IETF Logo Mail Archive

Re: [BEHAVE] I-D Action: draft-ietf-behave-nat64-discovery-heuristic-05.txt

Cameron Byrne <cb.list6@gmail.com> Fri, 27 January 2012 04:56 UTC

Return-Path: <cb.list6@gmail.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1572E21F8631 for <behave@ietfa.amsl.com>; Thu, 26 Jan 2012 20:56:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.449
X-Spam-Level:
X-Spam-Status: No, score=-3.449 tagged_above=-999 required=5 tests=[AWL=0.150, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QUusk-wAmBAS for <behave@ietfa.amsl.com>; Thu, 26 Jan 2012 20:56:05 -0800 (PST)
Received: from mail-tul01m020-f172.google.com (mail-tul01m020-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id 567A221F862F for <behave@ietf.org>; Thu, 26 Jan 2012 20:56:05 -0800 (PST)
Received: by obbwc12 with SMTP id wc12so1567795obb.31 for <behave@ietf.org>; Thu, 26 Jan 2012 20:56:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=QR7/slxiE9u2kPkt885gVWT0yddQQA7wBjoUdhAS0aE=; b=EBc71YwpC9gCKPC7vYUrAInXTiB7w6knmqGFstARHxSpXGx9312aJiRjHfxI6ESbgV QfJfzuUBvVWzKJhCrs7M1BglrrG61hBntfxjjc2CT6shLqQ/1boHg0AkZ74HmTL3laBX R8H37x/cLS8CKtWa6gJF4Ow3/DQk6+sNnRTLc=
MIME-Version: 1.0
Received: by 10.182.74.102 with SMTP id s6mr4934539obv.46.1327640164979; Thu, 26 Jan 2012 20:56:04 -0800 (PST)
Received: by 10.182.171.10 with HTTP; Thu, 26 Jan 2012 20:56:04 -0800 (PST)
In-Reply-To: <916CE6CF87173740BC8A2CE443096962042B6DB0@008-AM1MPN1-053.mgdnok.nokia.com>
References: <916CE6CF87173740BC8A2CE443096962042B6DB0@008-AM1MPN1-053.mgdnok.nokia.com>
Date: Thu, 26 Jan 2012 20:56:04 -0800
Message-ID: <CAD6AjGTFKUWLiKWyvWHL8O_HTGuHtoisR0LWLpN1cttDERmuNQ@mail.gmail.com>
From: Cameron Byrne <cb.list6@gmail.com>
To: teemu.savolainen@nokia.com
Content-Type: text/plain; charset="ISO-8859-1"
Cc: behave@ietf.org
Subject: Re: [BEHAVE] I-D Action: draft-ietf-behave-nat64-discovery-heuristic-05.txt
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jan 2012 04:56:06 -0000

Teemu and team,

Thanks again for working on this.  It is very useful work.

To that end, it is cited in our 464XLAT work
http://tools.ietf.org/html/draft-mawatari-v6ops-464xlat-00 , and the
ideas have been included in 464XLAT Android code
http://code.google.com/p/android-clat/

I am glad the DNSsec work is evolving, it think this be a very
meaningful contribution.  My comments are as follows:


1.  "the information learned enables applications and
   hosts to perform local IPv6 address synthesis and on dual-stack
   accesses avoid traversal through NAT64."

Can we generalize this further?  You say applications and host, but i
am thinking home gateways as well. Perhaps say "enables software to
perform local IPv6 address synthesis..." ?  You also use the term
"node" in the draft, that may be a good fit.


2.  "Furthermore, the host SHOULD cache the replies it
   receives and honor TTLs."  Which TTL?  The TTL or ipv4only.arpa
that is used for discovery?  Are you saying the discover of the PREF64
is bounded by a TTL?

3.  The term NAT64 Prefix is used in this draft.  Would it be better
to use the term Pref64 that is used in RFC 6146 and 6147?  Is NAT64
FQDN in section 3.1.1 the same thing?

4.  Do you see any challenges for validating ULAs as the Pref64 with DNSsec?

5. "The host then does an
   A query of that hostname, which returns one or more A resource
   records, which are the IPv4-facing IP addresses of that NAT64."
What IPv4 address of the NAT64?  RFC 6146 refers to IPv4 transport
address, which i believe are commonly known as the "NAT pool"... do
you mean those addresses?  Since they are tied into the state table,
they are not going to respond to ICMP IPv4 packets.  Also, i dont
think any network operators wants you (or 30,000,000 cell phones)
pinging their NAT box.  There are much cheaper boxes to ping.  This
text needs to be pulled or completely reworked.  I suggest not
treating the topic of connectivity checks at all.

6.  3.1.1 #1 is not clear. Please elaborate on what that FQDN is supposed to be.

7.  Perhaps a state diagram for how DNSSEC validation works with
PREF64 would help.

CB

v2.23.0 | Report a Bug | By Email