Re: [v6ops] Incremental Deployment of IPv6-only Wi-Fi for IETF Meetings

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Mon, 17 July 2017 11:32 UTC

Return-Path: <prvs=13714351ed=jordi.palet@consulintel.es>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAA131318A8 for <v6ops@ietfa.amsl.com>; Mon, 17 Jul 2017 04:32:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es; domainkeys=pass (1024-bit key) header.from=jordi.palet@consulintel.es header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ioy5_u3Lq1f0 for <v6ops@ietfa.amsl.com>; Mon, 17 Jul 2017 04:32:44 -0700 (PDT)
Received: from mail.consulintel.es (mail.consulintel.es [217.126.185.215]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B05781288B8 for <v6ops@ietf.org>; Mon, 17 Jul 2017 04:32:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1500291162; x=1500895962; q=dns/txt; h=DomainKey-Signature: Received:User-Agent:Date:Subject:From:To:Message-ID:Thread-Topic: References:In-Reply-To:Mime-version:Content-type: Content-transfer-encoding:Reply-To; bh=41Dek7i8YLdCXpP7FFZMDh9Xw CrpoxC5z8qayZOPjs4=; b=JfSzY/Odb+Nl4cqG5OXWFsXTiATnnjIrvdXQUf+7a 3025QeuTXaH6MyMHSQ4LOAs5/mR4K/SwANCiAo/0tvT5zZEiz0z+syyPePHi9DX8 fVRQyvmblJfBwqu3vhC6yTlZ5i1wroD1z4EmGeoRdSlI5qD5azE45zDlgsrCVGRa JM=
DomainKey-Signature: a=rsa-sha1; s=MDaemon; d=consulintel.es; c=simple; q=dns; h=from:message-id; b=Z/+p6VDwdZI2FwVo4d42RNnMB034BhpevWHk3MRVVKm2NTbyJLl4H7MFM4u+ NvKDWnJ0142r9ncVdaP6D60CB1zX1300r6eF3T/M3B/J7fApkCgXSzZmI c/tFqNLvor3GbNwce3gTrjO+lRNq4FtwBJ4ZXspVPOflFmg7KaLk8E=;
X-MDAV-Processed: mail.consulintel.es, Mon, 17 Jul 2017 13:32:42 +0200
X-Spam-Processed: mail.consulintel.es, Mon, 17 Jul 2017 13:32:41 +0200
Received: from [31.133.142.45] by mail.consulintel.es (MDaemon PRO v11.0.3) with ESMTP id md50005478404.msg for <v6ops@ietf.org>; Mon, 17 Jul 2017 13:32:39 +0200
X-MDOP-RefID: re=0.000,fgs=0 (_st=1 _vt=0 _iwf=0)
X-Authenticated-Sender: jordi.palet@consulintel.es
X-HashCash: 1:20:170717:md50005478404::B8q5ckFFqi1YJk7J:0000Cb1j
X-MDRemoteIP: 31.133.142.45
X-Return-Path: prvs=13714351ed=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: v6ops@ietf.org
User-Agent: Microsoft-MacOutlook/f.24.0.170702
Date: Mon, 17 Jul 2017 13:32:35 +0200
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: IPv6 Ops WG <v6ops@ietf.org>
Message-ID: <1EA41531-B9F2-481B-BD59-8925DF84B49E@consulintel.es>
Thread-Topic: [v6ops] Incremental Deployment of IPv6-only Wi-Fi for IETF Meetings
References: <7643C1DC-76A3-4652-9BB1-D0D42801F37E@consulintel.es> <CAEqgTWYOe=jWp=zVZNLx6DjKjNpPTYaq2jmjryudrGZHKZNq6g@mail.gmail.com> <A5D0385C-F755-4B44-86D8-6E618E77193F@consulintel.es> <CAPt1N1kroh2cPkTr8HRfNjLTdG0hkC1oQsUZdhQzQA5tA9-xug@mail.gmail.com> <9AF791E9-1E12-425E-93A4-2913E2D18CBA@consulintel.es> <CAPt1N1kU4cpVCsp7W3XNAZupYqjTWVH+BNp9bwtznnWD_uP2oQ@mail.gmail.com> <CAEqgTWZzZW0wKggDXjY=-aMfDxzd5-GoRqju1829XwY3aHQuYg@mail.gmail.com> <0FAF1E05-DA4B-47BF-95F7-7EFCD1BED9B0@cable.comcast.com> <42188852-BBEB-4D75-967F-4BED79BBBCAE@consulintel.es> <20170717105929.5a6b7997@echo.ms.redpill-linpro.com> <56F96ACC-E55F-4C07-94D9-C3BE511836B1@apple.com> <D0BB59E5-90DB-4930-92B3-6AC7E0AF7391@consulintel.es> <20170717120436.598ca19e@echo.ms.redpill-linpro.com> <AC20C61D-5F52-451E-A626-B6CBF9E42773@consulintel.es> <CAPt1N1naJ16ot_jqdgDsGU7h9AjiONk-dN+wnO=uWxak0rZA4Q@mail.gmail.com>
In-Reply-To: <CAPt1N1naJ16ot_jqdgDsGU7h9AjiONk-dN+wnO=uWxak0rZA4Q@mail.gmail.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Reply-To: jordi.palet@consulintel.es
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/6cdikx1YFhNr9F1GXp-pX9AtHv0>
Subject: Re: [v6ops] Incremental Deployment of IPv6-only Wi-Fi for IETF Meetings
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jul 2017 11:32:46 -0000

Responding also to Gert.

I just tried again, no need to upgrade the client or server, as both of them were running the latest available versions.

As you said, it is a “strange” configuration “language”. Even if you don’t have the server with IPv6, it needs to be enabled in both sides to work thru a NAT64.

Of course, this means we “thechies” find the work around with some help from others that already suffered the problem, but a regular user not. If we were running CLAT, it just works and the most important, we get it reported/logged automatically, which is what I’m insisting on.

However …. I’m still on the ietf-nat64 and Outlook (last release 15.36) for Mac refuses to send this message. I need to turn to another SSID to keep working thru the meeting. This is what we want?

Regards,
Jordi
 

-----Mensaje original-----
De: Ted Lemon <mellon@fugue.com>
Responder a: <mellon@fugue.com>
Fecha: lunes, 17 de julio de 2017, 12:27
Para: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
CC: IPv6 Ops WG <v6ops@ietf.org>
Asunto: Re: [v6ops] Incremental Deployment of IPv6-only Wi-Fi for IETF Meetings

    OpenVPN requires that the client be configured to use either IPv4 or IPv6.   If you configure the client to use IPv6, it will work just fine through NAT64 to an IPv4 OpenVPN server.   This is an unfortunate limitation of OpenVPN; the maintainers are aware of it, but apparently it's not a priority to fix. :(
    
    On Mon, Jul 17, 2017 at 12:23 PM, JORDI PALET MARTINEZ <jordi.palet@consulintel.es> wrote:
    
    Using latest version, both at the server and client. I will check later what specific version on both sides, but they are using >2.4.2 for sure.
    
    Regards,
    Jordi
    
    
    -----Mensaje original-----
    De: Tore Anderson <tore@fud.no>
    Responder a: <tore@fud.no>
    Fecha: lunes, 17 de julio de 2017, 12:04
    Para: <jordi.palet@consulintel.es>
    CC: <v6ops@ietf.org>
    Asunto: Re: [v6ops] Incremental Deployment of IPv6-only Wi-Fi for IETF Meetings
    
        * JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
    
        > I’ve investigated this with OpenVPN right now using the ietf-nat64
        > SSID.
        >
        > The remote OpenVPN server is IPv4-only, has a domain name (so not
        > using literals), however, it seems the name is resolved to the
        > IPv4-only address (maybe not using Apple Sierra OS – latest version-
        > all updated- system APIs), so it fails to work with the NAT64.
    
        Which OpenVPN version is this? If you're not running v2.4.0 or newer,
        try upgrading. I believe this this have improved there, cf.
        https://github.com/OpenVPN/openvpn/blob/release/2.4/Changes.rst:
    
        [...]
    
          Dualstack round-robin DNS client connect
            Instead of only using the first address of each --remote OpenVPN
            will now try all addresses (IPv6 and IPv4) of a --remote entry.
    
        [...]
    
          * proto udp and proto tcp now use both IPv4 and IPv6. The new options
            proto udp4 and proto tcp4 use IPv4 only.
    
        Tore
    
    
    
    
    **********************************************
    IPv4 is over
    Are you ready for the new Internet ?
    http://www.consulintel.es
    The IPv6 Company
    
    This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.
    
    
    
    _______________________________________________
    v6ops mailing list
    v6ops@ietf.org
    https://www.ietf.org/mailman/listinfo/v6ops
    
    
    
    
    
    
    
    





**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.