Re: [nat66] RSIP and NAT66
Dave Thaler <dthaler@windows.microsoft.com> Fri, 03 April 2009 21:55 UTC
Return-Path: <dthaler@windows.microsoft.com>
X-Original-To: nat66@core3.amsl.com
Delivered-To: nat66@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A3F0F3A6810 for <nat66@core3.amsl.com>; Fri, 3 Apr 2009 14:55:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.494
X-Spam-Level:
X-Spam-Status: No, score=-110.494 tagged_above=-999 required=5 tests=[AWL=0.105, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K2axT6A06n-P for <nat66@core3.amsl.com>; Fri, 3 Apr 2009 14:55:33 -0700 (PDT)
Received: from smtp.microsoft.com (mailb.microsoft.com [131.107.115.215]) by core3.amsl.com (Postfix) with ESMTP id BE1143A6358 for <nat66@ietf.org>; Fri, 3 Apr 2009 14:55:33 -0700 (PDT)
Received: from tk5-exhub-c104.redmond.corp.microsoft.com (157.54.88.97) by TK5-EXGWY-E802.partners.extranet.microsoft.com (10.251.56.168) with Microsoft SMTP Server (TLS) id 8.2.99.4; Fri, 3 Apr 2009 14:56:36 -0700
Received: from tk5-exmlt-w602.wingroup.windeploy.ntdev.microsoft.com (157.54.18.33) by tk5-exhub-c104.redmond.corp.microsoft.com (157.54.88.97) with Microsoft SMTP Server id 8.2.99.4; Fri, 3 Apr 2009 14:56:36 -0700
Received: from NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com ([fe80::8de9:51a2:cd62:f122]) by tk5-exmlt-w602.wingroup.windeploy.ntdev.microsoft.com ([157.54.18.33]) with mapi; Fri, 3 Apr 2009 14:56:36 -0700
From: Dave Thaler <dthaler@windows.microsoft.com>
To: james woodyatt <jhw@apple.com>
Date: Fri, 03 Apr 2009 14:56:35 -0700
Thread-Topic: [nat66] RSIP and NAT66
Thread-Index: Acm0nSwkzJHEW9M1QpyWy2Vdh1iYRgAB03QA
Message-ID: <E9CACA3D8417CE409FE3669AAE1E5A4F11EAC79A3C@NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com>
References: <0B3B6B3E-E38E-41D5-B7BF-B4544F08BA1D@apple.com>
In-Reply-To: <0B3B6B3E-E38E-41D5-B7BF-B4544F08BA1D@apple.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: NAT66 HappyFunBall <nat66@ietf.org>
Subject: Re: [nat66] RSIP and NAT66
X-BeenThere: nat66@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "List for discussion of IPv6-to-IPv6 NAT." <nat66.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/nat66>, <mailto:nat66-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nat66>
List-Post: <mailto:nat66@ietf.org>
List-Help: <mailto:nat66-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nat66>, <mailto:nat66-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Apr 2009 21:55:34 -0000
> -----Original Message----- > From: nat66-bounces@ietf.org [mailto:nat66-bounces@ietf.org] On Behalf > Of james woodyatt > Sent: Friday, April 03, 2009 1:45 PM > To: NAT66 HappyFunBall > Subject: [nat66] RSIP and NAT66 > > everyone-- > > Would the authors of the NAT66 draft consider adding a requirement for > NAT66 gateways to comprise the combination of the translator function > with the IPv6-relevant functions of Realm-specific IP servers for > symmetric NAT, c.f. RFCs 3102 and 3103? (I don't see an immediate > need to worry about the functions defined in RFC 3104 as long as > address amplification can remain off the table as a goal for any IPv6/ > NAT standard.) > > I think requiring RSIP servers in the NAT66 gateway would address Dave > Thaler's argument about Source Address Finding (SAF) as presented in > draft-thaler-ipv6-saf, and I'm inviting the authors to respond with > comments. I'd be a lot less wiggy about NAT66 if it looked like RSIP > (or its moral equivalent) might finally see the light of day. Hi James, I've now had a chance to read about RSIP and also talk to Gabriel Montenegro, one of its authors, and can answer the question you asked me during the meeting (what's the difference between the SAF model and RSIP). RSIP is quite different from SAF, although it attempts to achieve end-to-end transparency as well. In the taxonomy of solution classes in draft-iab-ipv6-nat, RSIP is in the second class (tunneling), whereas NAT66 and hence SAF fall into the third class (translation). So the differences between RSIP and NAT66+SAF are: * RSIP uses tunneling, whereas NAT66+SAF use translation. Tunneling introduces MTU issues, and has greater incentive issues since you get nothing until you update both hosts and gateways, whereas with translation you get something when you only deploy a gateway (the slide I showed with some happy apps and some unhappy apps). * RSIP requires hosts to know the IP address of the gateway, whereas NAT66+SAF do not. As such, failover is better with NAT66+SAF since the gateway is stateless and routing can just reroute traffic to the working exit/entry point. * RSIP requires (and specifies) a signaling protocol between the host and the gateway. A SAF mechanism may or may not have such a protocol. Minimally, all that's required is that it get the inner/outer prefix if you're using NAT66 (or equivalent if you're using another IPv6 NAT mechanism). It could get these from some internal entity (like a DHCPv6 server), from the NAT itself via a signaling protocol, or from an external entity more like STUN/Teredo use. This flexibility is important to note since if someone deploys a NAT66 today and then wants to do a SAF mechanism, it means there are ways to do so that don't entail upgrading the NAT66 device. Gabriel also pointed me to http://tools.ietf.org/html/draft-montenegro-aatn-nar which was an RSIP precedessor that does allow translation (and hence may fall into the SAF category but I still need to read it). -Dave
- Re: [nat66] RSIP and NAT66 Wes Beebee (wbeebee)
- [nat66] RSIP and NAT66 james woodyatt
- Re: [nat66] RSIP and NAT66 Keith Moore
- Re: [nat66] RSIP and NAT66 Dave Thaler
- Re: [nat66] RSIP and NAT66 james woodyatt
- Re: [nat66] RSIP and NAT66 Dave Thaler
- Re: [nat66] RSIP and NAT66 Rémi Després
- Re: [nat66] RSIP and NAT66 james woodyatt
- Re: [nat66] RSIP and NAT66 Christian Huitema
- Re: [nat66] RSIP and NAT66 Brian E Carpenter
- Re: [nat66] RSIP and NAT66 Christian Huitema
- Re: [nat66] RSIP and NAT66 Scott Brim
- Re: [nat66] RSIP and NAT66 Scott Brim
- Re: [nat66] RSIP and NAT66 Rémi Després
- Re: [nat66] RSIP and NAT66 Christian Huitema
- Re: [nat66] RSIP and NAT66 james woodyatt
- Re: [nat66] RSIP and NAT66 Rémi Després
- Re: [nat66] RSIP and NAT66 Dan Wing
- Re: [nat66] RSIP and NAT66 Rémi Després
- Re: [nat66] RSIP and NAT66 Brian E Carpenter