IETF Logo Mail Archive

Re: [v4v6interim] [46translation] [BEHAVE] Proposal for new BEHAVE charter

" Rémi Denis-Courmont" <remi.denis-courmont@nokia.com> Mon, 20 October 2008 10:58 UTC

Return-Path: <v4v6interim-bounces@ietf.org>
X-Original-To: v4v6interim-archive@ietf.org
Delivered-To: ietfarch-v4v6interim-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B5E513A69CA; Mon, 20 Oct 2008 03:58:04 -0700 (PDT)
X-Original-To: v4v6interim@core3.amsl.com
Delivered-To: v4v6interim@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C048B3A696E; Mon, 20 Oct 2008 03:58:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.299
X-Spam-Level:
X-Spam-Status: No, score=-6.299 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 69HYGMjov1Oh; Mon, 20 Oct 2008 03:58:03 -0700 (PDT)
Received: from mgw-mx03.nokia.com (smtp.nokia.com [192.100.122.230]) by core3.amsl.com (Postfix) with ESMTP id A46223A67BD; Mon, 20 Oct 2008 03:58:02 -0700 (PDT)
Received: from esebh106.NOE.Nokia.com (esebh106.ntc.nokia.com [172.21.138.213]) by mgw-mx03.nokia.com (Switch-3.2.6/Switch-3.2.6) with ESMTP id m9KAwfj0013133; Mon, 20 Oct 2008 13:59:04 +0300
Received: from vaebh102.NOE.Nokia.com ([10.160.244.23]) by esebh106.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 20 Oct 2008 13:58:42 +0300
Received: from esdhcp041131.research.nokia.com ([172.21.41.131]) by vaebh102.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 20 Oct 2008 13:58:29 +0300
From: Rémi Denis-Courmont <remi.denis-courmont@nokia.com>
Organization: Maemo Software - Nokia Devices R&D
To: 46translation@employees.org
Date: Mon, 20 Oct 2008 13:58:28 +0300
User-Agent: KMail/1.9.10
References: <48F8539D.90608@ericsson.com> <48FB9C5E.8070402@gmail.com> <3E041E8D-8539-4A16-9188-86A1DCEEE62B@muada.com>
In-Reply-To: <3E041E8D-8539-4A16-9188-86A1DCEEE62B@muada.com>
MIME-Version: 1.0
Content-Disposition: inline
Message-Id: <200810201358.29295.remi.denis-courmont@nokia.com>
X-OriginalArrivalTime: 20 Oct 2008 10:58:29.0697 (UTC) FILETIME=[C91CD310:01C932A2]
X-Nokia-AV: Clean
Cc: v4v6interim@ietf.org, 'Behave WG' <behave@ietf.org>
Subject: Re: [v4v6interim] [46translation] [BEHAVE] Proposal for new BEHAVE charter
X-BeenThere: v4v6interim@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of coexistence topics for the 01-Oct-2008 v4-v6 coexistence interim meeting <v4v6interim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/v4v6interim>, <mailto:v4v6interim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/v4v6interim>
List-Post: <mailto:v4v6interim@ietf.org>
List-Help: <mailto:v4v6interim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v4v6interim>, <mailto:v4v6interim-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: v4v6interim-bounces@ietf.org
Errors-To: v4v6interim-bounces@ietf.org

On Monday 20 October 2008 13:37:05 ext Iljitsch van Beijnum, you wrote:
> Interestingly, I did a small survey about whether people _expect_
> there to be NAT66 in the future and the majority said "yes".
>
> On the one hand we can do nothing and if all goes well there will be
> no IPv6 NAT so we're all happy because not doing anything made the
> right thing happen. (Although I've used a NAT66 implementation myself
> some years back, so there is at least one out there.)
>
> But if we do nothing, we run the risk that someone will do a quick
> search and replace on their NAT44 code and create a port overloading
> NAT66. The port overloading is 90% of the harmful stuff that NAT boxes
> do.
>
> What we could do is come up with a stateless, transport-agnostic 1-
> to-1 NAT66 spec so we at least avoid the port overloading and nothing
> much breaks except referrals.

I share your analysis that, _assuming_ we have NAT66, it should be 
transport-agnostic. IPv6 has a large enough address space, and we are 
painfully aware of the problems of transport-dependent NAT(44).

However, when I look at the reasons for deploying NAT:
1/ address space shortage
2/ inbound firewalling
3/ topology hiding
4/ prefix delegation "bypass"

(1) is a non-issue for IPv6. (2) is solved with stateful firewalling and does 
not require NAT. 1:1 NAT fails to solve (3) as it does hide the subnetting 
scheme, but fails to hide individual hosts. This leaves only (4). Did I miss 
anything?

I still believe we will see NAT66. Not because it's immediately useful. Rather 
because someone will figure out it's easy to adapt NAT44 code to do NAT66. 
For instance, much of the Linux Netfilter framework has become IP 
version-independent lately, with NAT being the only one big remaining 
IPv4-specific chunk.



I guess only time would tell whether a NAT66 1:1 spec would help prevent such 
the transport-dependent NAT66 being _deployed_. It cannot hurt to write that 
spec, I suppose. In any case, the abomination will be _implemented_ :-( It is 
too natural/easy/tempting.

-- 
Rémi Denis-Courmont
Maemo Software, Nokia Devices R&D
_______________________________________________
v4v6interim mailing list
v4v6interim@ietf.org
https://www.ietf.org/mailman/listinfo/v4v6interim

v2.23.0 | Report a Bug | By Email