All Subnets must be /64, all hosts must use EUI-64? (According to RFC3513)
Erik Kline
ek at google.com
Tue Jun 2 21:15:29 CEST 2009
This is really just for "Interface IDs". It's basically saying that if
you're going to use Interface IDs and Stateless Address Autoconfiguration
(SLAAC) and all that stuff you need to be using 64bit IIDs. That's it.
IIDs != IPv6 addresses, just one way to form them.
You can statically assign dead:beef, 1337:cafe, ... and put then in DNS all
you want. You can have /80s, /112s, whatever.
Also: 3513 was obsoleted by http://tools.ietf.org/html/rfc4291 (one reason I
prefer the tools.ietf.org links).
2009/6/2 Ryan Harden <hardenrm at uiuc.edu>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In a conversation with my DNS admin, he brought up the fact that RFC3513
> seems to forbid using a subnet size other than /64 AS WELL as using
> anything other than EUI-64 to determine the host ID of an address.
>
> In RFC3513: http://www.ietf.org/rfc/rfc3513.txt
> Section 2.5.4 Paragraph 2:
>
> "All global unicast addresses other than those that start with binary
> 000 have a 64-bit interface ID field (i.e., n + m = 64), formatted as
> described in section 2.5.1. Global unicast addresses that start with
> binary 000 have no such constraint on the size or structure of the
> interface ID field."
>
> Given 2001::/8 and 2620::/8 fit this criteria, it seems that the
> interface ID or HOST portion of an IPv6 address must be 64-bits long and
> formatted in accordance to section 2.5.1.
>
> Section 2.5.1 Paragraph 3:
> "For all unicast addresses, except those that start with binary value
> 000, Interface IDs are required to be 64 bits long and to be
> constructed in Modified EUI-64 format."
>
> The way I read it seems to imply staticly assigned IPv6 addresses are
> forbidden. Which puts a damper on securing the coveted DEAD:BEEF address
> for my workstation.
>
> I have not understood this to be true and have experienced practice
> where this is absolutely not met. I see /126s for p-t-p links, static
> DNS servers, static web servers, etc, etc.
>
> Am I reading this wrong? Is this RFC out of date? What is the intent of
> these sections in the RFC? At the very least they are unclear and/or
> misleading.
>
> RFC3587 Section 3, Paragraph 2 seems to confirm this:
> "[ARCH] also requires that all unicast addresses, except those that
> start with binary value 000, have Interface IDs that are 64 bits long
> and to be constructed in Modified EUI-64 format."
>
> /Ryan
> - --
> Ryan M. Harden, BS, KC9IHX Office: 217-265-5192
> CITES - Network Engineering Cell: 630-363-0365
> 2130 Digital Computer Lab Fax: 217-244-7089
> 1304 W. Springfield email: hardenrm at illinois.edu
> Urbana, IL 61801
>
> University of Illinois at Urbana/Champaign
> University of Illinois - ICCN
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkoldhEACgkQtuPckBBbXbqycACgu7wfR1jM9c9VyzZU4b2rUhp7
> 5FAAoME1yBwmRm/DuZ8jeZuSGluWc+da
> =9mMt
> -----END PGP SIGNATURE-----
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cluenet.de/pipermail/ipv6-ops/attachments/20090602/948ce9b0/attachment.htm>
More information about the ipv6-ops
mailing list