Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion

[<mohamed.boucadair@orange.com>]

Jordi, 

That is what I was suggesting. 

Cheers,
Med

> -----Message d'origine-----
> De : v6ops [mailto:v6ops-bounces@ietf.org] De la part de JORDI PALET MARTINEZ
> Envoyé : vendredi 27 avril 2018 10:32
> À : V6 Ops List
> Objet : Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
> 
> Responding to myself ... The alternative maybe to not say anything about
> RFC6887, so the SHOULD in RFC7084 is in effect and add a SHOULD for RFC6970.
> 
> Regards,
> Jordi
> 
> 
> -----Mensaje original-----
> De: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
> Fecha: viernes, 27 de abril de 2018, 10:27
> Para: V6 Ops List <v6ops@ietf.org>
> Asunto: Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
> 
>     The difference is in RFC7084 is a SHOULD for RFC6887, while here I'm
> suggesting a MUST when DS-LITE or 464XLAT are implemented.
> 
>     Asking a MUST for RFC6970, and not having a MUST in RFC6887 seems weird
> ...
> 
>     Regards,
>     Jordi
> 
> 
>     -----Mensaje original-----
>     De: <mohamed.boucadair@orange.com>
>     Fecha: viernes, 27 de abril de 2018, 9:45
>     Para: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>, V6 Ops List
> <v6ops@ietf.org>
>     Asunto: RE: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
> 
>         Re-,
> 
>         Please see inline.
> 
>         Cheers,
>         Med
> 
>         > -----Message d'origine-----
>         > De : v6ops [mailto:v6ops-bounces@ietf.org] De la part de JORDI
> PALET MARTINEZ
>         > Envoyé : vendredi 27 avril 2018 08:27
>         > À : V6 Ops List
>         > Objet : Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
>         >
>         > Hi Med,
>         >
>         > In the document I'm editing right now, I've it already support for
> RFC6887
>         > (464XLAT-2):
> 
>         [Med] You don't need to add an item for 6887 since this is already
> covered in 7084:
> 
>            W-6:  The WAN interface of the CE router SHOULD support a Port
>                  Control Protocol (PCP) client as specified in [RFC6887] for
> use
>                  by applications on the CE router.  The PCP client SHOULD
> follow
>                  the procedure specified in Section 8.1 of [RFC6887] to
> discover
>                  its PCP server.  This document takes no position on whether
>                  such functionality is enabled by default or mechanisms by
> which
>                  users would configure the functionality.  Handling PCP
> requests
>                  from PCP clients in the LAN side of the CE router is out of
>                  scope.
> 
>         My comment is about the IWF which is needed to allow an UPnP Control
> Point to interact with a PCP server.
> 
>         >
>         >    464XLAT requirements:
>         >
>         >    464XLAT-1:  The CE Router MUST perform IPv4 Network Address
>         >                Translation (NAT) on IPv4 traffic translated using
> the
>         >                CLAT, unless a dedicated /64 prefix has been
> acquired
>         >                using DHCPv6-PD [RFC3633] (IPv6 Prefix Options for
>         >                DHCPv6).
>         >
>         >    464XLAT-2:  The CE Router MUST support PCP [RFC6887] (Port
> Control
>         >                Protocol), for explicit control over NAT64 mappings.
> 
>         [Med] This one should be removed since it overlaps with W-6 in 7084.
> 
>         >
>         >    464XLAT-3:  The CE Router MUST implement [RFC7050] (Discovery of
> the
>         >                IPv6 Prefix Used for IPv6 Address Synthesis) in
> order to
>         >                discover the PLAT-side translation IPv4 and IPv6
>         >                prefix(es)/suffix(es).  The CE Router MUST follow
>         >                [RFC7225] (Discovering NAT64 IPv6 Prefixes Using the
>         >                PCP), in order to learn the PLAT-side translation
> IPv4
>         >                and IPv6 prefix(es)/suffix(es) used by an upstream
> PCP-
>         >                controlled NAT64 device.
>         >
>         >
>         > But I now realice that it should be added as well to the DS-Lite
> section, as
>         > it was not present in RFC7084. This is what I've right now:
>         >
>         >   DS-Lite requirements:
>         >
>         >    DSLITE-1:  The IPv6 CE router MUST support configuration of DS-
> Lite
>         >               via the DS-Lite DHCPv6 option [RFC6334] (DHCPv6
> Option for
>         >               Dual-Stack Lite).  The IPv6 CE router MAY use other
>         >               mechanisms to configure DS-Lite parameters.  Such
>         >               mechanisms are outside the scope of this document.
>         >
>         >    DSLITE-2:  The IPv6 CE router MUST NOT perform IPv4 Network
> Address
>         >               Translation (NAT) on IPv4 traffic encapsulated using
> DS-
>         >               Lite.
>         >
>         >
>         > So just to make sure, you mean to add also to both, 464LAT and DS-
> LITE also a
>         > MUST for RFC6970 ?
> 
>         [Med] Yes, I'd like to add an item for the IWF, not the PCP Client
> functionality.
> 
>         >
>         > We have a new section with this text suggested by Richard:
>         >
>         > 5.  UPnP IGD-PCP IWF Support
>         >
>         >    UPnP MAY be enabled on the CE Router for stateless mechanisms
> that
>         >    forward unsolicited inbound packets through to the CE.  If UPnP
> is
>         >    enabled, the agent MUST reject any port mapping requests for
> ports
>         >    outside of the range(s) allocated to the CE Router.
>         >
>         >    UPnP SHOULD be disabled for stateful mechanisms that do not
> forward
>         >    unsolicited inbound packets to the CE Router, unless implemented
> in
>         >    conjunction with a method to control the external port mapping,
> such
>         >    as IGD-PCP IWF [RFC6970] (UPnP Internet Gateway Device - Port
> Control
>         >    Protocol Interworking Function).
>         >
> 
>         [Med] this text does not recommend implementing the IWF.
> 
>         >
>         > Regards,
>         > Jordi
>         >
>         >
>         > -----Mensaje original-----
>         > De: <mohamed.boucadair@orange.com>
>         > Fecha: viernes, 27 de abril de 2018, 7:26
>         > Para: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>, V6 Ops
> List
>         > <v6ops@ietf.org>
>         > Asunto: RE: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
>         >
>         >     Hi Jordi,
>         >
>         >     As you are on it, and given the IETF recommendation in RFC6888:
>         >
>         >        REQ-9:  A CGN MUST implement a protocol giving subscribers
> explicit
>         >           control over NAT mappings.  That protocol SHOULD be the
> Port
>         >           Control Protocol [RFC6887].
>         >
>         >     which would apply also to the PLAT, I suggest you add an item
> in the
>         > 464lat section to support RFC6970.
>         >
>         >     Cheers,
>         >     Med
>         >
>         >     > -----Message d'origine-----
>         >     > De : v6ops [mailto:v6ops-bounces@ietf.org] De la part de
> JORDI PALET
>         > MARTINEZ
>         >     > Envoyé : jeudi 26 avril 2018 21:41
>         >     > À : V6 Ops List
>         >     > Objet : Re: [v6ops] draft-palet-v6ops-transition-ipv4aas
> discussion
>         >     >
>         >     > Hi Richard,
>         >     >
>         >     > As I've moved sections 3 & 4 to the end of the document as
> annexes,
>         > I've
>         >     > added a new small section for UPnP with your text. I think
> this also
>         > helps to
>         >     > clarify one of the issues raised by Lee.
>         >     >
>         >     > I'm working on all this changes with my co-authors, and if we
> are good
>         > with
>         >     > them, we probably will submit the new version in a couple of
> days or
>         > so.
>         >     >
>         >     > Thanks!
>         >     >
>         >     > Regards,
>         >     > Jordi
>         >     >
>         >     >
>         >     > -----Mensaje original-----
>         >     > De: v6ops <v6ops-bounces@ietf.org> en nombre de Richard
> Patterson
>         >     > <richard@helix.net.nz>
>         >     > Fecha: miércoles, 25 de abril de 2018, 11:16
>         >     > Para: V6 Ops List <v6ops@ietf.org>
>         >     > Asunto: Re: [v6ops] draft-palet-v6ops-transition-ipv4aas
> discussion
>         >     >
>         >     >     Section 4 only briefly touches on UPnP, I'd like to
> propose that we
>         >     >     make a recommendation around its behaviour if it is
> enabled.
>         >     >
>         >     >     UPnP MAY be enabled on the IPv6 transition CE, for
> stateless
>         >     >     mechanisms that forward unsolicited inbound packets
> through to the
>         > CE.
>         >     >     If UPnP is enabled, the agent MUST reject any port
> mapping requests
>         >     >     for ports outside of the range(s) allocated to the IPv6
> transition
>         > CE.
>         >     >
>         >     >     UPnP SHOULD be disabled for stateful mechanisms that do
> not forward
>         >     >     unsolicited inbound packets to the CE, unless implemented
> in
>         >     >     conjunction with a method to control the external port
> mapping,
>         > such
>         >     >     as IGD-PCP IWF [RFC6970].
>         >     >
>         >     >     -Richard
>         >     >
>         >     >
>         >     >     On 25 April 2018 at 01:38, Fred Baker
> <fredbaker.ietf@gmail.com>
>         > wrote:
>         >     >     >
>         >     >     >
>         >     >     >> On Apr 24, 2018, at 12:13 PM, STARK, BARBARA H
> <bs7652@att.com>
>         > wrote:
>         >     >     >>
>         >     >     >> But that doesn't mean I believe the draft has exactly
> the right
>         > set of
>         >     > features included. My understanding of "adoption" is that it
> is still
>         >     > possible post-adoption to discuss whether specific features /
>         > requirements do
>         >     > or don't belong. If the precise set of features and
> requirements must
>         > be
>         >     > agreed upon prior to adoption, then I would not be in support
> of
>         > adoption.
>         >     > Hopefully we aren't setting the bar that high?
>         >     >     >
>         >     >     > I understand "adoption as a working group draft" to
> mean that the
>         >     > working group has agreed to work on the draft. There are some
> working
>         > groups
>         >     > that seem to confuse "adoption as a work group draft" with
> "agreement
>         > to send
>         >     > it to the IESG"; I don't, but expect conversation in between
> those two
>         >     > events.
>         >     >     >
>         >     >     > That said, I'd like to believe that the draft is pretty
> close,
>         > and that
>         >     > changes that need to be made to it will have text offered by
> the people
>         > that
>         >     > want them. So - keep your cards and letters coming...
>         >     >     >
>         >     >     > _______________________________________________
>         >     >     > v6ops mailing list
>         >     >     > v6ops@ietf.org
>         >     >     > https://www.ietf.org/mailman/listinfo/v6ops
>         >     >     >
>         >     >
>         >     >     _______________________________________________
>         >     >     v6ops mailing list
>         >     >     v6ops@ietf.org
>         >     >     https://www.ietf.org/mailman/listinfo/v6ops
>         >     >
>         >     >
>         >     >
>         >     >
>         >     > **********************************************
>         >     > IPv4 is over
>         >     > Are you ready for the new Internet ?
>         >     > http://www.consulintel.es
>         >     > The IPv6 Company
>         >     >
>         >     > This electronic message contains information which may be
> privileged or
>         >     > confidential. The information is intended to be for the
> exclusive use
>         > of the
>         >     > individual(s) named above and further non-explicilty
> authorized
>         > disclosure,
>         >     > copying, distribution or use of the contents of this
> information, even
>         > if
>         >     > partially, including attached files, is strictly prohibited
> and will be
>         >     > considered a criminal offense. If you are not the intended
> recipient be
>         > aware
>         >     > that any disclosure, copying, distribution or use of the
> contents of
>         > this
>         >     > information, even if partially, including attached files, is
> strictly
>         >     > prohibited, will be considered a criminal offense, so you
> must reply to
>         > the
>         >     > original sender to inform about this communication and delete
> it.
>         >     >
>         >     >
>         >     >
>         >     > _______________________________________________
>         >     > v6ops mailing list
>         >     > v6ops@ietf.org
>         >     > https://www.ietf.org/mailman/listinfo/v6ops
>         >
>         >
>         >
>         >
>         > **********************************************
>         > IPv4 is over
>         > Are you ready for the new Internet ?
>         > http://www.consulintel.es
>         > The IPv6 Company
>         >
>         > This electronic message contains information which may be
> privileged or
>         > confidential. The information is intended to be for the exclusive
> use of the
>         > individual(s) named above and further non-explicilty authorized
> disclosure,
>         > copying, distribution or use of the contents of this information,
> even if
>         > partially, including attached files, is strictly prohibited and
> will be
>         > considered a criminal offense. If you are not the intended
> recipient be aware
>         > that any disclosure, copying, distribution or use of the contents
> of this
>         > information, even if partially, including attached files, is
> strictly
>         > prohibited, will be considered a criminal offense, so you must
> reply to the
>         > original sender to inform about this communication and delete it.
>         >
>         >
>         >
>         > _______________________________________________
>         > v6ops mailing list
>         > v6ops@ietf.org
>         > https://www.ietf.org/mailman/listinfo/v6ops
> 
> 
> 
> 
> 
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.consulintel.es
> The IPv6 Company
> 
> This electronic message contains information which may be privileged or
> confidential. The information is intended to be for the exclusive use of the
> individual(s) named above and further non-explicilty authorized disclosure,
> copying, distribution or use of the contents of this information, even if
> partially, including attached files, is strictly prohibited and will be
> considered a criminal offense. If you are not the intended recipient be aware
> that any disclosure, copying, distribution or use of the contents of this
> information, even if partially, including attached files, is strictly
> prohibited, will be considered a criminal offense, so you must reply to the
> original sender to inform about this communication and delete it.
> 
> 
> 
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops