IETF Logo Mail Archive

[BEHAVE] Application awareness of translator in draft-baker-behave-v4v6-translation-00

"Dan Wing" <dwing@cisco.com> Thu, 30 October 2008 17:10 UTC

Return-Path: <behave-bounces@ietf.org>
X-Original-To: behave-archive@optimus.ietf.org
Delivered-To: ietfarch-behave-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D87673A6906; Thu, 30 Oct 2008 10:10:16 -0700 (PDT)
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 738953A6819 for <behave@core3.amsl.com>; Thu, 30 Oct 2008 10:10:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.805
X-Spam-Level:
X-Spam-Status: No, score=-5.805 tagged_above=-999 required=5 tests=[AWL=-0.836, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_PROLOSTOCK_SYM3=1.63]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kc2HA4vsbjJi for <behave@core3.amsl.com>; Thu, 30 Oct 2008 10:10:12 -0700 (PDT)
Received: from sj-iport-1.cisco.com (sj-iport-1.cisco.com [171.71.176.70]) by core3.amsl.com (Postfix) with ESMTP id 158FE3A6906 for <behave@ietf.org>; Thu, 30 Oct 2008 10:10:12 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.33,516,1220227200"; d="scan'208";a="98168499"
Received: from sj-dkim-1.cisco.com ([171.71.179.21]) by sj-iport-1.cisco.com with ESMTP; 30 Oct 2008 17:10:11 +0000
Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id m9UHAB8v028100; Thu, 30 Oct 2008 10:10:11 -0700
Received: from dwingwxp01 ([10.32.240.195]) by sj-core-5.cisco.com (8.13.8/8.13.8) with ESMTP id m9UHAANa011719; Thu, 30 Oct 2008 17:10:11 GMT
From: Dan Wing <dwing@cisco.com>
To: 'Fred Baker' <fred@cisco.com>, 'Xing Li' <xing@cernet.edu.cn>, congxiao@cernet.edu.cn
Date: Thu, 30 Oct 2008 10:10:10 -0700
Message-ID: <033e01c93ab2$5df07840$c3f0200a@cisco.com>
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook 11
Thread-Index: Ack6sl252j/2qmrtS2iCmbJTZ5EaaQ==
x-mimeole: Produced By Microsoft MimeOLE V6.00.2900.3350
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=3918; t=1225386611; x=1226250611; c=relaxed/simple; s=sjdkim1004; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=dwing@cisco.com; z=From:=20=22Dan=20Wing=22=20<dwing@cisco.com> |Subject:=20Application=20awareness=20of=20translator=20in= 20draft-baker-behave-v4v6-translation-00 |Sender:=20; bh=LJoqmVdoT6I9O4D/+v4uPuME0SIl3p6sRE5at8kNg5o=; b=JxGrSvPJUoZp730ry8IZCFijBAJsRFcvh37ACTwQmJ9dc2ieIV+e9vGElP QbUOCB5BLAYN8BCEq7Q2vX4aZ6ulJBqDwyXwOGkIQ9wunTc6tAwmSBsBieAq rzfui2letqs6eos81hDCI3uh1/ON+jvJayz/UrxfY/gUJXYTIoIic=;
Authentication-Results: sj-dkim-1; header.From=dwing@cisco.com; dkim=pass ( sig from cisco.com/sjdkim1004 verified; );
Cc: behave@ietf.org
Subject: [BEHAVE] Application awareness of translator in draft-baker-behave-v4v6-translation-00
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: behave-bounces@ietf.org
Errors-To: behave-bounces@ietf.org

Fred, Xing, Congxiao,

(speaking as individual contributor)

I stumbled when I read Section 1.4 of
http://tools.ietf.org/html/draft-baker-behave-v4v6-translation-00.  Three
points:

* I believe much of the text in that section belongs in the Framework document
as it is not specific to a particular kind of translation.  The text is trying
to describe the problem (when translation occurs, an application will be
connecting to a host with a different address family and over that connection
the 'wrong' address family might be exchanged; this can lead to application
confusion) and also a solution (IN6_IS_ADDR_V4MAPPED).

* Some of the text describes stuff that just doesn't work.  For example,

   There are no extra changes needed to applications to operate through
   a translator beyond what applications already need to do to operate
   on a dual node.  The applications that have been modified to work on
   a dual node already have the mechanisms to determine whether they are
   communicating with an IPv4 or an IPv6 peer.  Thus if the applications
   need to modify their behavior depending on the type of the peer, such
   as ftp determining whether to fallback to using the PORT/PASV command
   when EPRT/EPSV fails (as specified in [RFC2428]), they already need
   to do that when running on dual nodes and the presence of translators
   does not add anything.  For example, when using the socket API
   [RFC3493] the applications know that the peer is IPv6 if they get an
   AF_INET6 address from the name service and the address is not an
   IPv4-mapped address (i.e., IN6_IS_ADDR_V4MAPPED returns false).  If
   this is not the case, i.e., the address is AF_INET or an IPv4-mapped
   IPv6 address, the peer is IPv4.

IN6_IS_ADDR_V4MAPPED only knows about IANA-registered prefixes for Teredo and
6to4.  I don't believe IN6_IS_ADDR_V4MAPPED is able, by itself, to determine
there is an embedded IPv4 address in the IPv6 address -- but correct me if I'm
wrong.  In order for IN6_IS_ADDR_V4MAPPED to indicate the address went through
a translator when the translator's IPv6 prefix is chosen by the ISP (rather
than IANA) the host needs to know the IPv6 prefix (and length) in order for
the IN6_IS_ADDR_V4MAPPED macro to function as expected.  This means (a) the
host's stack needs to implement something like
draft-wing-behave-learn-prefix-00.txt and tie that learned adddress into to
its IN6_IS_ADDR_V4MAPPED macro or (b) the application needs to implement
something like draft-wing-behave-learn-prefix-00.txt.  

* The text describing EPRT/EPSV needs considerable expansion.  At this point
there is consensus that a DNSSEC-aware resolver in the end host needs to know
about the translator.  But I don't believe there is consensus that other
applications -- such as FTP -- need to be knowledgable about the translator.
In the past, Brian Carpenter has raised an objection to the idea of putting
translator awareness into IPv6 applications
<http://www.ietf.org/mail-archive/web/behave/current/msg04129.html> so I
expect more discussion around this will be necessary.  If we decide to have
the application be aware of the translator, a generalized document titled
"Application Aspects of IPv6 Translation" seems appropriate and would be
similar to the existing RFC4038 ("Application Aspects of IPv6 Transition",
previously draft-ietf-v6ops-application-transition).

The alternative to translator awareness in the host's application is an ALG
somewhere in the network (probably as part of the translator).  In BEHAVE for
NAT44, due to the existing deployment of FTP ALGs we agreed that FTP ALGs were
tolerable.  

We need to decide where protocols should be 'fixed up' for translation.  This
decision might be on an application-by-application basis.  Starting with the
FTP seems appropriate, as everyone is reasonably familiar with it.

-d

_______________________________________________
Behave mailing list
Behave@ietf.org
https://www.ietf.org/mailman/listinfo/behave

v2.23.0 | Report a Bug | By Email