Ethernet-derived addresses are indeed also an issue, but they're hypothetically unique ... so we're back to estimating the inestimable ... are they less likely to collide than 3041 because of this supposed uniqueness, or more likely to collide because of the possibility of human error?
Good question.. The reason why Ethernet MAC addresses would not be unique would probably be either human error (manually configuring the mac address) or a manufacturing error -- and in either case, it's not certain how much analysis on 2^48 would help..
Would it be sufficient to change the first para of Appendix A to:
| In assessing the usefulness of Duplicate Address Detection, the | probability of collision must be considered. Various mechanisms, | such as SLAAC [RFC2462] and DHCPv6 [RFC3315] attempt to guarantee | uniqueness of the address, but they add complexity to address | configuration and may introduce a risk of collision due to | misconfiguration. | | Privacy Extensions to SLAAC [RFC3041] avoid this issue by | picking an Interface Identifier (IID) at random from 2^62 possible | 64-bit IIDs (allowing for the reserved U and G bits). No | attempt is made to guarantee uniqueness, but as the following | discussion shows, probability is exceedingly unlikely.
... or do I need to be even clearer?
I'm open to hearing if others have thoughts about this.
If we go through this kind of text, which would be basically OK by me, a couple of modifications will be needed, because the first paragraph seems to assign blame on SLAAC and DHCPv6 for complexity and recommending using RFC3041 instead. That's not good, the text needs to be more balanced. RFC3041 have many drawbacks, e.g., about their renumbering and the use for longer term than they are valid, and are solution only in some limited cases.
Maybe use the following rewording? (I would also have wanted to say that due to these factors, it is impossible to calculate the collision probability of SLAAC in particular, but couldn't find the right words for that)
In assessing the usefulness of Duplicate Address Detection, the probability of collision must be considered. Various mechanisms, such as SLAAC [RFC2462] and DHCPv6 [RFC3315] attempt to guarantee uniqueness of the address. The uniqueness of SLAAC depends on the reliability of the manufacturing process (so that duplicate L2 addresses are not assigned) and the human factors if L2 addresses are manually. The uniqueness of DHCPv6 assigned addresses relies on the correctness of implementation in ensuring that no two nodes can be given the same address.
Privacy Extensions to SLAAC [RFC3041] avoid these potential error cases by picking an Interface Identifier (IID) at random from 2^62 possible 64-bit IIDs (allowing for the reserved U and G bits). No attempt is made to guarantee uniqueness, but the probability can be easily estimated, and as the following discussion shows, probability is exceedingly unlikely.
-- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
-------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
