IETF Logo Mail Archive

Re: Let's look at it from an IETF oldie's perspective... Re: IPv4Outage Planned for IETF 71 Plenary

Iljitsch van Beijnum <iljitsch@muada.com> Fri, 21 December 2007 09:07 UTC

Return-path: <ietf-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1J5dqy-0004hf-7r; Fri, 21 Dec 2007 04:07:36 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1J5dqw-0004hZ-GD for ietf@ietf.org; Fri, 21 Dec 2007 04:07:34 -0500
Received: from sequoia.muada.com ([83.149.65.1]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1J5dqw-0003Ik-0E for ietf@ietf.org; Fri, 21 Dec 2007 04:07:34 -0500
Received: from [IPv6:2001:720:410:1001:21b:63ff:fe92:9fbb] ([IPv6:2001:720:410:1001:21b:63ff:fe92:9fbb]) (authenticated bits=0) by sequoia.muada.com (8.13.3/8.13.3) with ESMTP id lBL97P3Q079707 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Fri, 21 Dec 2007 10:07:26 +0100 (CET) (envelope-from iljitsch@muada.com)
Message-Id: <7D9D8A30-141B-4957-8DC1-5A1EFE9C5193@muada.com>
From: Iljitsch van Beijnum <iljitsch@muada.com>
To: Theodore Tso <tytso@mit.edu>
In-Reply-To: <20071220183853.GD27081@thunk.org>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v915)
Date: Fri, 21 Dec 2007 10:07:27 +0100
References: <200712191811.KAA27114@gra.isi.edu> <2788466ED3E31C418E9ACC5C31661557084FA6@mou1wnexmb09.vcorp.ad.vrsn.com> <20071220125902.GD18815@thunk.org> <26F76AB0-D1E0-4CE5-B2E6-86723E6B4D04@cisco.com> <20071220183853.GD27081@thunk.org>
X-Mailer: Apple Mail (2.915)
X-Spam-Status: No, score=-1.6 required=3.5 tests=BAYES_00, ILJQX_SUBJ_NUMINWORD autolearn=no version=3.0.2
X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on sequoia.muada.com
X-Spam-Score: 1.2 (+)
X-Scan-Signature: 9182cfff02fae4f1b6e9349e01d62f32
Cc: Bob Braden <braden@ISI.EDU>, Fred Baker <fred@cisco.com>, ietf@ietf.org
Subject: Re: Let's look at it from an IETF oldie's perspective... Re: IPv4Outage Planned for IETF 71 Plenary
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Errors-To: ietf-bounces@ietf.org

On 20 dec 2007, at 19:38, Theodore Tso wrote:

> Agreed, getting VPN's to work is going to be non-trivial.  On the
> other hand, many VPN's are designed to work even in the presence of
> IPv4 NAT's, since they are so ubiquitous these days; road warriors who
> are using a variety of hotel and airport network services run into
> them all the time.  So the question is whether some clever engineering
> might allow some or all of the VPN's to work correctly even without
> any cooperation or assistance of the corporate VPN server?

[...]

> And if the first IETF meeting where we try this, there is a NAT box
> which provides IPv4 services over an IPv6 encapsulation, that might
> not be a bad thing.

Note that it's almost certain that a VPN thingy that was made to work  
with IPv4 (and NAT) won't work through an IPv6-to-IPv4 NAT-PT: the  
latter assumes that applications will be using the IPv6 socket API  
even though at some point IPv4 packets are generated.

This is one of the issues with NAT-PT we can hopefully fix in the  
relatively short term so that even IPv4-only applications can work  
over an IPv6-only network. (See thursday v6ops meeting from two weeks  
ago.)

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email