IETF Logo Mail Archive

Re: NAT64 in RA, draft-ietf-6man-ra-pref64

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Tue, 09 July 2019 20:27 UTC

Return-Path: <prvs=1093b5d1d9=jordi.palet@consulintel.es>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7742912007A; Tue, 9 Jul 2019 13:27:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2ajEUcyA-A8p; Tue, 9 Jul 2019 13:27:53 -0700 (PDT)
Received: from mail.consulintel.es (mail.consulintel.es [IPv6:2001:470:1f09:495::5]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1863212006D; Tue, 9 Jul 2019 13:27:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1562704070; x=1563308870; i=jordi.palet@consulintel.es; q=dns/txt; h=User-Agent:Date: Subject:From:To:CC:Message-ID:Thread-Topic:References: In-Reply-To:Mime-version:Content-type:Content-transfer-encoding; bh=5e+N8mYyMe5nMU9sC5Oh/Z4l40YSI3KTBwBEt8StkC0=; b=ICYVNAJZDjRHy dUM4kxKO6fVt2Z7H1Woo9EAfyVcFGAuj8YGmO59GMFLGs9aWmL60W3bt3+fcXH99 l5MBkVFzJK87coX1oTK5nuSVTOsTDqPRPbiY2M+Ka8xpzwDPWe/yrcteOkKPsDCF rL5rQTCShLSi2PRSb8+h2SQFPY03JY=
X-MDAV-Result: clean
X-MDAV-Processed: mail.consulintel.es, Tue, 09 Jul 2019 22:27:50 +0200
X-Spam-Processed: mail.consulintel.es, Tue, 09 Jul 2019 22:27:49 +0200
Received: from [10.10.10.139] by mail.consulintel.es (MDaemon PRO v16.5.2) with ESMTPA id md50006320720.msg; Tue, 09 Jul 2019 22:27:49 +0200
X-MDRemoteIP: 2001:470:1f09:495:5153:a097:6f4d:431c
X-MDHelo: [10.10.10.139]
X-MDArrival-Date: Tue, 09 Jul 2019 22:27:49 +0200
X-Authenticated-Sender: jordi.palet@consulintel.es
X-Return-Path: prvs=1093b5d1d9=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
User-Agent: Microsoft-MacOutlook/10.10.b.190609
Date: Tue, 09 Jul 2019 22:27:47 +0200
Subject: Re: NAT64 in RA, draft-ietf-6man-ra-pref64
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: "Mudric, Dusan (Dusan)" <dmudric@avaya.com>
CC: IPv6 Operations <v6ops@ietf.org>, 6man <6man@ietf.org>
Message-ID: <71018197-3A57-40F8-8AE2-8D987DEFEADC@consulintel.es>
Thread-Topic: NAT64 in RA, draft-ietf-6man-ra-pref64
References: <DM6PR15MB2506C03D1D88F2785B5016C1BBFB0@DM6PR15MB2506.namprd15.prod.outlook.com> <675D1F10-02FF-4AB4-88E3-5A0D95A34ABF@gmail.com> <DM6PR15MB250640D3141DCB2C64789B95BBFA0@DM6PR15MB2506.namprd15.prod.outlook.com> <CAFU7BAROif-44uFy1+oiutsQLiFOa09jM1Ve_8qaqpr1TPLGyQ@mail.gmail.com> <DM6PR15MB2506ABCBD8457003114E60EBBBF50@DM6PR15MB2506.namprd15.prod.outlook.com> <d4d2f637b80544708def95dd77af4d81@boeing.com> <DM6PR15MB2506F92308CA8DA8921BA0A5BBF60@DM6PR15MB2506.namprd15.prod.outlook.com> <CAFU7BAQSUsDWFu6QGP4K4g+XAQAO5G23F+Z7jC5f=wu-Cvj=Vw@mail.gmail.com> <DM6PR15MB2506825AA181439E4151DD74BBF10@DM6PR15MB2506.namprd15.prod.outlook.com>
In-Reply-To: <DM6PR15MB2506825AA181439E4151DD74BBF10@DM6PR15MB2506.namprd15.prod.outlook.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/jlFjt7r8kh309wD8BCmpxuRLvow>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 20:27:56 -0000

If you do "manual" EAM configurations at each side, it is fully solved, but is this useful in a generic case.

So what I'm trying to do with the optimization is that the EAM creation is "automated".

Regards,
Jordi
@jordipalet
 
 

El 9/7/19 22:13, "ipv6 en nombre de Mudric, Dusan (Dusan)" <ipv6-bounces@ietf.org en nombre de dmudric@avaya.com> escribió:

    Thanks Jen. 
    
    In your example " IPv4-only client needs to talk to the Ipv6-only server". If IPv4-only client needs to talk to the Ipv6-only client, the call flow will be the same? In the other direction, IPv6-only client calling IPv4-only client needs to use DNS64/NAT64, as in your previous example (attached). This means, for bi-directional communication NAT46/DNS46 and NAT64/DNS64 need to be used (may be my terminology is not quite correct). 
    
    However, Jordi said that the problem is not fully solved yet ("the *actual* implementation of 464XLAT/NAT64 doesn't allow IPv4-only hosts to connect to IPv6-only hosts.") and he is writing draft-palet-v6ops-464xlat-opt-cdn-caches. What is in the current technology that prevents bi-directional call flow between IPv4-ony and IPv6-only hosts?
    
    Dusan
    
    > -----Original Message-----
    > From: Jen Linkova <furry13@gmail.com>
    > Sent: Monday, July 8, 2019 9:34 PM
    > To: Mudric, Dusan (Dusan) <dmudric@avaya.com>
    > Cc: Manfredi (US), Albert E <albert.e.manfredi@boeing.com>; IPv6
    > Operations <v6ops@ietf.org>; 6man <6man@ietf.org>
    > Subject: Re: NAT64 in RA, draft-ietf-6man-ra-pref64
    > 
    > On Tue, Jul 9, 2019 at 1:50 AM Mudric, Dusan (Dusan) <dmudric@avaya.com>
    > wrote:
    > > [Dusan] What if IPv4only client needs to initiate the session to IPv6only
    > client? What is the solution for that use case?
    > 
    > https://urldefense.proofpoint.com/v2/url?u=https-
    > 3A__tools.ietf.org_html_rfc7755&d=DwIBaQ&c=BFpWQw8bsuKpl1SgiZH64Q
    > &r=UT3Bk9cbLeaJxhf3iCrhIoUWB8YLZU23029sMQGQ2kY&m=_cWRsdzof5dXI
    > 9yTQH51H_KHtcSRcMAtARArKVcdnWM&s=wDxWEwS-e-N-I0oAfcdi-
    > 5GucNiCQpR32t9Rw4RZyn0&e= mentioned before.
    > 
    > IPv4-only client -- IPv4-enabled network--- SIIT translator ---- IPv6-only LAN -
    > -- IPv6-only server.
    > 
    > Let's say  your IPv4-only client needs to talk to the Ipv6-only server, ipv6-
    > only.example.net.
    > For this to happen the owner of the Ipv6-only server needs to configure the
    > translator (SIIT box in the diagram above).
    > The owner would create a DNS A RR for  ipv6-only.example.net. - let's say,
    > 192.0.2.2 Ipv6-only server would have an IPv6 address which has that IPv4
    > address encoded - for example, 2001:db8:1::192.0.2.2 That IPv4 address (or
    > the prefix most likely) will be routed to the translator.
    > 
    > So your Ipv4-only client sends a DNS request to resolve ipv6-
    > only.example.net, gets 192.0.2.2 back, sends a packet to 192.0.2.2.
    > The packet reaches the translator. The translator translates IPv4 packet to
    > IPv6 packet and sends it to the server (note that the destination IPv6 address
    > can be easily constructed as the translator knows the prefix and just adds the
    > IPv4 address - 192.0.2.2 - to that prefix to get the destination IPv6 address.
    > IPv6 source address is synthesised in the same way from the client IPv4
    > address).
    > 
    > Here is a nice talk Tore Anderson gave at RIPE 7 years ago:
    > https://urldefense.proofpoint.com/v2/url?u=https-
    > 3A__ripe64.ripe.net_presentations_67-2D20120417-2DRIPE64-2DThe-
    > 5FCase-5Ffor-5FIPv6-5FOnly-5FData-
    > 5FCentres.pdf&d=DwIBaQ&c=BFpWQw8bsuKpl1SgiZH64Q&r=UT3Bk9cbLeaJ
    > xhf3iCrhIoUWB8YLZU23029sMQGQ2kY&m=_cWRsdzof5dXI9yTQH51H_KHtcS
    > RcMAtARArKVcdnWM&s=GsPTdPr_ZwWYK13LIrhTv9rYM6dYJfgbT8HtLwVRk
    > Zo&e=
    > 
    > 
    > 
    > > > For IPv4 to IPv6, if you must allow the IPv4 client to initiate the
    > > > session, you'd have to have preconfigure something.
    > > [Dusan] Where and how is this configuration done?
    > 
    > On the translator which connects IPv6-only network to dual-stack/IPv4-only
    > one.
    > In general, when you need to let one protocol talk to another, you'd have a
    > point (or the edge) where those two networks meet each other.
    > Usually you'd have a box (or boxes) interconnecting them - quite often it's
    > exactly the box you'd need to configure ;)
    > 
    > --
    > SY, Jen Linkova aka Furry
    --------------------------------------------------------------------
    IETF IPv6 working group mailing list
    ipv6@ietf.org
    Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
    --------------------------------------------------------------------
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

v2.23.0 | Report a Bug | By Email