IPv6 SiteLocal Discussion - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

IPv6 SiteLocal Discussion

Description:

Analyze options available for site-local usage and reach consensus on an approach ... Specifies rules for simple SBRs and firewalls to enforce site boundaries ... – PowerPoint PPT presentation

Number of Views:30
Avg rating:3.0/5.0
Slides: 21
Provided by: margaretw
Category:

less

Transcript and Presenter's Notes

Title: IPv6 SiteLocal Discussion


1
IPv6 Site-Local Discussion
  • Bob Hinden Margaret Wasserman
  • IETF 56 San Francisco
  • March 2003

2
Goals for Site-Local Discussion
  • Analyze options available for site-local usage
    and reach consensus on an approach
  • Chairs both believe that it is more important to
    make a decision and move forward than it is to
    pursue any particular approach
  • Chairs will both support any proposal that
    reaches WG consensus

3
Range of Use Cases
  • No site-local addresses
  • Only on disconnected networks (limited)
  • Nodes exclusively global or site-local
  • Nodes do not have both global SL addresses
  • No multi-sited nodes (moderate)
  • A node may be in, at most, one site
  • Full usage, including site-border nodes

4
Current Documents
  • Limited usage document in SL impact appendix
  • Exclusive model is not documented
  • Moderate usage proposal
  • Full usage documented in scoped addressing
    architecture (WG I-D)
  • Site local impact draft documents issues with
    full usage -- no longer directly applicable
  • Already have WG consensus not to support

5
Limited Model
  • Site-locals used only on disconnected sites
  • Non-Internet connected sites
  • Sites behind NAT
  • IPv4ltgtIPv6, IPv6ltgtIPv6
  • Site-locals treated exactly like globals
  • Transition from disconnected to connected
    requires renumbering

6
Exclusive Model
  • Site-local and global addresses are never
    configured on the same node
  • Nodes must be explicitly configured to use
    site-locals
  • Simplifies address selection
  • Use what you have
  • Specifies rules for simple SBRs and firewalls to
    enforce site boundaries
  • Requires no site concept, similar to moderate
    proposal
  • Site-local addresses not in global DNS
  • Eliminates possibility of hosts leaking
    site-locals globally

7
Moderate Model
  • Site-local addresses must be explicitly
    configured
  • In Router Advertisements and DNS
  • Nodes may have site-local and/or global addresses
  • No requirement for nodes to be multi-sited
  • Specifies rules for simple SBRs and firewalls to
    enforce site boundaries
  • Introduces no site concept
  • No routing protocol changes required
  • Prefer global over site-local in address
    selection
  • Site-local addresses not in global DNS
  • Only create site-local address using Autoconf or
    Privacy

8
Limited Model Benefits
  • Addressing for disconnected sites
  • Addressing behind NATs

9
Exclusive Model Benefits
  • Limited model benefits, plus
  • Stable addressing for local nodes
  • Global nodes do not have stable addresses in
    newly connected, intermittently connected or
    renumbered networks
  • Connections between local nodes survive address
    prefix changes
  • Prevents global access to/from local nodes and
    services

10
Moderate Model Benefits
  • Exclusive model benefits, plus
  • Stable addressing
  • Site-local addresses remain stable in newly
    connected, intermittently connected or renumbered
    networks
  • Potential for applications to choose site-local
    addressing to allow local connections to survive
    address prefix changes

11
Issues List
  • IP Layer Address Leaking
  • DNS Address Leaking
  • Address Leaking by Upper-Layers
  • Routing Protocol Issues
  • Forwarding Table Issues
  • Mobile IP Issues

12
IP Layer Address Leaking
  • Site-local IP source/destination addresses
    leaking outside of the site
  • None of the proposals have this problem
  • Limited proposal doesnt send packets outside
    the site (isolated)
  • Exclusive and Moderate enforce at site
    boundaries

13
IP Address Selection Issues
  • Changes required to existing IPv6 address
    selection rules and implementations
  • Limited and Exclusive do not require changes
  • Moderate requires change to prefer global over
    site-local

14
DNS Address Leaking
  • Need to keep site-local addresses out of the
    global DNS
  • Limited proposal doesnt have this problem
    because there is no global DNS access
  • Exlusive and Moderate require some mechanism
    to enforce (i. e. split DNS)

15
Address Leaking by Upper-Layers
  • Addresses leaked by application, session and
    transport layer protocols that exchange addresses
    with other nodes
  • Limited doesnt have problem
  • Exclusive eliminates problem because global
    nodes dont have local addresses to leak
  • Moderate requires upper layers to have address
    selection rules

16
Routing Protocol Issues
  • Routing protocols shouldnt exchange site-local
    routes across site boundaries
  • All of the proposals eliminate this problem
  • Limited doesnt connect to outside routers
  • Exclusive and Moderate introduce no site
    concept at site borders and BGP filters

17
Forwarding Table Issues
  • Need to maintain multiple site-local forwarding
    table and select between them
  • All proposals eliminate this problem
  • None support nodes in more than one site

18
Mobile IP Issues
  • Nodes may move between sites
  • Site local addresses from the first site are not
    valid (and may be ambiguous) in the new site
  • Limited doesnt have problem
  • Exclusive and Moderate requires mobile nodes
    to use only global addresses

19
Major Differences
  • Differences between Exclusive and Moderate
  • Exclusive does not require address selection in
    upper-layer protocols nor at IP layer
  • Exclusive does not require changes to IPv6
    address selection rules and implementations
  • Limited proposal eliminate all issues and
    virtually all benefits

20
Moving Forward
  • Can we reach consensus on an approach to pursue?
  • Do we have enough information to decide?
  • Limited, Exclusive or Moderate
  • If not, can we progress parts of Scoped
    Addressing Architecture without site-local?
  • Multicast and link-local
Write a Comment
User Comments (0)
About PowerShow.com