Re: Is NAT66 a help in migration to IPv6?
"Eric Vyncke (evyncke)" <evyncke@cisco.com> Tue, 01 December 2020 12:48 UTC
Return-Path: <evyncke@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3AF93A1185 for <ipv6@ietfa.amsl.com>; Tue, 1 Dec 2020 04:48:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.62
X-Spam-Level:
X-Spam-Status: No, score=-9.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=SpN8x/CB; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=mbATP5sC
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k40PdkMevNqq for <ipv6@ietfa.amsl.com>; Tue, 1 Dec 2020 04:48:24 -0800 (PST)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F03D43A10A9 for <ipv6@ietf.org>; Tue, 1 Dec 2020 04:48:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3064; q=dns/txt; s=iport; t=1606826904; x=1608036504; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=xbYq+LljbXI5J76LptJjjD/xOfaLumb1eHSAsRD1W4s=; b=SpN8x/CBsvxTjvnI8J9sx6fU+5zxIYFlBJ9NhO1tC9KF/IPPZNTuow1f VLeaZ7HvjLjZLBXPMNklgAlm3hHtsM0Gtt0ZPTyeK2lONdX+1JbuBhzFx J9IRFl9MsB+0TxAFretXPMKTNsj5Kc6mBHo6A0AmOftQUuR6cGsBtTa4y c=;
X-IPAS-Result: A0BiAAC4OsZffYwNJK1iHQEBAQEJARIBBQUBQIE7CAELAYFRUYFWLy6EPINJA4RZiQKKFo5wgS6BJQNUCwEBAQ0BAS0CBAEBhEoCF4F8AiU0CQ4CAwEBAQMCAwEBAQEFAQEBAgEGBBQBAYY8DIVyAQEBAQIBEhEEDQwBASUSAQsEAgEIEQMBAgMCJgICAh8RFQgIAQEEAQ0FGweDBIJWAw4gAaFEAoE8iGl2fzODBAEBBYJMgkUNC4IQCYEOKgGCcoN2hlcbgUE/gREnHIInLj6CG4IjgxczgiyQMINNpB5XCoJwlhWFFwMfohyTao17knYCBAIEBQIOAQEFgVY4gVlwFWUBgj5QFwINjiEMF4NOilh0AjUCBgEJAQEDCXyOaQEB
IronPort-PHdr: 9a23:fuOo1xzz7Wzvuz/XCy+N+z0EezQntrPoPwUc9psgjfdUf7+++4j5ZRaFt/holFvOTIjW8LRDkeWF+6zjWGlV55GHvThCdZFXTBYKhI0QmBBoG8+KD0D3bZuIJyw3FchPThlpqne8N0UGFcPmY1rDr3CpqzkIFUa3OQ98PO+gHInUgoy+3Pyz/JuGZQJOiXK9bLp+IQ/wox/Ws5wdgJBpLeA6zR6arw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.78,384,1599523200"; d="scan'208";a="605034809"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 01 Dec 2020 12:48:23 +0000
Received: from XCH-RCD-001.cisco.com (xch-rcd-001.cisco.com [173.37.102.11]) by alln-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id 0B1CmMCe018509 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 1 Dec 2020 12:48:22 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-RCD-001.cisco.com (173.37.102.11) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 1 Dec 2020 06:48:22 -0600
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 1 Dec 2020 06:48:22 -0600
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Tue, 1 Dec 2020 07:48:22 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bhDyCNKUzmLffi4BqjJ4kpo8cohoeo1cMO48wky5LZf+IBfrAP25cOqynUkVblt3g0BoI3e/gxKGOMpgQt19RJxbtmV4b9gh4/qDq1TslfNdE147zPjwtIwRtuC86vPlcbps6AKJuBAqtCnLod1kn139z8pHPTxG+uUgvVo20/GjgBH1wlBcKybQ586XSPNZPR7XHpfD8as8/HK2u6CexGjK8onbB7XnzkU7MAni+Q2nqfB3FMAb/G5gqIncOoudMkivI9eLe85pNyavaakLsNuYX4AaGuBec88R78PhEIbNS3vGE2RxGeskVV6kvSgrY/wnbbQyEMqm5Sxtn+LP0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xbYq+LljbXI5J76LptJjjD/xOfaLumb1eHSAsRD1W4s=; b=Kdssub9zRqIrgvqiMFBYfYKzOaMykmVVSOnQBQGC9/IerAl2UXKHeTvlZN8Lu5VCQO8AjEXblFcmKMzX/glUSqJZKDrXvkI0xSY0xJmnvatSKZHhMvDsGRnliZqfbO4CkybviRn8E7iocasLOJpEhYnx4D8dzizxkjI10og8QBq8eUwC+8XIYyGNsIIQAAmD3EJgS+u+fvYgtyJ2yTjMLxye39xGia3sXL9vSnuZC+a4zTtlVFSDfFoGF4JiWI5QNsfX4ZDJlal3gCIZjV5n7ib4LdA6DltpuunlJDoCwD8rdDBnMuf26D1FXtaL+P0VWaOBQZiwIBSqHW21qs9F6A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xbYq+LljbXI5J76LptJjjD/xOfaLumb1eHSAsRD1W4s=; b=mbATP5sCQE+RwgtPsgM3id2o0g4ntkYlXXZx3S5antDXT+H9drVgsTxIqpwfwdtn6sLIvAnWj9w6RO5Jcwl+6un1zKqRzUnobRjty50QRPGc9cfvUM+5C975iH6fPdNw6kqtBREz/wxgoeQymTVhl5NKP1QqCkQQozdF3LDGDGA=
Received: from PH0PR11MB4966.namprd11.prod.outlook.com (2603:10b6:510:42::21) by PH0PR11MB5128.namprd11.prod.outlook.com (2603:10b6:510:39::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3611.25; Tue, 1 Dec 2020 12:48:21 +0000
Received: from PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::453b:b2f5:ec29:410d]) by PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::453b:b2f5:ec29:410d%7]) with mapi id 15.20.3611.025; Tue, 1 Dec 2020 12:48:21 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: "otroan@employees.org" <otroan@employees.org>, Brian E Carpenter <brian.e.carpenter@gmail.com>
CC: 6man WG <ipv6@ietf.org>
Subject: Re: Is NAT66 a help in migration to IPv6?
Thread-Topic: Is NAT66 a help in migration to IPv6?
Thread-Index: AdbG/FnHwsKbAOh9QKKbKxoijh3awAAVebgAAAb7iwAAHpyFAA==
Date: Tue, 01 Dec 2020 12:48:21 +0000
Message-ID: <D99424CC-401B-4DB1-9B5B-463F4BBCA304@cisco.com>
References: <8a37e3ea48b0451bb9a84ce4658bc8bb@huawei.com> <5bc4ca5e-03e4-fce1-4d80-b8e10e4a3b75@gmail.com> <AC6854A4-1569-4DC1-AA74-312B993976BC@employees.org>
In-Reply-To: <AC6854A4-1569-4DC1-AA74-312B993976BC@employees.org>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.43.20110804
authentication-results: employees.org; dkim=none (message not signed) header.d=none;employees.org; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2001:420:c0c1:36:c5a2:8fb:e443:c1ef]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 256568db-7278-4d39-abcb-08d895f76274
x-ms-traffictypediagnostic: PH0PR11MB5128:
x-microsoft-antispam-prvs: <PH0PR11MB5128C3144BBC69E8DDCA617CA9F40@PH0PR11MB5128.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 4YqE0w7I3XRYORrZccEvD6Bv54eEtGFL0NB3d7wksBK/sP1M0WUyeHNGhdoAEcstSU9sqC97sQPq3pdSlX+c9VZ/MAUsYtQybsT7Y0X5zr8p0LiEcakmRajM9l7xbM17LtntPQnY+fKw6aajITyWqgZ1lTXQZ/V9jIwy+7q0AzaUe4aUCBWIeb5Ok0ArD8llEpEUh6WiBcNE4VnaK5kMRPT1mNj/V/3B6oxPIXLA+ZTziAd2CLkJ++nF9ZnrE4I5SBwj/zkE1A4HCKA0dEBGn3RpkQq4VYRx0SffFnVlCDvxvBWHd2SMhnTySF6SfJEQOvQqPJ4mNu6evzotDlg0TA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB4966.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(376002)(366004)(136003)(39860400002)(396003)(110136005)(76116006)(5660300002)(316002)(6512007)(4326008)(86362001)(83380400001)(186003)(6486002)(6506007)(8936002)(91956017)(8676002)(2616005)(53546011)(33656002)(66946007)(71200400001)(66476007)(64756008)(66556008)(2906002)(66446008)(36756003)(478600001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: RqsQxE7d/eFULtV29pNuNf87Wbhm2NIaRD3tt8Yy/Nf79saHa96+B5c6iweDLtiY48szaTF6abO9RJMjQpNp+O6UsSua69IaMKf52Wn0EASeqpLi0ErImk/t8Uf7/wvI6YSmxBBLm5y5HJo+vG2TxJML1uucIXP5+PKRFN+S+FhnJm0L3l7HE82qJUiqeOJYwn7FzYsm8dRF85x5kqZ0MdmedsTppblmmH8bQFazGAp0VNeDdaHHD3nV6UXurUCiufK+a+R5wcScm21jzZruKmiEwrCezVmuWsbbq4jXXF9LvujIPSRv2SH8koLIlVCyFGvpAIYdbfTpFN0HthIBGWOJ2NROEYPZofyqB+AhRCm/LtWl5AZStheWdwxu24nfOBwvUtodaUhdBki/OZcgHKOLmpDyxDJUcRjav/SrtIqEww/dxRd3k0D0FD7JZvj7pJa/NtpRIkSUcdoh4AJaiAdCRGuxetzg/Nhtz+umDmKIObdrDv2xPrzk+/BkC1cwtr8IswbbtAiaSC5PEmA598WItB9egOF40sluq0m4draAzMqUyAJPJ3+Uw0eq/c56P2hH6Xs7lZN/Ddul2jdPgJgkyKKGSwzA2Ug0OC1WHiwsXhZytL87oq4as4yqMgc/j4FANhUll214A88KTf+0OZA9V7FpKnFWvPUfRujj1FexQOxZD9SRwuSjNyQcoxGkvUKiBj9Lese1RPBgpxTA3WZdKuVVfXERHEF2ianPY35Y1FoPi48Bv5fhMKuwp8Ir0pmWZvuDpQL0z+sUapjTdA8/f/5ypwoaK/hN9VClXoqMy+7uBnmuu6GQR+DeAwT1Czx4eUV5k0ptLk3ezsOBsxEx0vQzkwUpoF/8sFxBI7QVo4PfnmbwWoqBG/eBc2o6+cUrIQrE+ILRRP45fBVThBEqxsZCf4VwHT0UCE8JcJ0R+OscCus9zhdrKvwtGu24h2ToH1SG0aVQJ/c3pINrcm+a6oJvlpatPKvVbh46akITj3gfgdZzqRKkZSoWu10xryER85JG6z+PjOGimtJo5uZjx29P9cWMyMx2V7mi65G5Dl0HcHBHsotPwUm9d1Mi
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <EE3545F569E3FC46A25A60FA767F41EF@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4966.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 256568db-7278-4d39-abcb-08d895f76274
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Dec 2020 12:48:21.2715 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: kzBwjf4QFNv1rM9tw9y1/u2EAk6sFSRso+aQjfM2XERYOnBL2HIZgkkNqTZ6TY3520hESyfbIGWW7oFAkEbNMA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5128
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.11, xch-rcd-001.cisco.com
X-Outbound-Node: alln-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/zUktvJFbpskKoFuVRvKlXOpKXbk>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2020 12:48:26 -0000
Ole, You nailed it... I was (and still am) fan of RFC 8028 and SADR (draft-ietf-rtgwg-dst-src-routing) but there is a lot of inertia in "enterprise" networks where the catch22 game is still there: little mid-size networks deployed hence manufacturers do not implement :-( Little IPv4 addressing shortage pressure for those mid-size network BTW, enterprises already have 2 IPv4 addresses per host and it is a pain: the RFC 1918 one and the shared public one... ;-) -éric -----Original Message----- From: ipv6 <ipv6-bounces@ietf.org> on behalf of "otroan@employees.org" <otroan@employees.org> Date: Tuesday, 1 December 2020 at 00:12 To: Brian E Carpenter <brian.e.carpenter@gmail.com> Cc: 6man WG <ipv6@ietf.org> Subject: Re: Is NAT66 a help in migration to IPv6? > Answering the question in the subject field: No [RFC2993] [RFC4864] [RFC6296]. > >> IMHO: no NAT66 -> no progress for IPv6 in Enterprises. Because redundant connectivity to Carriers is needed very often. > > It is, and that's why the failure of SHIM6 is very sad. But the real failure is the reluctance of enterprise operators to do what comes naturally in IPv6: if you have two providers, run two prefixes everywhere [RFC8028]. That's why there is still, sadly enough, a case for [RFC6296]. Sadly, because [RFC2993] explains why NAT or NPT is a problem, and [RFC4864] explains how to avoid them (and needs [RFC8028], which came very late, sorry). The failure of SHIM6 or ILNP or even 8+8 is indeed sad. MPMH hasn't exactly taken off. I ran it for a while but gave up. 8028 isn't enough, SADR is a big change. Enterprises don't want to depend on host behaviour for exit selection. Ref, the slaac-renum discussion I'd imagine Enterprises also wants a level of isolation from ISP/global addressing. Keeping track of 4++ addresses per-host isn't a favourite with Enterprise network operators either. And we can't exactly say that host implementations and applications have caught up with MPMH either. PI or LISP MH are available solutions. Multi-homing with NAT66 wouldn't work nearly as well (and you could argue stick with v4 then, which I guess is what they do). Ole
- Is NAT66 a help in migration to IPv6? Vasilenko Eduard
- Re: Is NAT66 a help in migration to IPv6? Lorenzo Colitti
- RE: Is NAT66 a help in migration to IPv6? Vasilenko Eduard
- Re: Is NAT66 a help in migration to IPv6? Fernando Gont
- Re: Is NAT66 a help in migration to IPv6? Fernando Gont
- Re: Is NAT66 a help in migration to IPv6? Brian E Carpenter
- Re: Is NAT66 a help in migration to IPv6? Tom Herbert
- Re: Is NAT66 a help in migration to IPv6? Simon Hobson
- Re: Is NAT66 a help in migration to IPv6? otroan
- Re: Is NAT66 a help in migration to IPv6? Fernando Gont
- RE: Is NAT66 a help in migration to IPv6? Vasilenko Eduard
- Re: Is NAT66 a help in migration to IPv6? Eric Vyncke (evyncke)
- RE: Is NAT66 a help in migration to IPv6? Ackermann, Michael
- Re: Is NAT66 a help in migration to IPv6? Eric Vyncke (evyncke)
- Re: Is NAT66 a help in migration to IPv6? Mark Smith
- Re: Is NAT66 a help in migration to IPv6? Brian E Carpenter
- Re: Is NAT66 a help in migration to IPv6? Jen Linkova
- Re: Is NAT66 a help in migration to IPv6? Philip Homburg
- Re: Is NAT66 a help in migration to IPv6? Alexandre Petrescu