IETF Logo Mail Archive

Re: [Softwires] IPv4 Residual Deployment - Unified-standard proposal 4rd

Rémi Després <despres.remi@laposte.net> Fri, 16 March 2012 09:14 UTC

Return-Path: <despres.remi@laposte.net>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA07E21F8682 for <softwires@ietfa.amsl.com>; Fri, 16 Mar 2012 02:14:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.923
X-Spam-Level:
X-Spam-Status: No, score=-1.923 tagged_above=-999 required=5 tests=[AWL=-0.225, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_13=0.6, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aY+zdDkzy5EO for <softwires@ietfa.amsl.com>; Fri, 16 Mar 2012 02:14:34 -0700 (PDT)
Received: from smtpout.laposte.net (smtpout1.laposte.net [193.253.67.226]) by ietfa.amsl.com (Postfix) with ESMTP id BC6CF21F868A for <softwires@ietf.org>; Fri, 16 Mar 2012 02:14:33 -0700 (PDT)
Received: from [192.168.0.21] ([88.166.221.144]) by mwinf8501-out with ME id m9EW1i00B37Y3f4039EWho; Fri, 16 Mar 2012 10:14:31 +0100
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: multipart/alternative; boundary="Apple-Mail-132--752731845"
From: Rémi Després <despres.remi@laposte.net>
In-Reply-To: <CAFUBMqUAfu6P6ir3m-HZOo_sOKhJOJMQs+nL9MqM7t_cH60hOQ@mail.gmail.com>
Date: Fri, 16 Mar 2012 10:14:29 +0100
Message-Id: <8513C911-64AD-4F51-B4E3-7BFE7145DEA2@laposte.net>
References: <B509CB1C-4A0A-408B-9B4A-C0F847169431@juniper.net> <2AB8570A-644F-4792-8C56-44AD80A79234@laposte.net> <D6428903-FBA0-419C-A37F-A00874F28118@laposte.net> <CAM+vMERsVz7cuC1C52gw12wySaEgw8=44JjS8AUygj0vJ899Cg@mail.gmail.com> <DDD20574-4ECD-4285-BB15-548628FB0425@laposte.net> <CAM+vMETahum9rB+fr=OHAmVobDZSzRRy9mUwkjryhqRvaJWe-Q@mail.gmail.com> <35065EB3-D4D6-451B-ACED-67BB94C77F18@laposte.net> <CAAuHL_D68nkd36ifLzEeVR67Q124VH-pMhM1pkEE_PcLbGxBrw@mail.gmail.com> <14D90642-0478-4AB9-91AA-A3E0310197F2@laposte.net> <CAFUBMqX9dj8MSeZdJTic5iOT=Jjg4oihWs30FWVAca08v_3=7g@mail.gmail.com> <D476AFD2-3B6B-48A0-971D-C65CC2CFA46B@laposte.net> <CAFUBMqU1wtP5prSaLG8hDSuv-EGWP5Diqoj6WEMHb_q8hNVDdQ@mail.gmail.com> <4BA560D3-5D48-4911-BDCB-D9CB490FBBA1@laposte.net> <CAFUBMqVzbtZ7JxunHv7m1zgWjRa2sh7zZS+91aURAy8-xTZW8g@mail.gmail.com> <CAFUBMqXPAA7RjCzgvbuq0WqbKijXwuFebnmrL-zDx_XoZh=Xkg@mail.gmail.com> <FED38071-241D-480C-9A8A-CFA7A55A4F3B@laposte.net> <CAFUBMqWv2V2PnZg5iTSuT6Jdbtredzj-4G PuS4VHqpDG+aP4dA@mail.gmail.com> <A4A7C9E3-DBA9-4AA5-A60B-E3D3A187BD7F@laposte.net> <CAFUBMqVT=E=GqBG_-q458GCpYKLk66vuvE-cx81=eTdgyUbj7A@mail.gmail.com> <D1EF9447-336A-48B4-91F4-D514654AC93D@laposte.net> <CAFUBMqWTRb_pjV_VFEDpNof7H+AnOvRM_acQXZ4XRPzAG-865A@mail.gmail.com> <7DED1A34-7237-4F05-B0A4-75C04A09B8E1@laposte.net> <CAFUBMqUVme5Vmm0QuJT4rcZeWo-CZyZoGBkq6RLjO=DRYLKYSg@mail.gmail.com> <AD2E97A4-98FF-4F00-BC28-44AB430870FB@laposte.net> <CAFUBMqXi02DcrTkJ3zjt4fv8EvVJPfAv=CTkM7gesi95jNQSQQ@mail.gmail.com> <8A2DF2DD-C961-4A90-AD62-9C2F647E1A9F@laposte.net> <CAFUBMqXuvBt6DD8JpWt_5+JP33ETqTrz3KbSRm1Kp9ZQBjqs+w@mail.gmail.com> <F2C46FAE-30EF-4707-8680-F4CED8A3A7F9@free.fr> <CAFUBMqU_ggCiE1Jr=HEAY1a1sunNXQZu1Oi98Jaa7jfd_0puLg@mail.gmail.com> <11773427-F939-4F5D-8011-C24E4B7FF58C@laposte.net> <CAFUBMqU+Bv1L6b7BLOwYwACbma4nDhpq_5BziC_Y0qxvCGkJ_A@mail.gmail.com> <CAFUBMqWOXU27iNucVzLCa=J7FN7XJ4UKcq1xCtdNbMyCp5fUXg@mail.gmail.com> <4C115973-974D-4D56-9420-47598D5D60DA@laposte.net> <CAFUBMqV7WAemb2nwU8R9hR-U5KPLF-zOR4H-6iwWyz4iBCFBVg@mail.gmail.com> <CCAAD514-92CF-43CB-8BA0-9896AD9D3846@laposte.net> <CAFUBMqVv1=B43ycSqROhxmFPOS6PHwXiLJVd5Si051bPKtd=pQ@mail.gmail.com> <21E5307F-2363-4D5E-BFFC-2D6227CF51F2@laposte.net> <CAFUBMqUAfu6P6ir3m-HZOo_sOKhJOJMQs+nL9MqM7t_cH60hOQ@mail.gmail.com>
To: Maoke <fibrib@gmail.com>
X-Mailer: Apple Mail (2.1084)
Cc: Softwires WG <softwires@ietf.org>, Yong Cui <cuiyong@tsinghua.edu.cn>
Subject: Re: [Softwires] IPv4 Residual Deployment - Unified-standard proposal 4rd
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/softwires>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2012 09:14:38 -0000

Maoke,

In a forthcoming answer to another of you emails, on thread "4rd-u tunnels and stateful NAT64s", I will try to describe more completely what the latest 4rd brings in the stateful NAT64 context.


Le 2012-03-16 à 01:27, Maoke a écrit :
> 2012/3/15 Rémi Després <despres.remi@laposte.net>
> Le 2012-03-15 à 14:52, Maoke a écrit :
>> 2012/3/15 Rémi Després <despres.remi@laposte.net>
...
>> 
>> Just referring to:
>> 
>> DS-RFC6145-host --(v6net) -- NAPT64 -- IPv4 Internet
(Typo corrected, as indicated in another email)
>>  
>>  
>> what is RFC6145-host??
> 
> E.g. a host with BIH (RFC6535) or with 464XLAT, i.e. one that supports IPv4 applications and is attached to an IPv6-only network.
> 
> then inside the host, there a RFC6145 module, right?

Right:
- RFC6535 says:
"When BIH is implemented at the network layer, the IPv4 packets are intercepted and converted to IPv6 using the IP conversion mechanism defined in the Stateless IP/ICMP Translation Algorithm (SIIT) [RFC6145].
- The v6ops draft on 464XLAT says that it combines "existing and well-known stateful protocol translation RFC 6146 in the core and stateless protocol translation RFC 6145 at the edge". 


> my point is, if there is no NAT64 module, this cannot talk with another NAT64 box elsewhere as only one of the (src,dst)-pair is stateless IPv4-converted IPv6 address.

In my understanding, this discussion is about *stateful* NAT64s (those that work for hosts having no assigned public IPv4 address).
There is then no "stateless IPv4-converted IPv6 address" in this context.

> my previous analysis doesn't matter whether the translator and the end host are separated or integrated into one box.

Not sure to understand the point (which translator, and why separated?).
Yet, I think there is no problem here.

RFC6535 on BIH says:
"The IETF recommends using solutions based on dual stack or tunneling for IPv6 transition and specifically recommends against deployments utilizing double protocol translation."


This is why it is AFAIK useful, in BIH- and/or 464XLAT-capable hosts, to add support of 4rd NAT64+ mapping rules. 
Benefit is that, with upgraded NAT64s (NAT64+ supporting 4rd tunneling), DS hosts having no public IPv4 address  can reach IPv4 servers without any RFC6145 translation (avoiding transparency limitations)

In the answer I will send on on the other thread, I plan to restate this, and explain in more details. 
If you agree, we could limit this discussion to the other thread.

Regards,
RD


 


>  
> 
> - maoke
>  
> Clear enough?
> 
>> (seeing you have corrected the v4net with v6net) if it is a host connected to an IPv6 network, it is the case of single NAT64, where we have the problem of "interwork"?
> 
> See above.
> 
> RD
> 
> 
>>  
>> - maoke
>>  
>>  
>> 
>> Is this excluded?
>> 
>> RD
>> 
>> 
>>> 
>>> you mean the stateful NAT64-ed IPv4 host (let's call it A) having access to an IPv4 host (let's call it B) behind a stateless RFC6145 translator, mapped to IPv4-converted IPv6 address in the IPv6 domain. if so, it is not right that RFC6145 complying node can talk to a NAT64. let's see the details:  
>>> 
>>> model: A ---(IPv4 network)--- NAT64 (stateful) ---(IPv6 cloud)--- RFC6145 translator --- B 
>>> 
>>> because A would be translated by NAT64 to an arbitrary IPv6 address, A', which is not an IPv4-converted one either in MAP or in RFC6052, the RFC6145 translator cannot handle it statelessly for any end-to-end communication. the box in front of B should be another NAT64, and as i said previously, no problem in interwork. if one NAT64 supports DCCP, it adjusts the checksum; if the other doesn't support, it drops DCCP. no case of asymmetrically processed but end-to-end deliverable DCCP here. 
>>> 
>>> - maoke 
>>>  
>>> (A NAT64 talking to another NAT64 was part of what I wrote!!!)
>>> 
>>> RD
>>> 
>>> 
>>> 
>>>>  
>>>> on the other hand, i cannot understand how the CNP helps stateful checksum validity. may you please to clarify? 
>>>> 
>>>> maoke
>>>>  
>>>> 
>>>> RD
>>>> 
>>>> 
>>>>> 
>>>>> - maoke
>>>>>  
>>>>> If we agree, I have nothing else on this point.
>>>>> 
>>>>> Regards,
>>>>> RD
>>>>> 
>>>>> 
>>>>> 
>>>>> If, as you suggest, 
>>>>> 2012-03-15 02:04, Maoke:
>>>>> 
>>>>>> 2012/3/14 Rémi Després <despres.remi@laposte.net>
>>>>>> 
>>>>>> Le 2012-03-14 à 10:46, Maoke a écrit :
>>>>>>> 
>>>>>>> 2012/3/14 Rémi Després <despres.remi@laposte.net>
>>>>> ...
>>>>>>>   
>>>>>>> Changing DCCP support from optional to mandatory in RFC6145 isn't backward compatible (an upgraded node isn't guaranteed to interwork with a non upgraded node).
>>>>>>> 
>>>>>>> the CE/BR specified RFC6145-compliant might be a problem but MAP-T is still in development. if we state to enforce DCCP mandatorily rather than optional in MAP-T, a MAP-T-compliant CE/BR won't has the backward compatible problem. to this extend, MAP-T is at the same kick-off line of the 4rd-U. 
>>>>>> 
>>>>>> 1. I agree that, between CEs and BRs, there can be no problem for DCCP (provided the draft is completed to this effect). The comparison table was explicitly made with existing drafts, and intended to be updatable. 
>>>>>> 
>>>>>> 2. The MAP-T draft is also claimed to allow "communication between IPv4-only, as well as any IPv6 enabled end hosts, to native IPv6-only servers in the domain that are using IPv4-mapped IPv6 address". In this case, AFAIK, the backward compatibility problem exists  
>>>>>> Thought? 
>>>>>> 
>>>>>> surely it does not exist. that statement applies to the MAP-T-compliant equipments, when it is used as a IPv4-to-IPv6 single translator or as an native IPv6 router. same deployment of equipments should support double-translation, single-translation, and native IPv6 accesses simultanenously. that's one of the points of the MAP-T. 
>>>>>> 
>>>>>> - maoke
>>>>>>  
>>>>>> 
>>>>>> 
>>>>>>> To be even more precise, H6 of the comparison table can be:
>>>>>>> "For ISPs that don't provide all CE nodes, and for shared IPv4 addresses, DCCP and UDP-Lite are supported, as well as future protocols using the TCP checksum algorithm and ports at the same place"
>>>>>>> 
>>>>>>> i actually think the original text is fine. "For .... shared IPv4 addresses" is not needed for 4rd-U, to my understanding, nor needed to MAP-T.
>>>>>> 
>>>>>> Will see what to do, then, when changes to the MAP-T draft concerning DCCP are known. 
>>>>>> 
>>>>>> RD
>>>>>> 
>>>>>> 
>>>>>>>  
>>>>>>> 
>>>>>>> maoke 
>>>>>>>  
>>>>>>> 
>>>>>>> Does this cover the point?
>>>>>>> 
>>>>>>> RD
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>>> 
>>>>>>>> ;-)
>>>>>>>> maoke 
>>>>>>>>  
>>>>>>>> 
>>>>>>>>> but this is not my point. my point is: there must be something we don't know ("non omnia possumus omnes"). even we have gone through the RFCs, there might be some other proprietary L4 protocols, or experimental protocols. even they are minority, i don't think ignoring their existance in our solution fits the spirit of the Internet. it might be argued that NAT44 doesn't support such L4 protocols now, but an L4 protocol owner may makes his own NAT44, either attached to the CE or separated. if 4rd-U respects such an effort, it should state "currently blahblabla L4 protocols are supported". the similar statement applies to the RFC6145 or MAP as well.
>>>>>>>> 
>>>>>>>>> i somehow am hard to accept words like "far fetched theoretical problem". 
>>>>>>>> 
>>>>>>>> If I had thought it might be so, I would have avoided the word.
>>>>>>>> 
>>>>>>>> 
>>>>>>>>> the L4-recalculate is a generic, architectural solution, surely needing codes for every L4 protocol. but this generality in architecture makes RFC6145 or MAP-T equipment be easily enhanced to support anything new with the same logic. but for the 4rd-U BR, it looks to me we cannot have the unified logic for all (even limited to existing and well-known) L4 protocols. 
>>>>>>>>> 
>>>>>>>>> only my 2 cents. 
>>>>>>>> 
>>>>>>>> With amendments above, the point is AFAIK completely covered: everything is rigorously true, and worth noting.
>>>>>>>> Thanks for the useful reference to the RDP of RFC1151.
>>>>>>>> 
>>>>>>>> RD 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> _______________________________________________
>>>>>> Softwires mailing list
>>>>>> Softwires@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/softwires
>>>>> 
>>>>> 
>>>> 
>>>> 
>>>> 
>>> 
>>> 
>> 
>> 
> 
>

v2.23.0 | Report a Bug | By Email