IETF Logo Mail Archive

Re: (ngtrans) draft-durand-ngtrans-nat64-nat46-00.txt

Alain Durand <Alain.Durand@sun.com> Thu, 18 July 2002 01:31 UTC

Received: from nwkea-mail-2.sun.com (nwkea-mail-2.sun.com [192.18.42.14]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA05719 for <ngtrans-archive@odin.ietf.org>; Wed, 17 Jul 2002 21:31:30 -0400 (EDT)
Received: from engmail4.Eng.Sun.COM ([129.144.134.6]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id SAA26679; Wed, 17 Jul 2002 18:29:29 -0700 (PDT)
Received: from sunroof.eng.sun.com (sunroof.Eng.Sun.COM [129.146.168.88]) by engmail4.Eng.Sun.COM (8.9.3+Sun/8.9.3/ENSMAIL,v2.1p1) with ESMTP id SAA09112; Wed, 17 Jul 2002 18:29:14 -0700 (PDT)
Received: from sunroof.eng.sun.com (localhost [127.0.0.1]) by sunroof.eng.sun.com (8.12.4/8.12.4) with ESMTP id g6I1SPoN012594 for <ngtrans-dist@sunroof.eng.sun.com>; Wed, 17 Jul 2002 18:28:26 -0700 (PDT)
Received: (from majordomo@localhost) by sunroof.eng.sun.com (8.12.4/8.12.4/Submit) id g6I1SPGv012591 for ngtrans-dist; Wed, 17 Jul 2002 18:28:25 -0700 (PDT)
X-Authentication-Warning: sunroof.eng.sun.com: majordomo set sender to owner-ngtrans@sunroof.eng.sun.com using -f
Received: from engmail4.Eng.Sun.COM (engmail4 [129.144.134.6]) by sunroof.eng.sun.com (8.12.4/8.12.4) with ESMTP id g6I1SMoN012583 for <ngtrans@sunroof.eng.sun.com>; Wed, 17 Jul 2002 18:28:22 -0700 (PDT)
Received: from patan.sun.com (patan.Central.Sun.COM [129.147.5.43]) by engmail4.Eng.Sun.COM (8.9.3+Sun/8.9.3/ENSMAIL, v2.1p1) with ESMTP id SAA08902 for <ngtrans@sunroof.eng.sun.com>; Wed, 17 Jul 2002 18:28:23 -0700 (PDT)
Received: from esunmail ([129.147.58.122]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id TAA19361 for <ngtrans@sunroof.eng.sun.com>; Wed, 17 Jul 2002 19:28:23 -0600 (MDT)
Received: from xpa-fe2 ([129.147.58.121]) by edgemail1.Central.Sun.COM (iPlanet Messaging Server 5.2 HotFix 0.3 (built May 13 2002)) with ESMTP id <0GZF00A2T83AY6@edgemail1.Central.Sun.COM> for ngtrans@sunroof.eng.sun.com; Wed, 17 Jul 2002 19:28:23 -0600 (MDT)
Received: from limande.dyn.ietf54.wide.ad.jp ([133.93.76.228]) by mail.sun.net (iPlanet Messaging Server 5.2 HotFix 0.2 (built Apr 26 2002)) with ESMTPSA id <0GZF001O5836PX@mail.sun.net> for ngtrans@sunroof.eng.sun.com; Wed, 17 Jul 2002 19:28:22 -0600 (MDT)
Date: Thu, 18 Jul 2002 03:25:41 +0200
From: Alain Durand <Alain.Durand@sun.com>
Subject: Re: (ngtrans) draft-durand-ngtrans-nat64-nat46-00.txt
In-reply-to: <F66469FCE9C5D311B8FF0000F8FE9E070A924F94@mbtlipnt03.btlabs.bt.co.uk>
To: matthew.ford@bt.com
Cc: ngtrans@sunroof.eng.sun.com
Message-id: <463FFA84-99ED-11D6-8949-000393764158@sun.com>
MIME-version: 1.0
X-Mailer: Apple Mail (2.482)
Content-type: text/plain; charset="US-ASCII"; format="flowed"
Content-transfer-encoding: 7bit
Sender: owner-ngtrans@sunroof.eng.sun.com
Precedence: bulk
Reply-To: Alain Durand <Alain.Durand@sun.com>
Content-Transfer-Encoding: 7bit

On Wednesday, July 17, 2002, at 05:26 PM, matthew.ford@bt.com wrote:

> Alain,
>
> Some comments on your nat64-nat46 draft:
>
> NAT64
> -----
> Can we be confident that applications written by developers that don't 
> know
> about NAT64 will get some useful default behaviour? This is not a 
> rhetorical
> question - I genuinely would like to hear your thoughts about this.

For this to work, an IPv6-only OS implementation should have those 
properties:
1. the kernel should enable the node to send IPv4-mapped on the wire.
2. getnameinfo() and friends from the DNS stub-resolver library should 
return
     IPv4-mapped  addresses when the DNS resolution process has returned
     an A record.

> The scalability solution doesn't prevent the NAT64 devices being single
> points-of-failure.

True. However, NAT64 enable to deploy multiple NAT64 boxes,
but each one is a local single point of failure, the draft should 
clarify this.

> NAT46
> -----
> The changed model of interworking deployment responsibility from the
> providers of IPv6 services to the providers of IPv4 network 
> connectivity is
> interesting. I can't see too many IPv4 network operators deploying 
> NAT46 for
> their customers on the off-chance that there are some useful or 
> interesting
> IPv6 services that they might want to connect to.

The nice thing about NAT46 is that is can be implemented locally.
That is, it can deployed independently by an IPv4 ISP which wants
to offer the service to its customer. Say SIP becomes a reality
in 3G/IMS (IPv6-only) and a IPv4 ISP want
to enable SIP communications from its customer to3G/IMS,
deploying NAT46 becomes an interesting avenue.


> It is much more useful for
> the providers of IPv6 services to be able to make their services 
> accessible
> to the global IPv4 community via NAT-PT. As I stated in my earlier mail
> commenting on draft-durand-natpt-dns-alg-issues-00.txt, the problems 
> with
> NAT-PT as *implemented* are not as great as you imply. I agree the spec
> could use some work.

Again, the fact that an implementation could be made to work does not 
mean
there is no problem with the specification.


> General comments
> ----------------
> I agree with you that there is a need for a scalable solution to the
> translation interworking problem before serious deployment can happen.
> However, I don't believe that NAT-PT is irredeemably broken and I think 
> that
> several of the ideas presented in this draft could easily be applied to
> NAT-PT.

Some of NAT-PT issues can be solved, some can not. Examples:
DNSsec cannot be made to work with NAT-PT.
NAT-PT cannot help the operation of DNS between IPv4 & IPv6.

> There are already several quite mature implementations of NAT-PT and
> improvement of the spec rather than re-invention is therefore extremely
> desirable in my opinion. Let's fix the NAT-PT spec rather then generate 
> yet
> another mechanism.

There might be a simple upgrade path from NAT-PT to NAT64
that could ease your concerns:
Configure the NAT-PT box to use the prefix ::ffff:0:0/96

	- Alain.

v2.23.0 | Report a Bug | By Email