IETF Logo Mail Archive

Re: [nat66] RSIP and NAT66

Dave Thaler <dthaler@windows.microsoft.com> Fri, 03 April 2009 21:55 UTC

Return-Path: <dthaler@windows.microsoft.com>
X-Original-To: nat66@core3.amsl.com
Delivered-To: nat66@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A3F0F3A6810 for <nat66@core3.amsl.com>; Fri, 3 Apr 2009 14:55:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.494
X-Spam-Level:
X-Spam-Status: No, score=-110.494 tagged_above=-999 required=5 tests=[AWL=0.105, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K2axT6A06n-P for <nat66@core3.amsl.com>; Fri, 3 Apr 2009 14:55:33 -0700 (PDT)
Received: from smtp.microsoft.com (mailb.microsoft.com [131.107.115.215]) by core3.amsl.com (Postfix) with ESMTP id BE1143A6358 for <nat66@ietf.org>; Fri, 3 Apr 2009 14:55:33 -0700 (PDT)
Received: from tk5-exhub-c104.redmond.corp.microsoft.com (157.54.88.97) by TK5-EXGWY-E802.partners.extranet.microsoft.com (10.251.56.168) with Microsoft SMTP Server (TLS) id 8.2.99.4; Fri, 3 Apr 2009 14:56:36 -0700
Received: from tk5-exmlt-w602.wingroup.windeploy.ntdev.microsoft.com (157.54.18.33) by tk5-exhub-c104.redmond.corp.microsoft.com (157.54.88.97) with Microsoft SMTP Server id 8.2.99.4; Fri, 3 Apr 2009 14:56:36 -0700
Received: from NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com ([fe80::8de9:51a2:cd62:f122]) by tk5-exmlt-w602.wingroup.windeploy.ntdev.microsoft.com ([157.54.18.33]) with mapi; Fri, 3 Apr 2009 14:56:36 -0700
From: Dave Thaler <dthaler@windows.microsoft.com>
To: james woodyatt <jhw@apple.com>
Date: Fri, 03 Apr 2009 14:56:35 -0700
Thread-Topic: [nat66] RSIP and NAT66
Thread-Index: Acm0nSwkzJHEW9M1QpyWy2Vdh1iYRgAB03QA
Message-ID: <E9CACA3D8417CE409FE3669AAE1E5A4F11EAC79A3C@NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com>
References: <0B3B6B3E-E38E-41D5-B7BF-B4544F08BA1D@apple.com>
In-Reply-To: <0B3B6B3E-E38E-41D5-B7BF-B4544F08BA1D@apple.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: NAT66 HappyFunBall <nat66@ietf.org>
Subject: Re: [nat66] RSIP and NAT66
X-BeenThere: nat66@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "List for discussion of IPv6-to-IPv6 NAT." <nat66.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/nat66>, <mailto:nat66-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nat66>
List-Post: <mailto:nat66@ietf.org>
List-Help: <mailto:nat66-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nat66>, <mailto:nat66-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Apr 2009 21:55:34 -0000

> -----Original Message-----
> From: nat66-bounces@ietf.org [mailto:nat66-bounces@ietf.org] On Behalf
> Of james woodyatt
> Sent: Friday, April 03, 2009 1:45 PM
> To: NAT66 HappyFunBall
> Subject: [nat66] RSIP and NAT66
>
> everyone--
>
> Would the authors of the NAT66 draft consider adding a requirement for
> NAT66 gateways to comprise the combination of the translator function
> with the IPv6-relevant functions of Realm-specific IP servers for
> symmetric NAT, c.f. RFCs 3102 and 3103?  (I don't see an immediate
> need to worry about the functions defined in RFC 3104 as long as
> address amplification can remain off the table as a goal for any IPv6/
> NAT standard.)
>
> I think requiring RSIP servers in the NAT66 gateway would address Dave
> Thaler's argument about Source Address Finding (SAF) as presented in
> draft-thaler-ipv6-saf, and I'm inviting the authors to respond with
> comments.  I'd be a lot less wiggy about NAT66 if it looked like RSIP
> (or its moral equivalent) might finally see the light of day.

Hi James,

I've now had a chance to read about RSIP and also talk to Gabriel
Montenegro, one of its authors, and can answer the question you asked
me during the meeting (what's the difference between the SAF model
and RSIP).

RSIP is quite different from SAF, although it attempts to achieve
end-to-end transparency as well.  In the taxonomy of solution classes
in draft-iab-ipv6-nat, RSIP is in the second class (tunneling), whereas
NAT66 and hence SAF fall into the third class (translation).

So the differences between RSIP and NAT66+SAF are:

* RSIP uses tunneling, whereas NAT66+SAF use translation.  Tunneling
  introduces MTU issues, and has greater incentive issues since you
  get nothing until you update both hosts and gateways, whereas
  with translation you get something when you only deploy a gateway
  (the slide I showed with some happy apps and some unhappy apps).

* RSIP requires hosts to know the IP address of the gateway,
  whereas NAT66+SAF do not.  As such, failover is better with NAT66+SAF
  since the gateway is stateless and routing can just reroute traffic
  to the working exit/entry point.

* RSIP requires (and specifies) a signaling protocol between the
  host and the gateway.  A SAF mechanism may or may not have such
  a protocol.  Minimally, all that's required is that it get the
  inner/outer prefix if you're using NAT66 (or equivalent if you're
  using another IPv6 NAT mechanism).  It could get these from
  some internal entity (like a DHCPv6 server), from the NAT itself
  via a signaling protocol, or from an external entity more like
  STUN/Teredo use.  This flexibility is important to note since
  if someone deploys a NAT66 today and then wants to do a SAF
  mechanism, it means there are ways to do so that don't entail
  upgrading the NAT66 device.

Gabriel also pointed me to http://tools.ietf.org/html/draft-montenegro-aatn-nar
which was an RSIP precedessor that does allow translation (and hence
may fall into the SAF category but I still need to read it).

-Dave

v2.23.0 | Report a Bug | By Email