IETF Logo Mail Archive

Re: [v4v6interim] [46translation] [BEHAVE] Proposal for new BEHAVE charter

"TJ" <trejrco@gmail.com> Mon, 20 October 2008 19:36 UTC

Return-Path: <v4v6interim-bounces@ietf.org>
X-Original-To: v4v6interim-archive@ietf.org
Delivered-To: ietfarch-v4v6interim-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 032683A6AC1; Mon, 20 Oct 2008 12:36:06 -0700 (PDT)
X-Original-To: v4v6interim@core3.amsl.com
Delivered-To: v4v6interim@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 58F8E3A6AC1 for <v4v6interim@core3.amsl.com>; Mon, 20 Oct 2008 12:36:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.62
X-Spam-Level:
X-Spam-Status: No, score=-2.62 tagged_above=-999 required=5 tests=[AWL=-0.021, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XfGAZabEniau for <v4v6interim@core3.amsl.com>; Mon, 20 Oct 2008 12:36:04 -0700 (PDT)
Received: from mail-gx0-f16.google.com (mail-gx0-f16.google.com [209.85.217.16]) by core3.amsl.com (Postfix) with ESMTP id 001C13A6955 for <v4v6interim@ietf.org>; Mon, 20 Oct 2008 12:36:03 -0700 (PDT)
Received: by gxk9 with SMTP id 9so4313755gxk.13 for <v4v6interim@ietf.org>; Mon, 20 Oct 2008 12:36:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:references :in-reply-to:subject:date:message-id:mime-version:content-type :content-transfer-encoding:x-mailer:thread-index:content-language; bh=4FpadSyJ29khnpqerHg5eMzQocfyfWMM2ZR2PavU3Ws=; b=xQgYitlToFJaYleTwamCMc44qZ5VaYk7b+LwHhNVqmPuM51LpfA95pYJGg2zF238ET 4p4kc/8hE0MqxVgCUfMWob6RW77zcQZB84+8BrdZyERmdTg/x10BehhrBqMPCcxHUBCw /zKcA1zJ69gjb0360kydoJhz2CBCrNzkLYlrM=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:references:in-reply-to:subject:date:message-id:mime-version :content-type:content-transfer-encoding:x-mailer:thread-index :content-language; b=g/E69DJnJLJVKGTKWcrG1ygubpW3uaKqjFFqNrNxCK+fATzwNIyRtkWSJ92wRRRK8D GD3sKtOG84kHky0+OxwYolcjfeQBRa7iNShc/2sS5vlvoT7wrzcdJLgi0vFp261GJNmx oK28Il2Gcv8flFYCeq6oMOYGRe86J9YCEf2Zo=
Received: by 10.65.159.14 with SMTP id l14mr3908857qbo.73.1224530982667; Mon, 20 Oct 2008 12:29:42 -0700 (PDT)
Received: from Lapci010 (wsip-98-174-20-11.dc.dc.cox.net [98.174.20.11]) by mx.google.com with ESMTPS id 6sm16796043yxg.6.2008.10.20.12.29.41 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 20 Oct 2008 12:29:42 -0700 (PDT)
From: TJ <trejrco@gmail.com>
To: 46translation@employees.org, v4v6interim@ietf.org, 'Behave WG' <behave@ietf.org>
References: <48F8539D.90608@ericsson.com> <48FB9C5E.8070402@gmail.com> <3E041E8D-8539-4A16-9188-86A1DCEEE62B@muada.com> <200810201358.29295.remi.denis-courmont@nokia.com>
In-Reply-To: <200810201358.29295.remi.denis-courmont@nokia.com>
Date: Mon, 20 Oct 2008 15:29:40 -0400
Message-ID: <00fb01c932ea$331db210$99591630$@com>
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AckyoutElgtDGmrbSlKgnHKIxOb1MAARu81g
Content-Language: en-us
Subject: Re: [v4v6interim] [46translation] [BEHAVE] Proposal for new BEHAVE charter
X-BeenThere: v4v6interim@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of coexistence topics for the 01-Oct-2008 v4-v6 coexistence interim meeting <v4v6interim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/v4v6interim>, <mailto:v4v6interim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/v4v6interim>
List-Post: <mailto:v4v6interim@ietf.org>
List-Help: <mailto:v4v6interim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v4v6interim>, <mailto:v4v6interim-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: v4v6interim-bounces@ietf.org
Errors-To: v4v6interim-bounces@ietf.org

I am not entirely excited about this conversation, but WRT
	"3/ topology hiding"

NAT66 would accomplish something.  While it doesn't "hide" the specific host
_right now_, it does hide the underlying topology (no 1:1 correlation of
outside and inside addresses / network architecture) as well as hide the
specific host as time moves forward.



... hoping that if it does get defined it gets very little use ...
/TJ


>-----Original Message-----
>From: v4v6interim-bounces@ietf.org [mailto:v4v6interim-bounces@ietf.org] On
>Behalf Of Rémi Denis-Courmont
>Sent: Monday, October 20, 2008 6:58 AM
>To: 46translation@employees.org
>Cc: v4v6interim@ietf.org; 'Behave WG'
>Subject: Re: [v4v6interim] [46translation] [BEHAVE] Proposal for new BEHAVE
>charter
>
>On Monday 20 October 2008 13:37:05 ext Iljitsch van Beijnum, you wrote:
>> Interestingly, I did a small survey about whether people _expect_
>> there to be NAT66 in the future and the majority said "yes".
>>
>> On the one hand we can do nothing and if all goes well there will be
>> no IPv6 NAT so we're all happy because not doing anything made the
>> right thing happen. (Although I've used a NAT66 implementation myself
>> some years back, so there is at least one out there.)
>>
>> But if we do nothing, we run the risk that someone will do a quick
>> search and replace on their NAT44 code and create a port overloading
>> NAT66. The port overloading is 90% of the harmful stuff that NAT boxes
>> do.
>>
>> What we could do is come up with a stateless, transport-agnostic 1-
>> to-1 NAT66 spec so we at least avoid the port overloading and nothing
>> much breaks except referrals.
>
>I share your analysis that, _assuming_ we have NAT66, it should be
>transport-agnostic. IPv6 has a large enough address space, and we are
>painfully aware of the problems of transport-dependent NAT(44).
>
>However, when I look at the reasons for deploying NAT:
>1/ address space shortage
>2/ inbound firewalling
>3/ topology hiding
>4/ prefix delegation "bypass"
>
>(1) is a non-issue for IPv6. (2) is solved with stateful firewalling and
>does not require NAT. 1:1 NAT fails to solve (3) as it does hide the
>subnetting scheme, but fails to hide individual hosts. This leaves only
(4).
>Did I miss anything?
>
>I still believe we will see NAT66. Not because it's immediately useful.
>Rather because someone will figure out it's easy to adapt NAT44 code to do
>NAT66.
>For instance, much of the Linux Netfilter framework has become IP version-
>independent lately, with NAT being the only one big remaining IPv4-specific
>chunk.
>
>
>
>I guess only time would tell whether a NAT66 1:1 spec would help prevent
>such the transport-dependent NAT66 being _deployed_. It cannot hurt to
write
>that spec, I suppose. In any case, the abomination will be _implemented_
:-(
>It is too natural/easy/tempting.
>
>--
>Rémi Denis-Courmont
>Maemo Software, Nokia Devices R&D
>_______________________________________________
>v4v6interim mailing list
>v4v6interim@ietf.org
>https://www.ietf.org/mailman/listinfo/v4v6interim

_______________________________________________
v4v6interim mailing list
v4v6interim@ietf.org
https://www.ietf.org/mailman/listinfo/v4v6interim

v2.23.0 | Report a Bug | By Email