IETF Logo Mail Archive

Re: NAT64 in RA, draft-ietf-6man-ra-pref64

David Farmer <farmer@umn.edu> Tue, 02 July 2019 12:09 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C969D12004A for <ipv6@ietfa.amsl.com>; Tue, 2 Jul 2019 05:09:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.298
X-Spam-Level:
X-Spam-Status: No, score=-4.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0siJlG7jcyTX for <ipv6@ietfa.amsl.com>; Tue, 2 Jul 2019 05:09:25 -0700 (PDT)
Received: from mta-p6.oit.umn.edu (mta-p6.oit.umn.edu [134.84.196.206]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDA4B12001A for <6man@ietf.org>; Tue, 2 Jul 2019 05:09:25 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mta-p6.oit.umn.edu (Postfix) with ESMTP id 2251579D for <6man@ietf.org>; Tue, 2 Jul 2019 12:09:25 +0000 (UTC)
X-Virus-Scanned: amavisd-new at umn.edu
Received: from mta-p6.oit.umn.edu ([127.0.0.1]) by localhost (mta-p6.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JJvV3f71MZcV for <6man@ietf.org>; Tue, 2 Jul 2019 07:09:25 -0500 (CDT)
Received: from mail-vk1-f199.google.com (mail-vk1-f199.google.com [209.85.221.199]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p6.oit.umn.edu (Postfix) with ESMTPS id E57C4C00 for <6man@ietf.org>; Tue, 2 Jul 2019 07:09:24 -0500 (CDT)
Received: by mail-vk1-f199.google.com with SMTP id v126so137624vkv.20 for <6man@ietf.org>; Tue, 02 Jul 2019 05:09:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Mx1gTjHTwzsyRm8j1JdQshJYsUuZQK1UMZbPAzat134=; b=bv+7qc3DHFhc/FEzjCZj3+3XuIir7kYSDZXK3K4u5jVXf3pvyF+brDfSGALE3H37Ui u5hJV3enEW5sKwFslMXVmEpOgFIO37Kzhz+rRyMD6gNpyQbMTL8MCsAZ/ghmcx1qcW+K kqf9iFIzuSXn/G4buabKV+pQFfMv8qqc0qCmiUXBYlbK7luSZ0Y0teN4ro3o+V0/2i/I x9LF34M9anJEcFzozGtUJSlziTFBrVHGdr1Li3ev7A+Tj6hztKYBwDCOqcCThZy7u9vU Cw/3z57Hs4pAT2vCX9UEicAUZlLqOmnDqGHz0BDUsKXrnQRw/eTpE3uIVfFNTqIFJtBs 97vQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Mx1gTjHTwzsyRm8j1JdQshJYsUuZQK1UMZbPAzat134=; b=eHZvxFuqg9gVlsEJD8Md7G83A7VHl97IHc32D+3YwUKF0ffA9V/Ty5waidP1dTtVCN DDUTMiLOYaX+NRRX3argPHChkPawzchjhmDEQp7+J5sF/s7tdfKTJvCWpwGUFjg4LZSp ddiicPMD0qfubLiX4Z+bsiORu6jP+IAPdtUa/BDhzDtfzxrkbaey1LrY4JIqdaqD6gkd /bMvnzsnexW5dpoSSLDeexMsO04v0r+4MiwOHSp4Olq1ZxmgqMgYWKopT1RI5noN9Py1 AjSTmu4ECtPzCPeQnMadhwn3IkDt1uP8FMDEPMYD5s1S59YRCK2yKR+hW+u98VR1xxSu 7/2Q==
X-Gm-Message-State: APjAAAVQAYuhSwXS3SQpzDeqZvp0emv+V85+jFLgqzYQh+wgtdw18rM+ iCAJAs39oKzlJthGEQ4VtSXTFv9QvNzhXWkngAyMNcoSWMgovpZcieeM9Vjm5Bvqa+zlW8NtJx/ D9T2TStBEoYouiwawRXXYaZDM
X-Received: by 2002:a67:8c02:: with SMTP id o2mr16829470vsd.167.1562069363192; Tue, 02 Jul 2019 05:09:23 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyX8aM9nTFD7x7GNm+28mIzpXtuW37azneMKtfgMQiJkqOS9e8qM3wlIHD2hrrovNpbYb10VfSkcLXcTiysvZo=
X-Received: by 2002:a67:8c02:: with SMTP id o2mr16829448vsd.167.1562069362674; Tue, 02 Jul 2019 05:09:22 -0700 (PDT)
MIME-Version: 1.0
References: <12187.1558972629@localhost> <D3C7EB41-02E8-48D6-9335-26A041FD64C2@isc.org> <00C00FE5-C7CD-4B99-A2C9-CCBFCB1E4850@isc.org> <CAFU7BASfJ4YS6xBzK8hNJRSMnFZmdn3VE5A=sPCC3JqRa8SQEQ@mail.gmail.com> <EC63A89D-26CD-4093-8814-4461B6D3D327@isc.org> <CAFU7BASsAwitEc==Zj6qT4izy-tFosg23DHXFVVzOixidEfMFA@mail.gmail.com> <CAKD1Yr3jDTS25ERGZYDDM9yRRTxEfY4Ltcd-QgFNor6ze2G7xA@mail.gmail.com> <6053.1561748461@localhost> <CAFU7BAR9kmnk3Q9aOpsqGFVRZkiRXb0FkZjMXWG2gN0-o1MjGw@mail.gmail.com> <0167874A-F2B4-434A-B674-792FE3AD0E2D@gmail.com> <CAFU7BAT2zw2+EnLW_MZnj2L9RBwH2DyStgRUbaY6bCZLuJwG9g@mail.gmail.com> <CAKD1Yr2mzeVzXFmzh3N21MCr-sg1xJ9D67TPqvEd9YffCrzdqA@mail.gmail.com>
In-Reply-To: <CAKD1Yr2mzeVzXFmzh3N21MCr-sg1xJ9D67TPqvEd9YffCrzdqA@mail.gmail.com>
From: David Farmer <farmer@umn.edu>
Date: Tue, 02 Jul 2019 07:09:08 -0500
Message-ID: <CAN-Dau3qMAH0KAfahjFgN2-mMttmwpM4wEt4vypAxZcvUXB=gQ@mail.gmail.com>
Subject: Re: NAT64 in RA, draft-ietf-6man-ra-pref64
To: Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org>
Cc: Jen Linkova <furry13@gmail.com>, 6man <6man@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007a2638058cb19d50"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/XISGAcB3eLk5J7B2_NiUsBt5x6I>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jul 2019 12:09:28 -0000

On Tue, Jul 2, 2019 at 5:53 AM Lorenzo Colitti <lorenzo=
40google.com@dmarc.ietf.org> wrote:

> On Tue, Jul 2, 2019 at 9:49 AM Jen Linkova <furry13@gmail.com> wrote:
>
>> > The question boils down to - imagine I had only IPv6 to work with.
>> Could we communicate? An IPv6-only host, or IPv6-only network, could
>> communicate with that restriction. Everything else is noise - and if I have
>> to deal with noise, it's not IPv6-only.
>>
>> I totally agree. it was my understanding of IPv6-only as well.
>> So - back to the original problem of excluding some addresses from
>> DNS64 synthesis/NAT64 translation - I've been told that an IPv6-only
>> host might want to exclude some addresses from synthesis and use IPv4
>> to reach them, so I'm trying to understand how *an IPv6-only* host
>> (which, IMHO, can only use IPv6) reach anything using IPv4.
>>
>
> Right. That was the gist of my earlier comment. I believe we all agree
> that in the most common deployment scenario (i.e., an IPv6-only host with
> no IPv4), an exclusion list is not useful, because the host really can't
> reach anything that's not reachable via IPv6.
>

I mostly agree, but there is a scenario I've been thinking about;

What if the network operator doesn't want RFC1918 and RFC 6598 IPv4
addresses synthesized at all? I suppose the NAT64 function could block
these addresses. However, for a large enough population that could be a lot
of useless traffic going to the NAT64 function. While on the other hand
some network operators, especially enterprise operators, will probably want
these addresses synthesized.

Now a complicated APL capability isn't probably needed to handle this, a
simple one-bit option flag or two would suffice, I believe.


> If so, then I really think that an exclusion list should be a separate
> option.
>

I agree that a generalized highly configurable exclusion list should be a
separate option, but I can see the need to exclude or not synthesis for
RFC1918 and RFC 6598 IPv4 addresses being part of this option.

Thanks

-- 
===============================================
David Farmer               Email:farmer@umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================

v2.23.0 | Report a Bug | By Email