IETF Logo Mail Archive

Re: NATLL6 [was Re: Forwarding Packets With Link Local Destination Addresses]

Alejandro Acosta <alejandroacostaalamo@gmail.com> Fri, 08 January 2021 20:48 UTC

Return-Path: <alejandroacostaalamo@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADC483A12B7 for <ipv6@ietfa.amsl.com>; Fri, 8 Jan 2021 12:48:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.361
X-Spam-Level:
X-Spam-Status: No, score=-2.361 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.262, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RWVl6rLEVwMn for <ipv6@ietfa.amsl.com>; Fri, 8 Jan 2021 12:48:30 -0800 (PST)
Received: from mail-qk1-x72c.google.com (mail-qk1-x72c.google.com [IPv6:2607:f8b0:4864:20::72c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B5BB3A12B6 for <ipv6@ietf.org>; Fri, 8 Jan 2021 12:48:30 -0800 (PST)
Received: by mail-qk1-x72c.google.com with SMTP id 22so9707521qkf.9 for <ipv6@ietf.org>; Fri, 08 Jan 2021 12:48:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=Cb5KDh+arJSMihJopR1+jRkbfDoOnCGkcbFnQuJUhUw=; b=sCe5TLHSm9OmugAuCM0K0MB9k0Hjn9H4ISMX5x5A/e9I85qpy9Jvm22dn3Do6T9ejd UrTdYhq4TdlHNRDMk6FIlhpFBr7TL1xm6hM7fPiwlSy9IfFO+nldSNVzqaRIfVcJYlJE urd7jCtGvm7oaDtRXtIwFSBGHYIZeCZX8b4ajIs1+GjJX269SD+6OZKXfOntguFp1Lvb YHDV/dJ3F4cl7PwvkF8O8jrlC/n/tiCdKnIYPu66UX/6VboGaHEvCvpzzH7v+kUFf7fw E5X2PnIo8mUoM/2U6ICXok3SRJfDMctrxtfellOv0k5TIR4gLnjnWrN2I8RgoHS/x30b kkaw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=Cb5KDh+arJSMihJopR1+jRkbfDoOnCGkcbFnQuJUhUw=; b=p39Qy64gmb1zuNFSjxOi8QujYsn5Qsd6Pc+PVl3Wvn2RyIDy08aFSq5yS5U6i5quSn vX8yZMavnmxsx9g/EnqRCNJCOYx8ib0M2FnlgVLxfmfp2F+j/SwRtqHrHoCaXpYRqM2e DuGE9bNYswKjYh/n7q9yRO7QD1yzuF0sX74zXTJ2PhJMLhtMvBHGQXfZBVt3AqFVmpML R/9V6ideUNp2Vs9HsQOWgca19B5uEbeT7/mPAx4kTJcMz5E3S3BUyqwoXPzifcUqG+82 jbk3+8y/WGHbHIM/wHmBuC0rHnaurvFS1+QmfD3s/LSvqVLh9vRVZFsf3k0IBoUhCspZ Ih2A==
X-Gm-Message-State: AOAM533rw4d1RPO0Hm+yJoLG+4MyR+0f0sYWaDhKKvHSjp6AwjKOebCE RktuLJidL8ex4N7j1BNec6jwUC8ZJ0ku/w==
X-Google-Smtp-Source: ABdhPJzOfze1Kp0194JcxXGthci1IMXlx0e9Z0ize8v9u7xD1fKjcTlg7r+ST4tWOqkrNxOBjyy+9A==
X-Received: by 2002:a05:620a:983:: with SMTP id x3mr5884130qkx.231.1610138908567; Fri, 08 Jan 2021 12:48:28 -0800 (PST)
Received: from Windows10AnyBody.local ([2001:470:5:516:18ef:e4cc:6cfe:fc75]) by smtp.gmail.com with ESMTPSA id m64sm5485358qkb.90.2021.01.08.12.48.22 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 08 Jan 2021 12:48:27 -0800 (PST)
Subject: Re: NATLL6 [was Re: Forwarding Packets With Link Local Destination Addresses]
To: Fernando Gont <fgont@si6networks.com>, Brian E Carpenter <brian.e.carpenter@gmail.com>, ipv6@ietf.org
References: <DM6PR05MB6348A18046C5DDC7CF2AED76AEAF0@DM6PR05MB6348.namprd05.prod.outlook.com> <561e3133-73c9-6ded-0311-838d5939dcd2@gmail.com> <605db208-e458-58ec-5872-932e0b9f9b38@gmail.com> <d850466d-d28b-c0b7-c797-b6c124949ec8@si6networks.com>
From: Alejandro Acosta <alejandroacostaalamo@gmail.com>
Message-ID: <9d7e0eea-1a52-3fac-f635-7df1ed95fdeb@gmail.com>
Date: Fri, 8 Jan 2021 16:48:13 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <d850466d-d28b-c0b7-c797-b6c124949ec8@si6networks.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/nEtuuEj-WJHAgHb-RWx1SgabYV4>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jan 2021 20:48:32 -0000

Hello Fernando, All,

   Here are few links if you want to check out:

https://github.com/LACNIC/natmeter

https://www.youtube.com/watch?v=XbMW0shzrPQ

https://www.youtube.com/watch?v=UTP_sOehrxU


Thanks,


Alejandro,



On 8/1/21 3:51 PM, Fernando Gont wrote:
> On 8/1/21 16:37, Brian E Carpenter wrote:
> [...]
>>>>
>>>> I interpret this statement to include packets that contain routing 
>>>> headers. For example, it forbids an SRv6 packet whose final segment 
>>>> has a locator that begins with FE80.
>>>>
>>>    In LACNIC we ran a project called Natmeter [1] for about 2 years, 
>>> we obtained a lot of interesting data during this period [2].
>>>
>>>    The case is the following, we detected some end-user devices with 
>>> only Link Local addresses (exactly, no GUA nor ULA) that were 
>>> successfully natted and using the web.
>>>
>>>    Is it ok?, do you consider it as a forwarding of a packet? was it 
>>> a crazy result? (we saw few samples of this)
>>
>> NAT66 is not defined and not recommended, so there really isn't an 
>> answer to your questions. I can't think of a reason why such a hack 
>> wouldn't work, though. As long as the LL address is translated, it 
>> will not escape from the LAN.
>
> I would expect that something else (other than IPv6 NAT) is going on. 
> IN that sense, it would be interesting to know more details about the 
> methodology they employ to measure the use of NATs.
>
> Thanks!
>
> Regards,

v2.2.0 | Report a Bug | By Email