IETF Logo Mail Archive

Re: NAT64 in RA, draft-ietf-6man-ra-pref64

David Farmer <farmer@umn.edu> Mon, 08 July 2019 16:58 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25777120322 for <ipv6@ietfa.amsl.com>; Mon, 8 Jul 2019 09:58:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.298
X-Spam-Level:
X-Spam-Status: No, score=-4.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b_HqlDdBIxWG for <ipv6@ietfa.amsl.com>; Mon, 8 Jul 2019 09:58:02 -0700 (PDT)
Received: from mta-p8.oit.umn.edu (mta-p8.oit.umn.edu [134.84.196.208]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56C6B1202F3 for <6man@ietf.org>; Mon, 8 Jul 2019 09:57:09 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mta-p8.oit.umn.edu (Postfix) with ESMTP id 9D0BD222 for <6man@ietf.org>; Mon, 8 Jul 2019 16:57:08 +0000 (UTC)
X-Virus-Scanned: amavisd-new at umn.edu
Received: from mta-p8.oit.umn.edu ([127.0.0.1]) by localhost (mta-p8.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gQMrlDqy5YTi for <6man@ietf.org>; Mon, 8 Jul 2019 11:57:08 -0500 (CDT)
Received: from mail-vk1-f200.google.com (mail-vk1-f200.google.com [209.85.221.200]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p8.oit.umn.edu (Postfix) with ESMTPS id 60E519CB for <6man@ietf.org>; Mon, 8 Jul 2019 11:57:08 -0500 (CDT)
Received: by mail-vk1-f200.google.com with SMTP id v135so6826586vke.4 for <6man@ietf.org>; Mon, 08 Jul 2019 09:57:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=uwmqLIPO8GaLyZlI+hv4GEkm1ySPGdbcHSBQ1t1VoRc=; b=BYfFV+Ef8MF2XVuawcfrSCyTjbGSEHaYMIsIZnC65pfHW1ip/EHGG51328Vulw6oV5 vJwgE6HLAOrQjoTwmuiXwIBqQhsWheos1fHewPDTHHyaAZpOMoDlmRPid6cSHFZcTRZ7 q648Xs8J5Q7/npV0cFgtCmoeZR2fgFtGiRyp6cEXn/V32fEROGfIMeoWT2GGm0xHdrsl c46e+rLJCM9PxxCj5zjqZvxISsjEd/VuZOg4x7CIUHIOUSs25LM4U5qpGl6z/L5qBYsS tZ27ZA/FsFeka3Ri4QQsmLRR39rl8NYlqWFuqTpO5H/Q3hsO1fvc3HtXW62KwXwDANKz 7XYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=uwmqLIPO8GaLyZlI+hv4GEkm1ySPGdbcHSBQ1t1VoRc=; b=N8edm8BMEY0tNAxbhcpyVz/IEGkW0ZM1MZh/ateiWm7cFIPvAewyWFwDrhvB22ZrXU lKm9ICFx8rEC4jfy+CHLLTGVUjw2pXZ+uT2IbKdvduEN9JAB/GyXnGqbuDOckoMEwq6T u+Z7eABD0xCtNwOVxCWDCZv683OuLnbM9Uobkr5QDK+GLWXiR4jfJxwxzNF/d8eJ5FYj LVmuMFC4s9ClUEEc3NgzWF77tw/iQMj8TW214RzuaSFkwcKSYNl4WWyes+atbCxfLwX7 OnIgNs1srVj7YMH/Ka76U5dVn7k5oUXGvdwG6vq1XzCIRD3uiaGlXdcf+NKQpFhp8ofW mLUA==
X-Gm-Message-State: APjAAAVMey771/hQAVuYXvHecbQsNsDkg3+XAJJSinvFgoigYNWX25G9 ZVv+G5ioLn7GwOh00fw0ZDxxbYHOHkS0VPJYc3qg79Sjv6XYe9Cj51C5kFR5KnOyM9UxfBtWnVI sG7fZtXGfLrKZjK6k3/rRVUxl
X-Received: by 2002:a1f:19ce:: with SMTP id 197mr5741279vkz.60.1562605027054; Mon, 08 Jul 2019 09:57:07 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxzHd2TXHOsavXe0oBaeG9u2VaNArgQbIUuqJEndLdQ+I7m/L3aBW2CPu26gsnzgJnhdXGtAWkHoBJZ46Kf1Sw=
X-Received: by 2002:a1f:19ce:: with SMTP id 197mr5741250vkz.60.1562605026537; Mon, 08 Jul 2019 09:57:06 -0700 (PDT)
MIME-Version: 1.0
References: <DM6PR15MB2506C03D1D88F2785B5016C1BBFB0@DM6PR15MB2506.namprd15.prod.outlook.com> <675D1F10-02FF-4AB4-88E3-5A0D95A34ABF@gmail.com> <DM6PR15MB250640D3141DCB2C64789B95BBFA0@DM6PR15MB2506.namprd15.prod.outlook.com> <CAFU7BAROif-44uFy1+oiutsQLiFOa09jM1Ve_8qaqpr1TPLGyQ@mail.gmail.com> <DM6PR15MB2506ABCBD8457003114E60EBBBF50@DM6PR15MB2506.namprd15.prod.outlook.com> <d4d2f637b80544708def95dd77af4d81@boeing.com> <DM6PR15MB2506F92308CA8DA8921BA0A5BBF60@DM6PR15MB2506.namprd15.prod.outlook.com>
In-Reply-To: <DM6PR15MB2506F92308CA8DA8921BA0A5BBF60@DM6PR15MB2506.namprd15.prod.outlook.com>
From: David Farmer <farmer@umn.edu>
Date: Mon, 08 Jul 2019 11:57:01 -0500
Message-ID: <CAN-Dau1UvGX+aqGn0ajZN7n1ky-Wvkbd5qb2Y==Em_=fRZeZjg@mail.gmail.com>
Subject: Re: NAT64 in RA, draft-ietf-6man-ra-pref64
To: "Mudric, Dusan (Dusan)" <dmudric@avaya.com>
Cc: "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>, IPv6 Operations <v6ops@ietf.org>, 6man <6man@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000880540058d2e55e7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/YDadN7eiu2H7H8tp0bvZFu4sHRI>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jul 2019 16:58:14 -0000

On Mon, Jul 8, 2019 at 10:49 AM Mudric, Dusan (Dusan) <dmudric@avaya.com>
wrote:

> > -----Original Message-----
> > From: Manfredi (US), Albert E <albert.e.manfredi@boeing.com>
> >
> > -----Original Message-----
> > From: ipv6 <ipv6-bounces@ietf.org> On Behalf Of Mudric, Dusan (Dusan)
> >
> > > - How can DNS64 tell IPv6 only client the IP of IPv4 only client, and
> vice
> > versa?
> >
> > IPv6 to IPv4 should be straightforward, because it's a one-to-one
> > relationship. The other way around would normally not work,
> [Dusan] There is no solution for IPv4only client to reach IPv6only client?
>

I mostly say, so what! It is an unfortunate reality of today's Internet,
because of NAT44 and/or stateful firewall default deny inbound policy, many
times clients can't speak to other clients, be they IPv4 only, IPv6 only,
or even dual stack. Sometimes firewall traversal technologies can work
around this, also depending on the firewall traversal solution used
sometimes IPv4 only and IPv6 only clients will be able to talk to each
other.  My guess is that IPv4 only to IPv6 only firewall traversal would be
less effective than NAT44 client to NAT44 client firewall traversal, but it
is should still be possible in some cases.


> > but everyone
> > has been accustomed to that with IPv4 NAPT already.
> [Dusan] How IPv4 only users (e.g. Avaya IPv4 only phones) can be
> accustomed not to be able to call IPv6only users (like Apple IPv6 only
> phones)?
>

They may not be able to talk peer to peer. However, through a dual-stack
SIP or other proxies/session border controller, they could probably
complete a call.


> >The client behind the
> > NAPT initiates.
> >
> > > Is DNS64 server returning IPv4ony client address to IPv6only client,
> using
> > the A RR?
> >
> > The DNS synthesizes the IPv6 address, which has the IPv4 address
> > embedded in it.
> >
> > > - How can IPv4only client get the address of IPv6only client (or, it is
> > impossible for IPv4only client to get IPv6 address of IPv6only client)?
> >
> > That's clearly more difficult, which is why the normal course of action
> is for
> > the IPv6 client to initiate the session.
> [Dusan] What if IPv4only client needs to initiate the session to IPv6only
> client? What is the solution for that use case?
>

Many firewall traversal solutions should work in this case, but IPv4 only
client to client isn't guaranteed to work in all cases either.


> >
> > > - Do these IPv4 and IPv6 client addresses need to be pre-configured on
> the
> > translator and/or DNS64?
> >
> > For IPv4 to IPv6, if you must allow the IPv4 client to initiate the
> session, you'd
> > have to have preconfigure something.
> [Dusan] Where and how is this configuration done?
>
> >
> > Bert
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>


-- 
===============================================
David Farmer               Email:farmer@umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================

v2.23.0 | Report a Bug | By Email