGqhbYG1rPE7go13pSxgUBi02iDNKyDTJH
b/CswpO/FE9p34QbUlnOXY3LRrLh+/NaS496breDA8mRKCceNHIPaiK3Mwpl0q787WQalrp9
mBV2jKHobOMOWbtNiuYSq6k4qfqIvFJvGOsgizcqeMjjLyR8GimjGCQYuH2o970PhlNidpAj
mVMCBehc3RhjmevEn4ydIL7j0bmFj9YuLxaoISq6icdh7VFxqAzdEbHhQHKp1N8aNq5yhcWD
M//Bq8MpMd1+zNse/pVc7/42G5iArYkImUbu/P48PgR8ZX9D59hJxP7kRyKVT9dbTNkh4wID
AQABo4H+MIH7MAwGA1UdEwEB/wQCMAAwVgYJYIZIAYb4QgENBEkWR1RvIGdldCB5b3VyIG93
biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSBoZWFkIG92ZXIgdG8gaHR0cDovL3d3dy5DQWNlcnQu
b3JnMEAGA1UdJQQ5MDcGCCsGAQUFBwMEBggrBgEFBQcDAgYKKwYBBAGCNwoDBAYKKwYBBAGC
NwoDAwYJYIZIAYb4QgQBMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29j
c3AuY2FjZXJ0Lm9yZzAdBgNVHREEFjAUgRJzdGVwaGVuQHNwcnVuay5vcmcwDQYJKoZIhvcN
AQEFBQADggIBAD8tqTvu2ZrBGK01AFSzf0BYcYNXMRwK8XqWQpeJwo2+s+GSsrukNEEn2mNn
RLIF879e/7dmLoCVKkWXqhn/L9BdWTquRHuAQqokyddekrKFP7yNabXUOVD4dxkzgGc/pD70
7uj5pfIAqx7/JYUPdCgWtX91gtxN3CVmUUAKcewA/xXJy1VPZVR3q6aP9K/4x4Qir06xVtZm
BApKc4s5zaD8b8CLxFhKDw/NUymby1OKjSS7h5JhPsdOOqm6JeGHKRhL3tGFv5ObUTK4ABz8
LF2rtpx/h+eRMP0CxQaI50fz8H0fDMBo4ztsdEAmp9lh0F9CyCYAkt3qLhXFDvX2lOGqmB4f
4Q4/atUCqZnUA/4hZGC0PKgwTOSztFvPlAGtb/S7NeAhv3x6HTMsIP+yanB8/HBJtZXariH3
D2fpUibEFCPubaVSciPKEpI/Lv+BtQ7FmsbQqTV+iHovbQYZ/UcFtfjIcBCnQJjGmk3V5nsE
0p+Aw/IiHUoYwZD+TjaaBBGNJnFaQosQtwy44jwURIb+Lb1/ditqIlXobV9ShzAApuHc3g9R
CPjrmVlEDaLaG/82L92QqE84CrUfUWNqMqtDskQtizkD1ju8sfH9NJHLYolpbUlPJrWCW/8z
Cl25O3uLZMn8gc6egClBfIm+jGZuSQ9sohcX4hw1jg7wK1guMYIDlDCCA5ACAQEwgYAweTEQ
MA4GA1UEChMHUm9vdCBDQTEeMBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYD
VQQDExlDQSBDZXJ0IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0
QGNhY2VydC5vcmcCAwuIVDAJBgUrDgMCGgUAoIIB6DAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN
AQcBMBwGCSqGSIb3DQEJBTEPFw0xMjA3MTkxNzE5MzhaMCMGCSqGSIb3DQEJBDEWBBQCfgXS
qswU4IjfZ5thn3dTDdZODDBfBgkqhkiG9w0BCQ8xUjBQMAsGCWCGSAFlAwQBAjAKBggqhkiG
9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcN
AwICASgwgZEGCSsGAQQBgjcQBDGBgzCBgDB5MRAwDgYDVQQKEwdSb290IENBMR4wHAYDVQQL
ExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmluZyBBdXRo
b3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZwIDC4hUMIGTBgsqhkiG
9w0BCRACCzGBg6CBgDB5MRAwDgYDVQQKEwdSb290IENBMR4wHAYDVQQLExVodHRwOi8vd3d3
LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkq
hkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZwIDC4hUMA0GCSqGSIb3DQEBAQUABIIBAGIv
MtlkZiJo6v++J0v1w1A77OLcbfC6PCHPItfuB3PuH6ImOhrZweOTefBtXfs7BFOwUB7JKdGB
0tyNWUDLvWLJgrb2M45QCyTmP9k+/qlZje5mCW3bTd9nb+OJM5RiEXMZZoDDCaSsHiMHwq1R
pjawsV9o+MBu/VYoFX0yk9R1y/EZ3bLaDpRRiDey6xF255g5J1rrhokVIgCQ0Jnmcpktg6cw
Nx/o5f/vdHLM2kK9xB7J6CDV4sHmIspM7v/z139LecyxBhtOv7btWsXdotjKHCvtQszz8JDV
2f5qNsTMYEqEMV0QyPIx124/GoOfi7bu+CMcMwvuICGp31wSEuEAAAAAAAA=
--------------ms080202060402040505030901--
