Re: [sunset4] New draft: draft-kaliwoda-sunset4-dual-ipv6-coexist
"Arkadiusz Kaliwoda (akaliwod)" <akaliwod@cisco.com> Tue, 25 September 2012 15:15 UTC
Return-Path: <akaliwod@cisco.com>
X-Original-To: sunset4@ietfa.amsl.com
Delivered-To: sunset4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 552E221F87CC for <sunset4@ietfa.amsl.com>; Tue, 25 Sep 2012 08:15:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jipRf08VX4cV for <sunset4@ietfa.amsl.com>; Tue, 25 Sep 2012 08:15:41 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) by ietfa.amsl.com (Postfix) with ESMTP id A58BD21F884F for <sunset4@ietf.org>; Tue, 25 Sep 2012 08:15:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=17814; q=dns/txt; s=iport; t=1348586133; x=1349795733; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=mM1l7fiZJY0Zot9EPIfbY63MbE3MCXfKSamf7h406xo=; b=VwCGsLiY1ZLPfochlvB0FnUmtNpGuvWB/1M9L9VO59W1ukV1Fl+4AXDz +iQFvbnyTbbKBQC4lZD/aBAkYBdQbKJL3ZfEbICb6oxFNOqdGpet6hBLB Srl5Fwt7D56NveUJJ9DOlZCVQlkcGupb/GIkPlSHz9myAv9Asy8mMTIEk s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgMFAFvKYVCtJV2c/2dsb2JhbAA7CoYLt1+BAIEIgiABAQEEAQEBDwEQETMHBAIRBAIBCBEEAQEDAgYdAwICAiULFAEICAEBBAESCAELBwMEh2MLmGqNHII7kHSBIYl6EAqFFjJgA5I0hEaNJoFpgmeBYzQ
X-IronPort-AV: E=Sophos;i="4.80,484,1344211200"; d="scan'208";a="122112128"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-9.cisco.com with ESMTP; 25 Sep 2012 15:15:25 +0000
Received: from xhc-rcd-x01.cisco.com (xhc-rcd-x01.cisco.com [173.37.183.75]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id q8PFFP1s014853 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 25 Sep 2012 15:15:25 GMT
Received: from xmb-rcd-x04.cisco.com ([169.254.8.159]) by xhc-rcd-x01.cisco.com ([173.37.183.75]) with mapi id 14.02.0298.004; Tue, 25 Sep 2012 10:15:24 -0500
From: "Arkadiusz Kaliwoda (akaliwod)" <akaliwod@cisco.com>
To: "George, Wes" <wesley.george@twcable.com>, "sunset4@ietf.org" <sunset4@ietf.org>
Thread-Topic: New draft: draft-kaliwoda-sunset4-dual-ipv6-coexist
Thread-Index: Ac2R+21YDslgOCGyRDSYxe7VZHlovwFV9WygAPRNMxA=
Date: Tue, 25 Sep 2012 15:15:23 +0000
Message-ID: <C7DD0A1145B71949BBD65DF56D408BA80F4F788C@xmb-rcd-x04.cisco.com>
References: <C7DD0A1145B71949BBD65DF56D408BA80F4EEE43@xmb-rcd-x04.cisco.com> <2671C6CDFBB59E47B64C10B3E0BD59235F0E6D8F@PRVPEXVS15.corp.twcable.com>
In-Reply-To: <2671C6CDFBB59E47B64C10B3E0BD59235F0E6D8F@PRVPEXVS15.corp.twcable.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.61.91.124]
x-tm-as-product-ver: SMEX-10.2.0.1135-7.000.1014-19208.004
x-tm-as-result: No--55.724300-8.000000-31
x-tm-as-user-approved-sender: No
x-tm-as-user-blocked-sender: No
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Subject: Re: [sunset4] New draft: draft-kaliwoda-sunset4-dual-ipv6-coexist
X-BeenThere: sunset4@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: sunset4 working group discussion list <sunset4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sunset4>, <mailto:sunset4-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sunset4>
List-Post: <mailto:sunset4@ietf.org>
List-Help: <mailto:sunset4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sunset4>, <mailto:sunset4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Sep 2012 15:15:42 -0000
Hi Wes, I think that this draft brings up some good topics for discussion. [Kali] I am glad it is the case. Thank you. Speaking first as a WG chair, part of me thinks that this might be appropriate as something that is integrated into the gap analysis that is already in progress (draft-ietf-sunset4-gapanalysis). However, since our gap analysis thus far has focused more on actually disabling IPv4 and the problems that come with that, rather than in this transition area where you are still technically operating a dual-stack network, it might be appropriate as a either a standalone document, or as a part of a larger gap analysis of the late steps of the transition phase (i.e. as the SP tries to start moving towards disabling IPv4 altogether and has at least some IPv6-only devices on the network). I'd like some comments from the WG about which way they see being more useful. [Kali] Ok, I will wait for advice on this. Now as an individual: I think rather than this being simply a problem statement, I'd rather see it as a gap analysis and informational discussion that talks about what things an SP can do to influence the client's choice today, and what things (if any) may be missing to do this cleanly without adverse impact to other hosts. [Kali] My intention was to start with the problem statement. If the problem statement is considered valid by the WG, then probably it has to be addressed, for example as the extension of this draft to evaluate the possible options that are already defined or being worked upon or identify the need for yet another solution (if necessary). From a scoping perspective, I think we have two cases we need to care about: dual-stack devices operating in an IPv6 + IPv4 NAT/CGN, and true single-stack IPv6 devices. In order to get to single-stack, the SP needs to be able to start moving dual-stack devices to use more and more IPv6, and part of that is to use less and less IPv4, possibly even as a test to see if the 6to4 translation is working well enough to turn off IPv4. Then there is the subcase you mention about whether or not separate DNS server IPs are used for different services/address-families or not. [Kali] I assume that by 'device' above you refer to consumer device behind managed CPE. I agree, we can have the mix of dual-stack and single-stack devices in the home network with the final goal of IPv6-only devices which may go through NAT64 translation path when necessary. Separate DNS server is not enough I am afraid to control the client's behavior; I was rather referring to this subcase based on the assumption that Service Provider may not be willing to modify the existing DNS server; due to operational complexity, risk mitigation or simply lack of DNS64 support on the deployed DNS server. In such case DNS64 must be on different device. But indeed, this choice may be also driven by other considerations. Each of these cases, plus the implementation that the carrier has chosen as far as NAT, ALGs, and other details will affect which is the preferred destination that will lead to the best use of the carrier's resources and more importantly, the best customer experience. [Kali] I agree. As of now, there are only two possible paths; IPv4 incl. optionally NAT/CGN or native IPv6 forwarding. Dual stack hosts may select either of the two and mechanisms like happy eyeballs, make the choice optimum for the consumer device/app. As long as it makes IPv6 traffic growing and offload NAT44 path, Service Provider may be happy but I think that very soon they will start to think "what's next". If we add stateful NAT64, then the situation becomes more challenging as I tried to explain in the draft. I think that the problem statement boils down to the fact, that SP may need to have better control or at least the means to affect the decision of device on the preferred destination and path taken through the SP network. In order to optimize resources, provide the best customer experience and ease or even allow smooth and controlled transition process to IPv6 only environment. Not sure if you agree with that... because this is not exactly what I have written in the draft but in fact this was the main incentive for me to write one. It'll also potentially interact with happy eyeballs. I'm not sure that simply assuming that the method of transport for the DNS is going to be enough to determine the behavior in an environment with a separate DNS server IP for DNS64. [Kali] I think that separate DNS64 server will not be enough to determine the behavior of device. There is no control what transport is used by dual-stack hosts and probably SP cannot switch off IPv4 transport for DNS as long as there will be unknown % of IPv4-only clients or even dual-stack clients that for some reason use IPv4 DNS server only. There is also no control on what IPv6 DNS address to give to dual-stack and IPv6-only device. No control => no deterministic behavior I would risk to say. What if the host sends out A and AAAA records in parallel over IPv4 and IPv6 transport, respectively? How does it determine whether it should use IPv4 or IPv6-translated-IPv4? Happy eyeballs? Is that enough to make the right decision? You already mention the possibility of using different DNS server IPs for different services, and it might make sense to discuss this in more detail, pros/cons, implications, etc. [Kali] I think that happy eyeballs selects the best/quickest path through the network. It can be IPv4, or IPv6 or IPv6-translated-IPv4 i.e. I don't think that Service Provider has much control on this process as soon as host receives synthetized AAAA answer, A answer and standard AAAA answer. I fully agree that it has to be discussed in greater details. So if we're going to discuss this, we probably need to be thinking in terms of whether we need additional intelligence in happy eyeballs to detect these scenarios and make a choice, or even a method to signal what class of service (native, NAT, or 64translated) is available so that the host or application can make a better decision about which stack to use. There was considerable debate during the last revision of happy eyeballs about the appropriateness of inducing a delay on one stack or the other in order to manipulate the choice that happy eyeballs makes. At the time, it was focused on compensating for minor differences in latency between IPv4 and IPv6 such that HE wouldn't prefer IPv4 unnecessarily. But perhaps at a certain point that artificial manipulation actually makes some sense, not as a way to handicap IPv4 to spur IPv6 usage, but as a way to ensure that the most appropriate address family is chosen based on what the SP has implemented - in other words, use latency as a hint to direct HE-capable devices at the best method to reach their intended destination. [Kali] I was not following very closely the previous discussions. I may not be on the right path and sharing my first thoughts on this topic. If both stacks are available and multiple DNS responses are given, it may be the host/application decision, that can be influenced by adding delay on the SP network, as long as it is the right way to influence client's behavior. I am not sure as the Service Provider I would like to leave the choice to app/host whether native/NAT/64translated path is to be selected; I am not representing Service Provider community though :) I tend to think that SP should have some mechanisms to better control what DNS response should be provided to the client device (e.g. 64translated path is only considered when the synthetized DNS response is given) or maybe which client should be using what DNS server. Followed by the additional hints (like delay) for the client devices that receive multiple responses, to influence the decision making process. I am not trying to say that control of every aspect of host behavior is the goal. Although if the Service Provider would consider the following strategy to migrate to IPv6: - add native IPv6 path for dual stack and let the best one win (e.g. happy eyeballs) - before or after; add NAT44 CGN to mitigate IPv4 exhaust problem, allocate the correct resources for it - add DNS64/NAT64 for IPv6 only to test and promote IPv6-only path, monitor and plan for correct resources for stateful NAT64 engine - move dual-stack devices to use NAT64 path instead of NAT44 path; re-use the CGN resources (i.e. IPv4 address pool) - manage the native IPv4 leftover traffic (at this stage only or mostly IPv4-only devices or when IPv4 literals are used by apps) - plan switching off IPv4 in the SP network Then I am wondering how it could be achieved without some ways of controlling or affecting the client devices behavior. I would be happy to receive your feedback. Thanks Kali > -----Original Message----- > From: sunset4-bounces@ietf.org [mailto:sunset4-bounces@ietf.org] On > Behalf Of Arkadiusz Kaliwoda (akaliwod) > Sent: Thursday, September 13, 2012 6:04 PM > To: sunset4@ietf.org > Subject: [sunset4] New draft: draft-kaliwoda-sunset4-dual-ipv6-coexist > > Hi All, > > I have submitted a new draft “draft-kaliwoda-sunset4-dual-ipv6-coexist” > that defines a problem of introducing IPv6/IPv4 translation service in > IPv6 enabled network. I think this problem will have an impact on the > transition from IPv4 to IPv6. > > IMHO today many operators are focused on adding IPv6 support in their > network including access network and CPEs, in order to provide dual > stack data service for their customers. Service Providers are also > very much concerned on handling the IPv4 exhaust problem, especially > when the number of subscribers thus hosts in the network keeps on > increasing fast. Once these challenges are under control and as soon > as more consumer devices are IPv6-ready, the process of sunsetting > IPv4 will start for good. Not only in the SP network where 4over6 > technologies are of key importance and where this transition has > already started in some cases. More importantly in the context of this > draft, the transition from IPv4 or dual-stack to IPv6-only will also start in the end hosts. > If such transition starts sooner, of it has already started, then I > think it makes the identified problem even more interesting and > important. > > I hope you will find the problem defined in the draft valid and > relevant to the scope of SUNSET4 Working Group. > > Please find the links to the document and abstract below. > > Thank you for review of the draft and your comments. > > Regards > Kali > > > -----Original Message----- > From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] > Sent: Wednesday, September 12, 2012 9:43 PM > To: Arkadiusz Kaliwoda (akaliwod) > Subject: New Version Notification for > draft-kaliwoda-sunset4-dual-ipv6- coexist-00.txt > > > A new version of I-D, draft-kaliwoda-sunset4-dual-ipv6-coexist-00.txt > has been successfully submitted by Arkadiusz Kaliwoda and posted to > the IETF repository. > > Filename: draft-kaliwoda-sunset4-dual-ipv6-coexist > Revision: 00 > Title: Co-existence of both dual-stack and IPv6-only hosts > Creation date: 2012-09-12 > WG ID: Individual Submission > Number of pages: 7 > URL: http://www.ietf.org/internet-drafts/draft-kaliwoda- > sunset4-dual-ipv6-coexist-00.txt > Status: http://datatracker.ietf.org/doc/draft-kaliwoda-sunset4- > dual-ipv6-coexist > Htmlized: http://tools.ietf.org/html/draft-kaliwoda-sunset4-dual- > ipv6-coexist-00 > > > Abstract: > Some networks are expected to support IPv4-only, dual-stack, and > IPv6-only hosts at the same time. Such networks may want to add > IPv6/IPv4 translation for the IPv6-only host so it can access servers > on the IPv4 Internet. Adding translation service to the IPv6-enabled > network may change dual-stack host behavior and affect the way > deployed network is working. This document defines the problem > statement for such networks. > > > > > The IETF Secretariat > > _______________________________________________ > sunset4 mailing list > sunset4@ietf.org > https://www.ietf.org/mailman/listinfo/sunset4 This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
- [sunset4] New draft: draft-kaliwoda-sunset4-dual-… Arkadiusz Kaliwoda (akaliwod)
- Re: [sunset4] New draft: draft-kaliwoda-sunset4-d… George, Wes
- Re: [sunset4] New draft: draft-kaliwoda-sunset4-d… Arkadiusz Kaliwoda (akaliwod)