IETF Logo Mail Archive

Re: [BEHAVE] RFC6147 and RFC7208 interoperability issues

Keith Moore <moore@network-heretics.com> Mon, 07 February 2022 01:53 UTC

Return-Path: <moore@network-heretics.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DF4C3A113F for <behave@ietfa.amsl.com>; Sun, 6 Feb 2022 17:53:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.61
X-Spam-Level:
X-Spam-Status: No, score=-2.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.714, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rZBmkq2Uv0to for <behave@ietfa.amsl.com>; Sun, 6 Feb 2022 17:52:57 -0800 (PST)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA1123A1158 for <behave@ietf.org>; Sun, 6 Feb 2022 17:52:54 -0800 (PST)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 209355C0145 for <behave@ietf.org>; Sun, 6 Feb 2022 20:52:54 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Sun, 06 Feb 2022 20:52:54 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=CSbG5JoSjymwB+eh4AM9aEWxGqrk24xDWbP3tNKzMGg=; b=Zs/+hEJH HAuCJB7wF2BnshwYKFP1+GFSrCDsX54tIYgmhaNk/U7R4Ju3kHoMn+SZPaf4KQAg t41lYfIHgqvR117HwTVVEelixLu4iF153URV53dXmNu/YyvbfjjXAubAWfGNdOGS dw+sMcT8E5ItMmACeVhgZz8ASlHgNkyojYIFr8x3DtoMfbsmTfh67EwAoXOaVrlF U29xs6roQUDpxr8Kr/uwZCKWXxp3CfQIOE6To5iVfKvoXiHnjUzbjX8K8DcO1OLs TMnnqPMMNieK9M3+CjX8/HyoFfnBb0IQopsXHw49NcBVkZ3Mbq1oL9HPFItRsfn8 SNCkdnHCUExVcw==
X-ME-Sender: <xms:dXsAYro0qNl64-xAdjrGmHlHGXIP1htCi1QhGI4v4tW0Rx1x-tAjAQ> <xme:dXsAYlqra_v3suHLZ-xb66KLeFNtR_zz43_RWSPOBDs4n-jd-vBNPHHGbo1gPBtoL RRYXiSgDpbfgg>
X-ME-Received: <xmr:dXsAYoMpI8OfSHVIrshgw9lGJEMi_rx_TxGgnZPbk_SckJsaAvKzuf_megfuU076RnLDKmVzxmVSQjCpPyBxzSn8HBv1KfvpcFcb>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddrheeggdefiecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepkfffgggfuffvfhfhjggtgfesthekre dttdefjeenucfhrhhomhepmfgvihhthhcuofhoohhrvgcuoehmohhorhgvsehnvghtfiho rhhkqdhhvghrvghtihgtshdrtghomheqnecuggftrfgrthhtvghrnhepfedtvdelieejve ekjefhueduheeviefhjeefvdfgudfhfffhudduudefgefgteevnecuvehluhhsthgvrhfu ihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhhoohhrvgesnhgvthifohhrkh dqhhgvrhgvthhitghsrdgtohhm
X-ME-Proxy: <xmx:dXsAYu7K69B-fqh3y7UUKcaEpq7SLHbiqWpqX7pnQb9fLRiYUlcciA> <xmx:dXsAYq7_YoCau1DeuoEOrXAuzsBSOM1SxkhexkRQt1zl5AAvZ8SplQ> <xmx:dXsAYmjNK7UTJh0FsyfkQjR4xZJd6qEd3PdymkwCFsPQDl5oaEaKuQ> <xmx:dnsAYsG8oDjAD1s8cRsh8cKMDFs9tjOPpTUccoRD85e67f_rjEZcxA>
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <behave@ietf.org>; Sun, 6 Feb 2022 20:52:53 -0500 (EST)
Message-ID: <6123a322-e9a7-7f90-391f-9b4c4461ce45@network-heretics.com>
Date: Sun, 06 Feb 2022 20:52:52 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0
Content-Language: en-US
To: behave@ietf.org
References: <45e423cc-4095-cca2-bf8c-aa15e977b19c@posteo.de> <ff858dee-a21a-a50d-72a5-da7915ac2de4@network-heretics.com> <71b5cdb0-78af-0f77-debc-84e178fe5e3a@posteo.de> <7a008cc2-e8a3-f91d-c782-96866c36a9db@network-heretics.com> <ee760818-a3c4-3755-6bdf-afcec6fcaaad@posteo.de> <B7DFC369-E7B7-4171-9C85-F75986B5AEF6@gmail.com>
From: Keith Moore <moore@network-heretics.com>
In-Reply-To: <B7DFC369-E7B7-4171-9C85-F75986B5AEF6@gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/behave/O5PWS1t4Gkh1XMcgwo2zHY6AUUg>
Subject: Re: [BEHAVE] RFC6147 and RFC7208 interoperability issues
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/behave/>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Feb 2022 01:53:04 -0000

On 2/6/22 19:58, Dan Wing wrote:

> A problem with rewriting SPF records within DNS64 is that other IPv4 addresses may well appear in TXT records, throwing a loop to applications which won't know if the DNS64 has done rewriting or if the application needs to do rewriting.  A long-standing problem with NAT "support" for applications since the days of FTP PASV.

+1

In general the problem with NATs is that they try to hide what they're 
doing from applications.   But they are never completely successful at 
that, and they cannot be.    And it's often difficult for the 
application to work-around the damage caused by the NAT.  In hindsight, 
it would have been far better for NATs to always be explicitly visible 
to applications; then at least the applications and NATs wouldn't be 
trying to second-guess one another.

But that's water under the bridge.   At this point the best thing that 
can be done is to transition to IPv6 only (except for some legacy 
hardware on local networks), and eradicate NATs as soon as possible.

Keith

v2.23.0 | Report a Bug | By Email