IETF Logo Mail Archive

Re: [v6ops] Are we competitive?

Gábor LENCSE <lencse@hit.bme.hu> Wed, 10 August 2022 11:01 UTC

Return-Path: <lencse@hit.bme.hu>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F2F1C157B54 for <v6ops@ietfa.amsl.com>; Wed, 10 Aug 2022 04:01:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NsOd0uCxa0ZX for <v6ops@ietfa.amsl.com>; Wed, 10 Aug 2022 04:01:34 -0700 (PDT)
Received: from frogstar.hit.bme.hu (frogstar.hit.bme.hu [IPv6:2001:738:2001:4020::2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F01BC14F74B for <v6ops@ietf.org>; Wed, 10 Aug 2022 04:01:32 -0700 (PDT)
Received: from [192.168.1.120] (host-79-121-42-174.kabelnet.hu [79.121.42.174]) (authenticated bits=0) by frogstar.hit.bme.hu (8.15.2/8.15.2) with ESMTPSA id 27AB1JZ5086927 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <v6ops@ietf.org>; Wed, 10 Aug 2022 13:01:25 +0200 (CEST) (envelope-from lencse@hit.bme.hu)
X-Authentication-Warning: frogstar.hit.bme.hu: Host host-79-121-42-174.kabelnet.hu [79.121.42.174] claimed to be [192.168.1.120]
Message-ID: <47d37ba4-840d-8948-84f4-be1a2a51a243@hit.bme.hu>
Date: Wed, 10 Aug 2022 13:01:15 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.12.0
Content-Language: en-US
To: v6ops@ietf.org
References: <e4a35f0c-757a-aefa-c211-05b6015a4215@gmail.com> <YuJXbruluDmzF3RD@Space.Net> <ec68b29c62034d3e98adec9c5da45ff3@huawei.com> <25e4f9e4-e055-241c-7047-97dca8b09cc8@gmail.com> <3c35a91af90d4b82af724e7ce98378d3@huawei.com> <CAE=N4xcPq3CB5DDjPOk3oAqBfpJRebhXsFExSEAX_Yr3_XsSUg@mail.gmail.com> <97662d43-7daa-191c-792b-49a626fb9769@gmail.com> <CAM5+tA_w9n2=cXc=mgsr8iOx2rndAWgPhnoNBs4UQnJd3gJxNA@mail.gmail.com> <CADzU5g4mSqqVXE9ppe1U=dMM59GUPviArL_5tiQe0yxm-YZrgw@mail.gmail.com> <CAM5+tA9tOGuy8scXStxOTzWOwG_zvDHx4Hi5CwkGiYmzNLOvqw@mail.gmail.com> <CAPt1N1neKi_8A=WQz44vsO9nywmfCjXhiWrDMuhaFFTHvj_g7A@mail.gmail.com> <CAM5+tA-hse1OoVT_R90u76GpF8ZSW7PaGhXP4V6UbT4Xe8=BFg@mail.gmail.com> <CADzU5g6q=PL+yaijHZvgTz9F7ePUtdAgPCv-3Qmf0vNS4mZENQ@mail.gmail.com> <40a92b22-eeee-c359-3c50-e9ba51375364@gmail.com> <6f2e674aa8b3417983fe43435761d331@huawei.com>
From: Gábor LENCSE <lencse@hit.bme.hu>
In-Reply-To: <6f2e674aa8b3417983fe43435761d331@huawei.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.103.6 at frogstar.hit.bme.hu
X-Virus-Status: Clean
Received-SPF: pass (frogstar.hit.bme.hu: authenticated connection) receiver=frogstar.hit.bme.hu; client-ip=79.121.42.174; helo=[192.168.1.120]; envelope-from=lencse@hit.bme.hu; x-software=spfmilter 2.001 http://www.acme.com/software/spfmilter/ with libspf2-1.2.10;
X-DCC--Metrics: frogstar.hit.bme.hu; whitelist
X-Scanned-By: MIMEDefang 2.79 on 152.66.248.44
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/7P6aAF5yL5rTKiEVE_Kbar0RK3Y>
Subject: Re: [v6ops] Are we competitive?
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Aug 2022 11:01:38 -0000

Dear Eduard,

TAYGA is a stateless NAT64 implementation. We use it for educational 
purposes: we demonstrate stateful NAT64 using TAYGA (stateless NAT64) + 
iptables (stateful NAT44). We use it because it is easy to configure and 
everything can be easily observed and debugged (unlike with the much 
more powerful Jool stateful NAT64 solution).

However, I would not recommend TAYGA for ISP-s due to performance 
issues. (It works in userspace and it is not able to utilize more than a 
single CPU core.)

Best regards,

Gábor


8/10/2022 12:12 PM keltezéssel, Vasilenko Eduard írta:
> Hi Soni,
> I do not understand how your comment is relevant to NAT66.
>
> If the source traffic is private IPv4 then indeed we need stateful translation somewhere.
> lw4o6 and MAP-E/T prefer to do the stateful translation on the client.
> DS-Lite, 464XLAT, and DS-Lite prefer to do the stateful translation on the CGNAT.
> NAT66 requirement is not visible in any translation RFC.
>
> Sorry, I am not familiar with TAYGA implementation.
> And could not guess which one RFC it breaks.
> Eduard
> -----Original Message-----
> From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Soni "They/Them" L.
> Sent: Wednesday, August 10, 2022 12:49 AM
> To: v6ops@ietf.org
> Subject: Re: [v6ops] Are we competitive?
>
>
>
> On 2022-08-09 18:16, Clark Gaylord wrote:
>> That there are commercial NAT66 offerings is less compelling. Vendors
>> frequently want you to do bad things. NAT66 suffers from the same
>> problem as NAT44 -- there is no exit strategy. NAT64 is specifically a
>> *transition* technology and over time there is less and less NAT.
>>
> how do you make it so e.g. TAYGA uses the same client IP(v4) for all CLATs without NAT66, i.e. without mapping IPv6 addresses to a single canonical, internal IPv6 address (maybe [::1]) for TAYGA to use?
>
> since TAYGA is stateless, it wants to map single IPv6 to single IPv4.
> "true" NAT64 using the DS-Lite range requires the use of NAT66 + TAYGA, otherwise you have to use 1918 (or, alternatively, CGNAT addresses) +
> NAT44 + TAYGA.
>
> (still trying to see if this works, haven't had the time to play with it... still annoyed at the lack of out-of-box linux distro 464XLAT support also.)
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email