Re: [Softwires] DS-Lite vs. 4rd
Andrew 👽 Yourtchenko <ayourtch@gmail.com> Fri, 23 October 2015 13:59 UTC
Return-Path: <ayourtch@gmail.com>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF6761A033A for <softwires@ietfa.amsl.com>; Fri, 23 Oct 2015 06:59:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Level:
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AGXFwQHfr8XA for <softwires@ietfa.amsl.com>; Fri, 23 Oct 2015 06:59:41 -0700 (PDT)
Received: from mail-ig0-x22e.google.com (mail-ig0-x22e.google.com [IPv6:2607:f8b0:4001:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8C421A0338 for <softwires@ietf.org>; Fri, 23 Oct 2015 06:59:40 -0700 (PDT)
Received: by igbdj2 with SMTP id dj2so16227676igb.1 for <softwires@ietf.org>; Fri, 23 Oct 2015 06:59:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=ClcLL4w9UBpfAkus0+cTBvL9qB0JzoqXIlbyiZN7adk=; b=RgjWwWEnYZOGxd74+DwApDZdQY4brtx0SdzCSsGVBOdOlx1gf1DkiLwoWgW47H5ZCs Mafnuu5Aj8V2vch82W3tRTLeAU97iROug8pq84yUcBMh9BOK389YVzFWKDF3PJ5/3C/F R9ZpQxAfxJ3JcWNZ7Azlwj9j3amLsgY1zeFnAq3nUAoZleyfpEJUqtPMlBjJJakNT9XY shAlIcAuevY/Pic8AnIOfkt4r9pXp2nnYa91YLYBQA4KdvEXxQu00d4ek1ddc+inRHQd 1cJ1Vd7k8nUgTX07XHi6QxtCRRRijoDi9GVKP4dWgwEbsAnCyBduP390nbwsIQpml/3T kIsA==
MIME-Version: 1.0
X-Received: by 10.50.134.98 with SMTP id pj2mr4202027igb.46.1445608780236; Fri, 23 Oct 2015 06:59:40 -0700 (PDT)
Received: by 10.107.184.134 with HTTP; Fri, 23 Oct 2015 06:59:39 -0700 (PDT)
In-Reply-To: <5EC9AF72-330E-4827-A6B1-9B694A829739@fortinet.com>
References: <93713E75-257C-4967-B76D-75D1E29774B7@fortinet.com> <4BC9505240E0A843ACC0CF035B8B08960412A9C1F8@KSTLMEXCP03MBX.CORP.CHARTERCOM.COM> <5EC9AF72-330E-4827-A6B1-9B694A829739@fortinet.com>
Date: Fri, 23 Oct 2015 15:59:39 +0200
Message-ID: <CAPi140O=fUz6U7C8Q4RfDTGdwoCp1O=2VVOLzBdRkX-iA9_5Sg@mail.gmail.com>
From: Andrew 👽 Yourtchenko <ayourtch@gmail.com>
To: Edward Lopez <elopez@fortinet.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/softwires/zVXwgCC4xOCrvSHcWWcYia6KhcQ>
Cc: "softwires@ietf.org" <softwires@ietf.org>
Subject: Re: [Softwires] DS-Lite vs. 4rd
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Oct 2015 13:59:42 -0000
Edward, If you find it of use, here's a write-up about fully virtual lab setup with OpenWRT with some screenshots: http://docwiki.cisco.com/wiki/MAP:OpenWRT_on_kvm_with_MAP-T_example it uses MAP-T, but with the way the MAP/LW4o6 is done in OpenWRT, the difference is very tiny, and this lab is a reasonable starting point for playing. NB: iptables code for partial NAT with counting which was used to avoid reinventing the bicycle, does endpoint-dependent NAT. During the implementation, we made an executive decision guided by KISS principle and called it "a feature" - with the footnote that provisioning the CPE with a 1:1 mapping (i.e. full IPv4 address) configures the regular SNAT, which thus should be endpoint independent. Another implementation you might wanna play with is https://github.com/cernet/MAP - that one is standalone running on Linux, and does implement the entirety of the MAP - though does not have the DHCPv6 provisioning built in. --a On 10/22/15, Edward Lopez <elopez@fortinet.com> wrote: > Thanks! I’m interested in solutions that have implementations available, > and OpenWRT would do nicely > >> On Oct 22, 2015, at 5:19 PM, Gottlieb, Jordan J >> <Jordan.Gottlieb@charter.com> wrote: >> >> Edward, >> >> MAP-T (RFC7599) and MAP-E (RFC7577) also address the issues you describe. >> Both CE MAP variants can be enabled in OpenWRT and can be provisioned >> manually or through DHCPv6 (RFC7598). Another excellent manual >> provisioned implementation is at http://enog.jp/~masakazu/vyatta/map/. >> There are several commercial CE and BR implementations in the pipeline >> for MAP-T. >> >> -Jordan >> >> -----Original Message----- >> From: Softwires [mailto:softwires-bounces@ietf.org] On Behalf Of Edward >> Lopez >> Sent: Wednesday, October 21, 2015 6:29 AM >> To: softwires@ietf.org >> Subject: [Softwires] DS-Lite vs. 4rd >> >> I apologize if this has been thrashed out in the past. In looking as >> implementing DS-Lite support, it appears that the need to include an >> additional tuple of information on the IPv6 B4 address of the CPE is >> cumbersome to NAT performance and tunnel capacitance, as many HW >> accelerated NAT engines exist without this extra tuple. It would appear >> that by splitting the AFTR into two functions, 4in6 encapsulation & >> NAT(CGN), we can overcome scaling and performance issues of DS-Lite. >> >> However, the issue of overlapping endpoint subnets supported internally by >> the CPE leads to the issue potentially supporting NAT44 on the CPE, to >> support stateless encapsulation of returning IPv4 packets into IPv6 by the >> AFTR. Section 4.2 of RFC-6333 states that CPE devices ‘should not’ >> perform NAT44, but that’s not the same as a ‘must not’ >> >> But as you craft this solution out, you begin to realize that you are >> re-creating the majority of 4rd, RFC-7600. However, 4rd is currently an >> experimental standard. >> >> My questions: >> >> - Has anyone implemented or considered implementing DS-Lite with CPEs >> performing NAT44? >> - Are their plans for this WG to move 4rd into standards track? >> - Are their any known implementations of 4rd out there for CPE devices >> (like OpenWRT)? >> >> Thanks! >> Ed Lopez >> *** Please note that this message and any attachments may contain >> confidential and proprietary material and information and are intended >> only for the use of the intended recipient(s). If you are not the intended >> recipient, you are hereby notified that any review, use, disclosure, >> dissemination, distribution or copying of this message and any attachments >> is strictly prohibited. If you have received this email in error, please >> immediately notify the sender and destroy this e-mail and any attachments >> and all copies, whether electronic or printed. >> Please also note that any views, opinions, conclusions or commitments >> expressed in this message are those of the individual sender and do not >> necessarily reflect the views of Fortinet, Inc., its affiliates, and >> emails are not binding on Fortinet and only a writing manually signed by >> Fortinet's General Counsel can be a binding commitment of Fortinet to >> Fortinet's customers or partners. Thank you. ** >> _______________________________________________ >> Softwires mailing list >> Softwires@ietf.org >> https://www.ietf.org/mailman/listinfo/softwires > > > *** Please note that this message and any attachments may contain > confidential > and proprietary material and information and are intended only for the use > of > the intended recipient(s). If you are not the intended recipient, you are > hereby > notified that any review, use, disclosure, dissemination, distribution or > copying > of this message and any attachments is strictly prohibited. If you have > received > this email in error, please immediately notify the sender and destroy this > e-mail > and any attachments and all copies, whether electronic or printed. > Please also note that any views, opinions, conclusions or commitments > expressed > in this message are those of the individual sender and do not necessarily > reflect > the views of Fortinet, Inc., its affiliates, and emails are not binding on > Fortinet and only a writing manually signed by Fortinet's General Counsel > can be > a binding commitment of Fortinet to Fortinet's customers or partners. Thank > you. *** > _______________________________________________ > Softwires mailing list > Softwires@ietf.org > https://www.ietf.org/mailman/listinfo/softwires >
- [Softwires] DS-Lite vs. 4rd Edward Lopez
- Re: [Softwires] DS-Lite vs. 4rd Suresh Krishnan
- Re: [Softwires] DS-Lite vs. 4rd Gottlieb, Jordan J
- Re: [Softwires] DS-Lite vs. 4rd Edward Lopez
- Re: [Softwires] DS-Lite vs. 4rd Edward Lopez
- Re: [Softwires] DS-Lite vs. 4rd Tina TSOU
- Re: [Softwires] DS-Lite vs. 4rd Andrew 👽 Yourtchenko