IETF Logo Mail Archive

Re: [v6ops] [BEHAVE] applications that break across NAT64

Iljitsch van Beijnum <iljitsch@muada.com> Thu, 23 September 2010 16:13 UTC

Return-Path: <iljitsch@muada.com>
X-Original-To: v6ops@core3.amsl.com
Delivered-To: v6ops@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B046A3A69B0; Thu, 23 Sep 2010 09:13:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.6
X-Spam-Level:
X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y34+R5cocBzq; Thu, 23 Sep 2010 09:13:23 -0700 (PDT)
Received: from sequoia.muada.com (unknown [IPv6:2001:1af8:2:5::2]) by core3.amsl.com (Postfix) with ESMTP id 830B43A697E; Thu, 23 Sep 2010 09:13:21 -0700 (PDT)
Received: from [IPv6:2001:720:410:100f:223:32ff:fec4:ba94] ([IPv6:2001:720:410:100f:223:32ff:fec4:ba94]) (authenticated bits=0) by sequoia.muada.com (8.13.3/8.13.3) with ESMTP id o8NGCOF9004248 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 23 Sep 2010 18:12:24 +0200 (CEST) (envelope-from iljitsch@muada.com)
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: text/plain; charset="us-ascii"
From: Iljitsch van Beijnum <iljitsch@muada.com>
In-Reply-To: <00b801cb5b33$ff186680$fd493380$@com>
Date: Thu, 23 Sep 2010 18:13:43 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <2AE7A9B6-1188-4B6B-A8E8-D683220485E8@muada.com>
References: <E1OybhE-000LHx-15@psg.com> <m2sk10iy7r.wl%randy@psg.com> <00b801cb5b33$ff186680$fd493380$@com>
To: Dan Wing <dwing@cisco.com>
X-Mailer: Apple Mail (2.1081)
Cc: IPv6 Ops WG <v6ops@ietf.org>, Behave WG <behave@ietf.org>
Subject: Re: [v6ops] [BEHAVE] applications that break across NAT64
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Sep 2010 16:13:27 -0000

On 23 sep 2010, at 17:28, Dan Wing wrote:

> Should that document describe the problem generally, or enumerate
> applications which break and which work?

The obvious place to start such a list would be with all applications that don't work through NAT. However, the problem is more subtle than that: applications that are running over IPv6 generally don't _try_ to work through NATs in the first place. NAT64 traversal will probably require special case logic or very high levels of IP version agnosticism, which aren't that common from my vantage point.

I'm not convinced though that the NAT64 is the place to solve this with an ALG. We had this discussion relating to FTP, and the rough consensus certainly pointed towards updating clients and/or servers. For instance, updating a SIP server so it understands that a client that appears to use IPv4 is actually on IPv6 is probably more productive than trying to fix this in an ALG. Especially as an ALG could easily end up ruining things for updated clients and servers that would otherwise be able to traverse the NAT64.

FTP is an interesting special case because it uses IPv4 literals in common situations but the actual value of those addresses can / should be ignored. In most protocols, ignoring is probably not the solution, making an ALG much harder to get to work.

v2.23.0 | Report a Bug | By Email