From nobody Wed Jul 06 22:06:30 2022
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 66CF41D1716F
	for <freebsd-net@mlmmj.nyi.freebsd.org>; Wed,  6 Jul 2022 22:06:32 +0000 (UTC)
	(envelope-from mike@mail.karels.net)
Received: from mail.karels.net (mail.karels.net [216.160.39.52])
	by mx1.freebsd.org (Postfix) with ESMTP id 4LdYXl3xbgz4dVJ
	for <freebsd-net@freebsd.org>; Wed,  6 Jul 2022 22:06:31 +0000 (UTC)
	(envelope-from mike@mail.karels.net)
Received: from mail.karels.net (localhost [127.0.0.1])
	by mail.karels.net (8.16.1/8.16.1) with ESMTPS id 266M6UNX033855
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO)
	for <freebsd-net@freebsd.org>; Wed, 6 Jul 2022 17:06:30 -0500 (CDT)
	(envelope-from mike@mail.karels.net)
Received: (from mike@localhost)
	by mail.karels.net (8.16.1/8.16.1/Submit) id 266M6UVV033854;
	Wed, 6 Jul 2022 17:06:30 -0500 (CDT)
	(envelope-from mike)
Message-Id: <202207062206.266M6UVV033854@mail.karels.net>
To: freebsd-net@freebsd.org
From: Mike Karels <mike@karels.net>
Reply-to: mike@karels.net
Subject: experimental support for IPv4 unicast extensions
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <33852.1657145190.1@mail.karels.net>
Content-Transfer-Encoding: quoted-printable
Date: Wed, 06 Jul 2022 17:06:30 -0500
X-Rspamd-Queue-Id: 4LdYXl3xbgz4dVJ
X-Spamd-Bar: ++
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=none;
	spf=none (mx1.freebsd.org: domain of mike@mail.karels.net has no SPF policy when checking 216.160.39.52) smtp.mailfrom=mike@mail.karels.net
X-Spamd-Result: default: False [2.64 / 15.00];
	 HAS_REPLYTO(0.00)[mike@karels.net];
	 ARC_NA(0.00)[];
	 FREEFALL_USER(0.00)[mike];
	 FROM_HAS_DN(0.00)[];
	 TO_MATCH_ENVRCPT_ALL(0.00)[];
	 NEURAL_SPAM_SHORT(1.00)[0.999];
	 MIME_GOOD(-0.10)[text/plain];
	 REPLYTO_ADDR_EQ_FROM(0.00)[];
	 PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org];
	 AUTH_NA(1.00)[];
	 RCPT_COUNT_ONE(0.00)[1];
	 TO_DN_NONE(0.00)[];
	 MID_RHS_MATCH_FROMTLD(0.00)[];
	 NEURAL_SPAM_LONG(0.99)[0.986];
	 DMARC_NA(0.00)[karels.net];
	 NEURAL_HAM_MEDIUM(-0.64)[-0.641];
	 MLMMJ_DEST(0.00)[freebsd-net];
	 FORGED_SENDER(0.30)[mike@karels.net,mike@mail.karels.net];
	 RCVD_NO_TLS_LAST(0.10)[];
	 R_SPF_NA(0.00)[no SPF record];
	 R_DKIM_NA(0.00)[];
	 MIME_TRACE(0.00)[0:+];
	 ASN(0.00)[asn:209, ipnet:216.160.36.0/22, country:US];
	 FROM_NEQ_ENVFROM(0.00)[mike@karels.net,mike@mail.karels.net];
	 RCVD_COUNT_TWO(0.00)[2]
X-ThisMailContainsUnwantedMimeParts: N

I have been corresponding with the authors of Internet-Drafts that relax
restrictions on parts of the IPv4 address space to allow normal unicast
use, and I have FreeBSD changes to allow experimentation with these
updates.  This message summarizes my changes, and solicits input.

The changes are all controlled by sysctl, and default to "off".
The parts of the address space in question and the relevant changes:

0/8 (network 0) [1]: Restrictions on network 0 are lifted if the sysctl
net.inet.ip.allow_zeronet is set to 1.  This applies to packet forwarding
and ICMP echo.

224/4 (Experimental/"Class E") [2]: Restrictions on the Experimental
address class are lifted if the sysctl net.inet.ip.allow_experimental
is set to 1.  This applies to packet forwarding and ICMP echo.

127/8 (loopback net) [3]: The size of the reservation for the loopback
network can be reduced from 127/8 to 127.0/16 using the sysctl
net.int.ip.loopback_mask.  My current sysctl sets the mask, but that
is a little cumbersome; I should probably change the sysctl to allow
a mask length to be set.  This change is limited to the kernel; the
IN_LOOPBACK macro uses the current mask in the kernel, but the default
mask at user level.  Also, some user programs use IN_LOOPBACKNET along
with a Class A shift to crack this by hand.  The kernel change affects
IP packet input and output as well as forwarding.

The changes described above are all included in a single review for now,
although I would probably separate them before pushing them.  (They
necessarily collide though.)  The review is intended for comments only,
and is https://reviews.freebsd.org/D35741.  I think it makes sense to
put these changes in -current in order to enable experimentation, but
I wanted to open the subject for discussion first.

Changes are also being made in Linux, although I don't know their state.

Note that there is a related proposal and change to allow use of the
lowest host on a network/subnet [4].  This change was essentially a bug
fix for FreeBSD, and is already in -current and 13.1-RELEASE.

		Mike

[1] https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-0/01/

[2] https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-240/

[3] https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-127/

[4] https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-lowest-a=
ddress/