IETF Logo Mail Archive

Re: [homenet] referrals [ tunnels as way to disambiguate .local]

Brian E Carpenter <brian.e.carpenter@gmail.com> Sun, 12 August 2012 17:41 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1184D21F8617 for <homenet@ietfa.amsl.com>; Sun, 12 Aug 2012 10:41:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.499
X-Spam-Level:
X-Spam-Status: No, score=-101.499 tagged_above=-999 required=5 tests=[AWL=0.192, BAYES_00=-2.599, RCVD_ILLEGAL_IP=1.908, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kBXamKIwn9cv for <homenet@ietfa.amsl.com>; Sun, 12 Aug 2012 10:41:06 -0700 (PDT)
Received: from mail-wi0-f178.google.com (mail-wi0-f178.google.com [209.85.212.178]) by ietfa.amsl.com (Postfix) with ESMTP id B3BD321F8505 for <homenet@ietf.org>; Sun, 12 Aug 2012 10:41:05 -0700 (PDT)
Received: by wibhr14 with SMTP id hr14so2169777wib.13 for <homenet@ietf.org>; Sun, 12 Aug 2012 10:41:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=esj2+oiCuee6r1z5z+Ssp/eIzYgXft0eTQekwqWdz9Y=; b=j1fZMg7ib7UcatfLbMkPDi3DzWp6rahpcaIesC46ah7FstwT76II/wyPyfiEuCuTsx mn0BtJZHawHuiKMY37agtz6jZwnbYDwDW6JwpWssjK0Ud/SiTcdPKA97ZTUNerpSiSOj l1J66XSAg0Cb2CPh+6IDG1kBpNthodJE19mSr0dMfG5X5SOX7j1cnj+WZrbH7Uu0QQth RKFGCgs6Ck6G8cu45UqKRMvrQuMRBBw4Rlahg8ntgWMOrb508pUqWVg712mr97msbVM5 YBV06spbKtZjNzyy0hWAMgVKsC/mbyZlNTbquBYaxtb5o0INrM5/slbsouOsJkClAyZQ WUgQ==
Received: by 10.216.255.148 with SMTP id j20mr2998222wes.106.1344793264859; Sun, 12 Aug 2012 10:41:04 -0700 (PDT)
Received: from [192.168.1.65] (host-2-102-217-150.as13285.net. [2.102.217.150]) by mx.google.com with ESMTPS id el6sm11674778wib.8.2012.08.12.10.41.02 (version=SSLv3 cipher=OTHER); Sun, 12 Aug 2012 10:41:03 -0700 (PDT)
Message-ID: <5027EAAF.5070904@gmail.com>
Date: Sun, 12 Aug 2012 18:41:03 +0100
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: curtis@occnc.com
References: <201208121618.q7CGIcRL065741@gateway.ipv6.occnc.com>
In-Reply-To: <201208121618.q7CGIcRL065741@gateway.ipv6.occnc.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: Evan Hunt <each@isc.org>, Michael Richardson <mcr+ietf@sandelman.ca>, Kerry Lynn <kerlyn@ieee.org>, Michael Thomas <mike@mtcc.com>, "homenet@ietf.org Group" <homenet@ietf.org>
Subject: Re: [homenet] referrals [ tunnels as way to disambiguate .local]
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/homenet>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Aug 2012 17:41:07 -0000

Two quick comments, and then I suggest we drop this thread here.

On 12/08/2012 17:18, Curtis Villamizar wrote:
> In message <502367BD.3010005@gmail.com>
> Brian E Carpenter writes:
>  
>>> I get the impression that if NAT didn't exist, then
>>> draft-carpenter-referral-ps would server no purpose.  Is this draft
>>> entirely motivated by problems caused by NAT?
>>  
>> I don't think so. There are other causes of disjoint address space,
>> which existed even before we had NAT or specialised firewalls -
>> router ACLs for example. Certainly NAT is the major cause today (and
>> NPTv6 will propagate the problem into IPv6). v4-only and v6-only
>> islands will probably arise too.
>>  
>> Regards
>>    Brian
> 
> 
> Brian,
> 
> Without NAT there is no good reason to have an island.  If you create
> an island (in IPv6) where none was needed, you get what you deserve.

Nevertheless, people do and will create islands, even very big ones,
with global-scope prefixes. Of course, if their *goal* is unreachability,
the reference problem doesn't matter.

> NAT64 and DNS64 support v6-only islands.  The tide seems to be turning
> on v4-only islands.  For example, I can fetch and build FreeBSD and
> fetch all of the ports source for ports I use (>500 ports including
> libraries, etc) on an IPv6 only host.  I'm confident the same would be
> true of most Linux distributions.
> 
> Hosts are all dual stack.  They may end up roaming to a v4-only (or
> less likely today v6-only) part of the network.  In that case a tunnel
> to a DS network is needed and all is fine, performance suffering a
> bit.  For example, an enterprise could go v6-only and allow either v4
> or v6 tunneling (which is done today for VPN) from roaming employees
> who end up in a v4 only place.  The same enterprise could do NAT64 and
> DNS64 or could just set up a DS http/https proxy and mail relay at a
> DS border.
> 
> I still see no purpose for draft-carpenter-referral-ps if NAT is
> removed.

Which isn't, unfortunately, going to happen in our lifetimes.

   Brian

> Curtis
> 
> 
>> On 08/08/2012 19:39, Curtis Villamizar wrote:
>>> In message <5022557F.5050105@gmail.com>
>>> Brian E Carpenter writes:
>>>  
>>>> On 07/08/2012 20:11, Michael Thomas wrote:
>>>>> On 08/07/2012 11:46 AM, Kerry Lynn wrote:
>>>>>> On Mon, Aug 6, 2012 at 9:39 PM, Evan Hunt <each@isc.org> wrote:
>>>>>>> Tunnels are okay, but to use them, but has to get the DNS search order
>>>>>>> and the DNS server list right, and that's walled garden territory.
>>>>>>> *If* we are going to turn each home into a walled garden, then let's be
>>>>>>> aware that we are doing that.
>>>>>> I'm of the opinion that in a "walled garden" scenario, the tunnel
>>>>>> endpoint may
>>>>>> be the only resource that needs a global name / address.
>>>>> Just checking, but we all think that naming is a separate issue
>>>>> from reachability, right?
>>>>  
>>>> It certainly is. But see http://tools.ietf.org/html/draft-carpenter-referral-ps
>>>> especially section 4.2 "FQDNs are not sufficient".
>>>>  
>>>>    Brian
>>>
>>> Brian,
>>>
>>> MIF may be trying to solve the problem the wrong way.  Providing a
>>> mapping of DNS to loopback address has long been used (by routers) to
>>> provide a stable reachable address.  The routing cost to reach that
>>> loopback interface (which can change many times for an active
>>> connection) is used to determine which physical interface gets used to
>>> reach the loopback.  For example if one interface is connected to an
>>> ethernet which gets isolated due to a router failure, the other
>>> interface is used because routing tells us that one of them is
>>> unreachable.
>>>
>>> Multihoming of course pokes holes in the routing tables and causes
>>> some routing table bloat.  This has always been a problem and IPv6
>>> does nothing to improve the situation that existed in IPv4 two decades
>>> ago with a lot of small providers and large enterprises using dual
>>> provider multihoming.
>>>
>>> If we are concerned with hosts that have multiple interfaces both
>>> leading to parts of the homenet, that is easily solved.  Multihomed
>>> homenets is a whole different problem, but solvable if redundancy is
>>> to the same provider.  A conditional static route can be advertised
>>> within the provider, with these routes having limited scope (for
>>> example using BGP communities).  If this practice were to become
>>> commonplace (I doubt it, no consumer provider has that sort of
>>> redundancy in the last mile), then the provider would have to limit
>>> the scope of these more specific routes to a small subset of their own
>>> topology.
>>>
>>> I get the impression that if NAT didn't exist, then
>>> draft-carpenter-referral-ps would server no purpose.  Is this draft
>>> entirely motivated by problems caused by NAT?
>>>
>>> Curtis
>

v2.23.0 | Report a Bug | By Email