Re: [shim6] I-D Action:draft-ietf-shim6-applicability-04.txt
Alberto García <alberto@it.uc3m.es> Fri, 15 January 2010 11:30 UTC
Return-Path: <alberto@it.uc3m.es>
X-Original-To: shim6@core3.amsl.com
Delivered-To: shim6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6F9333A6982 for <shim6@core3.amsl.com>; Fri, 15 Jan 2010 03:30:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.299
X-Spam-Level:
X-Spam-Status: No, score=-6.299 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kLrLQo2h9s3T for <shim6@core3.amsl.com>; Fri, 15 Jan 2010 03:30:01 -0800 (PST)
Received: from smtp03.uc3m.es (smtp03.uc3m.es [163.117.176.133]) by core3.amsl.com (Postfix) with ESMTP id 076953A6972 for <shim6@ietf.org>; Fri, 15 Jan 2010 03:30:01 -0800 (PST)
X-uc3m-safe: yes
Received: from bombo (bombo.it.uc3m.es [163.117.139.125]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by smtp03.uc3m.es (Postfix) with ESMTP id 36119730E7F; Fri, 15 Jan 2010 12:29:56 +0100 (CET)
From: Alberto García <alberto@it.uc3m.es>
To: 'Brian E Carpenter' <brian.e.carpenter@gmail.com>
References: <20091201093002.26AA028C0EA@core3.amsl.com> <4B4A29F3.4030503@gmail.com> <2418DFCECE904E0F883C234657DA3701@bombo> <4B4E62F7.50509@gmail.com>
Date: Fri, 15 Jan 2010 12:29:54 +0100
Message-ID: <36919920BBFB4C48A65191B57CC81531@bombo>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-15"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 11
Thread-Index: AcqUryXty265VMZMStuiKN7K4lM78ABHXhyQ
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
In-Reply-To: <4B4E62F7.50509@gmail.com>
X-TM-AS-Product-Ver: IMSS-7.0.0.3116-6.0.0.1038-17132.006
Cc: shim6@ietf.org
Subject: Re: [shim6] I-D Action:draft-ietf-shim6-applicability-04.txt
X-BeenThere: shim6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SHIM6 Working Group Mailing List <shim6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/shim6>, <mailto:shim6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/shim6>
List-Post: <mailto:shim6@ietf.org>
List-Help: <mailto:shim6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shim6>, <mailto:shim6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jan 2010 11:30:02 -0000
Hi Brian Just to clarify how to deal with the NAT64 issue you mentioned in the applicability draft. Do you think this issue would be addressed by substituting the last sentence of "3.1. Protocol Version (IPv4 vs. IPv6)": "Besides, in order to be useful, Shim6 IPv4 support would require NAT traversal mechanisms which are not defined yet and that would imply additional complexity (as any other NAT traversal mechanism)." by "Besides, Shim6 may have additional problems if locators become translated on the wire. Address translation is more likely to involve IPv4 addresses, resulting either from IPv4-to-IPv4 address translation (for example, private IPv4 address into public IPv4 address, and vice versa), or from IPv4-to-IPv6 address translation (for example, as defined by NAT64, [draft-ietf-behave-v6v4-xlate-stateful-07]). When address translation occurs, a locator exchanged by Shim6 for a host could not be used to reach it, either because the translated version of this locator is not known or because it does not exist the translation state in the translator device. Support for this situation would require NAT traversal mechanisms which are not defined yet and that would imply additional complexity (as any other NAT traversal mechanism)." Do you think this is correct? Regards, Alberto | -----Mensaje original----- | De: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com] | Enviado el: jueves, 14 de enero de 2010 1:19 | Para: Alberto García | CC: shim6@ietf.org | Asunto: Re: [shim6] I-D Action:draft-ietf-shim6-applicability-04.txt | | Hi Alberto, | | On 2010-01-12 05:50, Alberto García wrote: | > Hi | > | > Thanks for the comments, | > | > | -----Mensaje original----- | > | De: shim6-bounces@ietf.org [mailto:shim6-bounces@ietf.org] En nombre de | > | Brian E Carpenter | > | Enviado el: domingo, 10 de enero de 2010 20:27 | > | Para: shim6@ietf.org | > | Asunto: Re: [shim6] I-D Action:draft-ietf-shim6-applicability-04.txt | > | | > | Hi, | > | | > | I finally got around to this draft. Substantive points first, then | > | a couple of nits at the end. | > | | > | > 3.1. Protocol Version (IPv4 vs. IPv6) | > | | > | Maybe this section should mention interaction with NAT64 synthetic | > | IPv6 addresses. | > | > My understanding of this scenario is as follows: | > In Shim6, the scenario could be | > | > A1 B1 | > A ---------------- IPv6 ----------- B | > | | B2 | > | --------- A2 | | > -IPv6--| NAT64 |------IPv4----- | > --------- | > | > Consider stateful operation (draft-ietf-behave-v6v4-xlate-stateful-07). A | > and B establish a communication using IPv6 addresses A1 and B1 (i.e. using | > their IPv6 addresses, the only way in which some kind of security can be | > provided without protocol changes). B has an additional address B2, which is | > IPv4. This address is included as a locator in the shim6 exchange. The | > problem of using this locator B as a locator for Shim6 is that A knows how | > to build the 'IPv4 Embedded IPv6 addresses' for B, | | Actually not, in case that the DNS64 magic is done in a separate server, | because then host A does not know the NAT64 PREFIX. But in the case that | the host does know the PREFIX, this would be theoretically possible. | | > but B does not know which | > is the IPv4 address A2 corresponding to A. A2 may even not exist if that | > path has not been used; and if A2 existed in the NAT, its state can be | > removed by the NAT if no packets are exchanged through the path for | sometime | > (as Shim6 would do if A1 and B1 are used initially for data exchange). | > Additionally, A does not know A2, so it is unable to tell to B using Shim6. | > Consequently, it seems that if A is using NAT64 to communicate with IPv4, | > IPv4 locators will not be available for Shim6 communication. | | Correct | | > Host A can know | | I'm not sure that is true. If it is a pure IPv6-only host with no DNS64 | included, it will not know. | | > that is in a NAT64ed domain, and should not use B2 as locator. B does not | > know about the problem, but if it tries to use the path <A1, B2>, this path | > will fail, and REAP will recover by switching to a valid path, if it exists. | | Correct. | | > | > For stateless operation, A could be configured to inform B (in the Shim6 | > locator exchange, between A1 and B1) about its (static) IPv4 address A2. A | > is also able to convert the B2 (IPv4) address received in the Shim6 locator | > exchange into its corresponding 'IPv4 Embedded IPv6 addresses'. Therefore, | > it seems that in this case the path <A1,B2> can be used for communication. | | I guess so. I'm not sure it is realistic, but it seems possible. | | > | > Do you think this is reasonable? Am I missing something? | >
- [shim6] [Fwd: I-D Action:draft-ietf-shim6-applica… marcelo bagnulo braun
- Re: [shim6] I-D Action:draft-ietf-shim6-applicabi… Brian E Carpenter
- Re: [shim6] I-D Action:draft-ietf-shim6-applicabi… Alberto García
- Re: [shim6] I-D Action:draft-ietf-shim6-applicabi… Brian E Carpenter
- Re: [shim6] I-D Action:draft-ietf-shim6-applicabi… Alberto García
- Re: [shim6] I-D Action:draft-ietf-shim6-applicabi… Brian Carpenter