IETF Logo Mail Archive

Re: IPv6 only host NAT64 requirements?

james woodyatt <jhw@google.com> Fri, 17 November 2017 18:20 UTC

Return-Path: <jhw@google.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2148126D85 for <ipv6@ietfa.amsl.com>; Fri, 17 Nov 2017 10:20:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M9d5EVA5pEPt for <ipv6@ietfa.amsl.com>; Fri, 17 Nov 2017 10:20:15 -0800 (PST)
Received: from mail-pf0-x22e.google.com (mail-pf0-x22e.google.com [IPv6:2607:f8b0:400e:c00::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 928421200FC for <ipv6@ietf.org>; Fri, 17 Nov 2017 10:20:15 -0800 (PST)
Received: by mail-pf0-x22e.google.com with SMTP id u70so2496333pfa.7 for <ipv6@ietf.org>; Fri, 17 Nov 2017 10:20:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=ezaowC1fS4mpvmosVprXTN1aUCgvtliOxLV2YIM8LK0=; b=Z+tKIoHZlXZbV+V27uPZdZ7YihTqXrMFvLIl6ewTsKJj3v214vXGxCYs5/HwCS+3EA NApha/QJUTQjBkhMoaoYgc2ZkTUeg3OcSeXTghqUBw+G7/pA5yPMbyXDEYuKjCVzu5H1 ywe1hEEJPutGriXtMGpIOr/ABuU55swwJegu8HtjQ3Qst7ExU3xKGLSQllufp4T+k1r1 npanhohfX/JC8IEewqvBgbNFURSrll6+SE8h1CrD9rBvg2Y7XlIPPHQXlFYgafD7bix4 /z7ht1qGMeHfjDHlPELogeLgGTRPAx22bHAvw2BCAokHkI+T+zctPh6suMp5PBe4aFNN SdGw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=ezaowC1fS4mpvmosVprXTN1aUCgvtliOxLV2YIM8LK0=; b=nLWE4aF4iDSVjf2cMMT7aLX7ydJLNI0x5TT0y58HBLMewHs/2yFfG1PAHLqsqk4zuL ce96OBwLYYlZOaQmZ36GQM8tOQloe6/dQDC4UF3yzihPr3LUTZPx/QjmaEM2Lrm5ANN0 6VMmYxlrf02HUG0pLLv4AQKXGhRQnmeFaGACfNtvJsfnB7VKg18d99fKF6xPJNN5dAHr UwqEU2JY+SdV1gUGi3pJfEmQhVmirPr3KXQVAHHSU/601P+i4N0JBJ9GUBo8s3Newi9A cb1Ps9PKrR5DubpVpXJ+aUafhfzqSYO1gNUTSbewvf+QQSsjBGmhVa34sVMCP4CAK2DM lXkg==
X-Gm-Message-State: AJaThX5FwjLCktbaTa/dgT26NH7mWYEf03fc8vOnMgsA0qGVCbeIyaKS wTDzxyZauzw4ySrSdJoFi58kzTgb7rKtOg==
X-Google-Smtp-Source: AGs4zMatAF4zEA/OAiAla84yMHXszTV015LTPrcOt2VgEy0N706serDGONZ+Qp98Qa5QQh9IJ+846w==
X-Received: by 10.99.119.15 with SMTP id s15mr5824925pgc.90.1510942814958; Fri, 17 Nov 2017 10:20:14 -0800 (PST)
Received: from ?IPv6:2620::10e7:10:89ee:1fe0:c6da:36ef? ([2620:0:10e7:10:89ee:1fe0:c6da:36ef]) by smtp.gmail.com with ESMTPSA id y83sm8755232pfd.66.2017.11.17.10.20.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 17 Nov 2017 10:20:14 -0800 (PST)
From: james woodyatt <jhw@google.com>
Message-Id: <3A7C224D-6756-4072-A9E0-004F3BCB6045@google.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_A0EBF898-D0F3-499B-84A6-A12A9E252473"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Subject: Re: IPv6 only host NAT64 requirements?
Date: Fri, 17 Nov 2017 10:20:13 -0800
In-Reply-To: <787AE7BB302AE849A7480A190F8B93300A07C3DA@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
Cc: Michael Richardson <mcr@sandelman.ca>, 6man WG <ipv6@ietf.org>
To: mohamed.boucadair@orange.com
References: <m1eEGbJ-0000EhC@stereo.hq.phicoh.net> <D43E103C-27B8-48CF-B801-ACCF9B42533E@employees.org> <m1eEHPS-0000FyC@stereo.hq.phicoh.net> <59B0BEC0-D791-4D75-906C-84C5E423291B@employees.org> <m1eEIGX-0000FjC@stereo.hq.phicoh.net> <73231F8D-498E-4C77-8DA8-044365368FC9@isc.org> <CAKD1Yr1aFwF_qZVp5HbRbKzcOGqn==MRe_ewaA8Qc8t3+CVu_Q@mail.gmail.com> <44A862B7-7182-4B3A-B46E-73065FC4D852@isc.org> <D42D8D7A-6D19-4862-9BB3-4913058A83B6@employees.org> <CAFU7BARCLq9eznccEtkdnKPAtKNT7Mf1bW0uZByPvxtiSrv6EQ@mail.gmail.com> <183A8772-6FEF-43BD-97F9-DD4A2E21DB90@google.com> <5D9D33A8-88F0-4758-84FA-BCB364E8013F@employees.org> <16B61573-E233-40ED-8A22-CD145EBB8F98@google.com> <20377.1510865334@obiwan.sandelman.ca> <787AE7BB302AE849A7480A190F8B93300A07C3DA@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/R-9e6XjIIPen72iXbHp9qYT1QTw>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Nov 2017 18:20:18 -0000

On Nov 16, 2017, at 22:52, mohamed.boucadair@orange.com wrote:
> 
> Hi Michael, 
> 
> For the particular case of NAT64, this requirement from RFC6888 applies: 
> 
>   REQ-9:  A CGN MUST implement a protocol giving subscribers explicit
>      control over NAT mappings.  That protocol SHOULD be the Port
>      Control Protocol [RFC6887].
> 
> I'm not aware of any requirement for the LAN. […]

It’s a recommendation in RFC 6092. There is a whole section about it.

  <https://tools.ietf.org/html/rfc6092#section-3.4 <https://tools.ietf.org/html/rfc6092#section-3.4>>

It doesn’t mention PCP explicitly because RFC 6092 predates the creation of the PCP working group. It recognized that A) there was no standard to protocol to recommend, and B) it was necessary to recommend the deployment of something non-standard until there is a standard available. Hence, the strangeness of section 3.4 and the text of the included recommendation.

                                          Until a consensus emerges
 around a specific method, the following recommendations are the best
 guidance available.

   REC-48: Internet gateways with IPv6 simple security capabilities
   SHOULD implement a protocol to permit applications to solicit inbound
   traffic without advance knowledge of the addresses of exterior nodes
   with which they expect to communicate.

It would probably be a good idea to revise RFC 6092 to explicitly recommend PCP here.


--james woodyatt <jhw@google.com <mailto:jhw@google.com>>

v2.23.0 | Report a Bug | By Email