> On Nov 17, 2021, at 19:03 , John Levine <jo...@iecc.com> wrote:
>
> It appears that Joe Maimon <jmai...@jmaimon.com> said:
>> Mark Andrews wrote:
>>> It’s a denial of service attack on the IETF process to keep bringing up
>>> drafts like this that are never going to be approved. 127/8 is
>> in use. It isn’t free.
>>
>> There are so many things wrong with this statement that I am not even
>> going to try to enumerate them.
>
> Aw, c'mon, don't leave us guessing.
>
>> For example
>> https://datatracker.ietf.org/doc/html/draft-fuller-240space-02 from 2008
>> which fell prey to the "by the time this is usable IPv6 will have taken
>> over" groupthink.
>>
>> Objectively wrong.
>
> I will agree that your explanation of the reasons the IETF didn't repurpose
> 240/8 is objectively wrong.
>
> The amount of work to change every computer in the world running
> TCP/IP and every IP application to treat 240/4 as unicast (or to treat
> some of 127/8) is not significantly less than the work to get them to
> support IPv6. So it would roughly double the work, for a 2% increase
> in the address space, or for 127/8 less than 1%. The code for IPv6
> is already written, after all.
There is an (admittedly questionable) argument to be made that application
updates would not
have been necessary for this, just every OS/Computer/Router/Switch/IDS/IPS/etc.
> Also, while the world has run out of free IPv4 address space, there is
> plenty of IPv4 if you are willing to pay for it. A 2% increase in v4
> addresses would not change that.
In fact, the world has not run out, AFRINIC still has a free pool.
Unfortunately in an astonishing display
of collective “don’t get it”, they’ve deployed protectionist policies that make
it incredibly difficult to get
addresses from AFRINIC, ensuring that while the continent still suffers from
the same level of IPv4
address shortage as the rest of the world, the illusion of a useful free pool
there will remain for years
to come.
>>> "By contrast, IPv6, despite its vastly larger pool of available address
>>> space, allocates only a single local loopback address (::1)
>> [RFC4291]. This appears to be an architectural vote of confidence in the
>> idea that Internet protocols ultimately do not require millions of
>> distinct loopback addresses.”
>>>
>>> This is an apples-to-oranges comparison. IPv6 has both link and site local
>>> addresses and an architecture to deliver packets to specific
>>> instances of each. This does not exist in the IPv4 world.
Site local was deprecated many many years ago.
>> SO an IPv6 only system without any network interfaces can run multiple
>> discrete instances of the same daemon accepting connections on the same
>> TCP port?
Depends on your definition of “without any network interfaces”, since
technically the loopback interface is a network interface.
If you mean “an IPv6 system with no interfaces other than loopback”, then yes,
it can because you are free to assign additional
addresses to the loopback interface, but ::1/128 is the only address
universally assigned to the loopback interface.
> Sure.
>
>> Can I script that, can I template that with hardcoded
>> addresses, same as I can now for 127/8?
>
> Sure, if you think that's a good idea which it isn't. Use LLAs on your
> loopback interface.
On a system with no network interfaces other than loopback, it really doesn’t
matter what you do… LLA, ULA, and GUA
could be used in any combination without negative impact. Nothing is leaving
the box, so it might as well be an entire
IPv6 internet unto itself.
> Personally, I take my 127/8 addresses from a configuration file since I don't
> know in advance what
> other daemons might also want to run on addresses only visible on the local
> machine. Or, you know,
> some maniac might decide that part of 127/8 isn't loopback so I have to move
> them to the part that
> still is.
Meh. I think individually assigning addresses for those cases isn’t the worst
thing in the world, but there are some
circumstances in which the linux kernel’s unique behavior in this regard can be
convenient.
> In IPv6 I use ULAs since that gives me the option of routing them or not.
Well… I use GUAs because that gives me the option of routing them widely or
narrowly or not.
ULAs don’t have the option to route them widely without resorting to at least
NPT which is nearly as hideous as NAPT.
Owen
