About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [address-policy-wg] Re: [ipv6-wg] closed network and need for global uniqe IP space

  • To: Roger Jorgensen <
    >, Gert Doering <
    >
  • From: Geoff Huston <
    >
  • Date: Sat, 24 Dec 2005 08:01:32 +1100
At 10:03 PM 23/12/2005, Roger Jorgensen wrote:

On Fri, 25 Nov 2005, Gert Doering wrote:
<snip>
> The idea is that ULAs are random-generated in a way that makes it "fairly
> unlikely" that you end up in an address collision.  But there is no
> guarantee, of course.
indeed. The chances of collision exceed 0.5 once the pool of random;y drawn numbers exceeds 1.24 million.

>
> There is also a second sort of ULAs that are globally unique but still
> private, but as far as I know, there is no registry yet that will hand
> them out.  So these can't be used yet.

Who would know more about this? I'm in the process of writing down some
startup thoughts about how we can (and maybe should) implement IPv6 here
where I work. It's a closed national network where security is prio 1 and
we might also have to work/connect to other network of the same type in
other countries... in short, we need to be globaly unique so we actually
need that registrary to be there:)

the original ULA document combined both self-selected ULAs and registry-selected ULAs.

Over the period of a year of IETF consideration they were split in two, and the random self-selction method became RFC 4193 and the so-called centrally assigned IDs draft expired .

Some URLS:

- the history of the drafts: http://smakd.potaroo.net/ietf/idref/draft-ietf-ipv6-unique-local-addr/index.html

- the centrally assigned drafts: http://smakd.potaroo.net/ietf/idref/draft-ietf-ipv6-ula-central/index.html

There was a long discussion on the IPv6 list about the issues with the operation of a registry. I've forgotten when, but around May - July 2003 sounds familiar for some reason.

The concept of a central register of unique 40bit sequences is not completely dead. At RIPE 51 I described some current work at APNIC that includes a certificate identity scheme that uses this same concept (http://www.ripe.net/ripe/meetings/ripe-51/presentations/pdf/ripe51-address-certificate.pdf (see page 14 of the presentation).

I also did some maths of the collision probability of random 40bit long numbers (the so-called "birthday problem" in an expired draft (http://smakd.potaroo.net/ietf/idref/draft-huston-ipv6-local-use-comments/index.html).

It _may_ be the case that a form of centrally assigned unique 40 bit strings for use in the context of the original model of centrally-assigned unique local addresses may be a useful by-product of the certification work - but if it proceeds that this is likely to be some time away yet from becoming part of the service portfolio associated with certification.


regards,

Geoff



Post To The List:

Replies

Message References

<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | Copyright Statement
RIPE.NET Homepage LIR Portal RIPE Community