IETF Logo Mail Archive

Re: [EXTERNAL] Re: Extending a /64

Gyan Mishra <hayabusagsm@gmail.com> Mon, 09 November 2020 00:29 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E6673A104B for <ipv6@ietfa.amsl.com>; Sun, 8 Nov 2020 16:29:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RUZ1Z5UmOvc5 for <ipv6@ietfa.amsl.com>; Sun, 8 Nov 2020 16:29:08 -0800 (PST)
Received: from mail-ua1-x936.google.com (mail-ua1-x936.google.com [IPv6:2607:f8b0:4864:20::936]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 300C03A1049 for <ipv6@ietf.org>; Sun, 8 Nov 2020 16:29:08 -0800 (PST)
Received: by mail-ua1-x936.google.com with SMTP id t15so2276040ual.6 for <ipv6@ietf.org>; Sun, 08 Nov 2020 16:29:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Kv4jJlrsml91ajZHteffxvDXP/grSN+VgDVfxbHkEFc=; b=GZY+PNvz7oyPx/kE3sXAHhn/DYk6adsmNBckQz15XAoUOEQ6x6YhUD6lkJ32/DidB0 8eK6b0v44Jte0IIYbVW13QVawVeuI4W2oFc0GnNwLhESJtSyjsjmZyi4C496OWEe+pOi 2Ygphm0TkpNf2j+jswQ4nDjomHETH5l2pTGOsLXGVu9lpLeHh7isfe8s4V05vpRyzvzR SwrSz1PmKrdruI47bUAXhLbW+kKa1UkTm6lU4K6JxEV6FsL9mDVub1RaN+/cn3f5pcvk ZPg9GsAhT3tZ4j40rKdn+8/iFj2h0N4RLd2u63H/K+PuFSq9Rl1mfXZfxeHuBZvHCvOO y8IQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Kv4jJlrsml91ajZHteffxvDXP/grSN+VgDVfxbHkEFc=; b=tZipjSQ6h2zuiSDPg1xVvInClJQhUtB6swJNb3OjKV+xXTRqULLeurCIzFkbKru8iG kBv9N8Cph/xEaFfeq/qnSg2xRko5UbhWcyv8dXf1yt8N/P0mDyb0tAB6/QahkxHXiVRV eswRF9Bhk2ZDcVzwsXjyLsbRD+oquW8iy640utp1hJVSWsqjNFfN9kZd2EdMTIhy6esE oIsP7M+jyWsaKbY6FIIpZY0c9ejT14torVABezP9lyH4OXMMK1SEucEWg9+B3l3AWxr3 dpDFXDBOXOUiaMZV5pwg5lfdMno/CoBcDPOEe+A0egOXlq4UCx0X5JLqDs7GoORMptYV wtDg==
X-Gm-Message-State: AOAM530wL5mXZUdd981MG2s9SjYPdhc6GjtwC5J9r0TogcevavwL9E9u nZW425H4QGpsFIIw3/ueJFkhFC2LmPV8yqwOuSE=
X-Google-Smtp-Source: ABdhPJzlr5iSpfPIj+lUVZooObDnx3rBEn69f1C6SFQFM+jJnpLU1TKMDpbozeuYFlrUg9Ai5Cq7JAiNdSMITDdjGYY=
X-Received: by 2002:ab0:2986:: with SMTP id u6mr5575643uap.118.1604881747082; Sun, 08 Nov 2020 16:29:07 -0800 (PST)
MIME-Version: 1.0
References: <005ECBB3-088B-4363-BB53-8D4AD25CA3D2@employees.org> <b468124f-f85b-7e20-a354-c6b7eaba3447@mccallumwhyman.com> <CAO42Z2wCN_obj-TpaUP23GRMUDwG6RyjsqhmY1ysAcSFigrLaw@mail.gmail.com> <a6d10c8f-b45e-a63b-e348-3b228007d889@mccallumwhyman.com> <b308d0105c3242488943bf233d2b900d@boeing.com> <CAO42Z2wiZct0dTaOEP586_06KM6pg0C2axq25KA3stmys1OgQA@mail.gmail.com> <8fe9b163b4f64815b603b758620515da@boeing.com>
In-Reply-To: <8fe9b163b4f64815b603b758620515da@boeing.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Sun, 08 Nov 2020 19:28:56 -0500
Message-ID: <CABNhwV2b5Xa7X0jUZRJ=TX8PFADCCEHqDkctvNSuqRxtArZgLA@mail.gmail.com>
Subject: Re: [EXTERNAL] Re: Extending a /64
To: "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>
Cc: 6man WG <ipv6@ietf.org>, Mark Smith <markzzzsmith@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000007100cf05b3a1a646"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/QUsWHHq4HhiKBQcej8ic_OeLcNU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2020 00:29:10 -0000

One of the major benefits of IPv6 is that IPv6 scarcity is non existent of
address space  exhaustion and thus the need for NAT eliminated.

There are still special use cases for security hide NAT to hide internal
space or dual homing.

As IPv4 is limited in registered space the use of RFC1918 and NAT is much
more widespread as compare to IPV6 use of ULA with NAT as the use cases are
far less due to v6 scarcity being non existent.

As we know all the pains of NAT from IPv4 and NAT ALG complexities
learnings and NAT for IPV6 should be an absolute last resort if no other
option is available.  Also DNS NAT complexity it’s best to stay clear of
NAT on CPE.

I would put changing slaac to prefer longer prefixes to be preferred well
over NAT66.

One other point to make is that even if ISPs race  to the bottom
hypothetically which would never happen as IPv6 space will never be
exhausted, but hypothetically we would only this unique situation which
would never happen do Port address translation PAT  /127 outbound interface
overload to extend IPv6 downstream devices.

So by thinking to do NAT now as an optimal best solution is no different
then the race to bottom FUD we are fearful of and are doing exactly that
scenario of NAT66 to extend IPv6 to downstream devices.

We might as well pretend we are at the race to the bottom now and have the
ISP not wait for actual race to bottom  and  give us only a /127 wan IP now
so can desperately use NAT as the optimal solution to extend IPV6 to our
downstream devices.

Gyan

On Sun, Nov 8, 2020 at 4:46 PM Manfredi (US), Albert E <
albert.e.manfredi@boeing.com> wrote:

> From: Mark Smith <markzzzsmith@gmail.com>
>
> > See RFC2993.
> >
> > See also the 3 part "The Trouble With NAT" articles, using network
> operation criteria.
> >
> > https://blog.apnic.net/author/mark-smith/
>
> With IPv6, network prefix translation only (NPT), at the platform's
> interfaces with the ISPs.
>
> "The fundamental constraint of NAT is that it prevents IP nodes attached
> to the same network from acting as peers of each other."
>
> How so? I'm saying, these NAT problems, mostly experienced with NAPTs,
> either won’t happen, or can be managed in a platform with well-managed
> internal architecture. Is it a problem if state has to be maintained in
> such NAT (NPT) devices? I'd rather have that, than rely on the fixed ISPs,
> no? Plus, I'm not even using the NAT to provide some sort of inherent
> security benefit. Just using it to solve every single problem mentioned in
> these related threads. End to end connectivity can be retained.
>
> Yes, the NPT boxes have to be managed reliably, but in these scenarios,
> that's preferable to expecting wither the end systems or the ISPs, to do
> everything predictably.
>
> Bert
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>
-- 

<http://www.verizon.com/>

*Gyan Mishra*

*Network Solutions A**rchitect *



*M 301 502-134713101 Columbia Pike *Silver Spring, MD

v2.23.0 | Report a Bug | By Email