Re: [v6ops] IPREF as a transitioning tool

"Soni \"They/Them\" L." <fakedme+ipv6@gmail.com> Sun, 12 November 2023 11:34 UTC

Return-Path: <fakedme+ipv6@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 570D3C1705FB for <v6ops@ietfa.amsl.com>; Sun, 12 Nov 2023 03:34:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.858
X-Spam-Level:
X-Spam-Status: No, score=-6.858 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q_PcxqM8Fpkw for <v6ops@ietfa.amsl.com>; Sun, 12 Nov 2023 03:34:37 -0800 (PST)
Received: from mail-oi1-x234.google.com (mail-oi1-x234.google.com [IPv6:2607:f8b0:4864:20::234]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DE3EC1705F4 for <v6ops@ietf.org>; Sun, 12 Nov 2023 03:34:37 -0800 (PST)
Received: by mail-oi1-x234.google.com with SMTP id 5614622812f47-3b6cfc62514so997896b6e.0 for <v6ops@ietf.org>; Sun, 12 Nov 2023 03:34:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1699788876; x=1700393676; darn=ietf.org; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :sender:from:to:cc:subject:date:message-id:reply-to; bh=w+qSywS0YkD1zE5IOlaop5jkwlhJEqsj8C2MtZOMz44=; b=gqxDjEJA+LYhZTuTCNA/Qh9wbV9+Jb30MU84q3/deA5W7xu9oUmRfCItQgxpFIvjVG mdV7hrTv4xMhnsRMfYfm8QCFrO+qcCnK0xy9LV0UD8fGGT6kxXET4C4/vLAcUtyQcivX sWyaN6MXCEGW01/cGVqd6DdVqdh0NnMTKal+jFg+RTcjmPfn/o0P0yheRsNDFxEo9EL1 8df6WY+MYpHCheVgQEaBTjn2POpq9M0+f+BlwsaSPl1/x+XmCJp/o43GzPzzN0o7NK17 kHCaMM4eGC6J/gQnXNSy1GZ9VQLwhuLxAnppFuDtD6Uk86nIfglz85b4qFP64JQuRJl0 Y1tw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699788876; x=1700393676; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :sender:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=w+qSywS0YkD1zE5IOlaop5jkwlhJEqsj8C2MtZOMz44=; b=PuNd/+yXCXVm4k/B1xJsB6Ekp/nGz+aScOKMO+YmroaTF0fepXfdIZ7VEyu5phSD6n ptQ0xNzX6uc5m9Q4PBD09eIBCymjOvELYdiE0SadNmXPZLoktVAoJQBfoz498O7P5UJh gm8+bMyZ48rp+zBAgjpjYVXyNj5hopLfB7YepBntIHciHidVDtaZQZCVLss3Aad87hac jQqxkyMtkjizs8KCt20BF27HOE3oFDe5hONOR3jNkqbjN7eLil2uueWgx2hKU63kC/+N PIQgZCmOvQht+m61aTdK1XGfBwUUaD+ReZRzqi6i8TaT+1hsxd3xwWo80+++CWBXrqI0 uGxQ==
X-Gm-Message-State: AOJu0YxoBggTSFnHT3ErQ8DyJo3TMY59lb6TVU8Tyx8zqN0k/QphRk7S xG3ynjQ7oGX1MK8+SaOHQyY=
X-Google-Smtp-Source: AGHT+IGrmxP4NHJ5pplEXU9cCPc/eNVMpE8+pwszU5mzwpJifgEqDlxQcPk+HORYq/colHOSXmpNjw==
X-Received: by 2002:a05:6808:1442:b0:3b6:a812:4fa0 with SMTP id x2-20020a056808144200b003b6a8124fa0mr1973013oiv.24.1699788876192; Sun, 12 Nov 2023 03:34:36 -0800 (PST)
Received: from ?IPV6:2804:431:cfcd:5af6::536f:6e69? ([2804:431:cfcd:5af6::536f:6e69]) by smtp.googlemail.com with ESMTPSA id f8-20020a05680807c800b003ae5cb55513sm503755oij.38.2023.11.12.03.34.35 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 12 Nov 2023 03:34:35 -0800 (PST)
Sender: "Soni L." <fakedme@gmail.com>
Message-ID: <fda716cb-b037-4de4-a3f7-cde6c1a99168@gmail.com>
Date: Sun, 12 Nov 2023 08:34:32 -0300
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: Gert Doering <gert@space.net>
Cc: v6ops@ietf.org
References: <1964267.2dr1X8vxzf@asclepius.adm.tul.cz> <9f1eede1-ab65-0b52-4cda-58d305544b4c@wdmsys.com> <07bb6f08-188a-4ecb-8327-7db4221845c6@tul.cz> <e61d1472-03c4-c537-c81d-903264c976a4@wdmsys.com> <ZVCkrRYy9ggE_ypf@Space.Net> <bae285c5-9d8a-4f72-b278-fed92d6cab75@gmail.com> <ZVCqn0Sd7kDggAbP@Space.Net> <4db34850-54b1-4f3a-8403-615572216e46@gmail.com> <ZVC0l_Mivbyggxur@Space.Net> <aa2dec60-0ec3-4b16-9931-ed3cc9bfb608@gmail.com> <ZVC2dEOzc4N9lhJj@Space.Net>
From: "Soni \"They/Them\" L." <fakedme+ipv6@gmail.com>
In-Reply-To: <ZVC2dEOzc4N9lhJj@Space.Net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/AaZh2wSRaU_7IkivqrWb6NBw7j8>
Subject: Re: [v6ops] IPREF as a transitioning tool
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Nov 2023 11:34:39 -0000


On 2023-11-12 08:26, Gert Doering wrote:
> Hi,
>
> On Sun, Nov 12, 2023 at 08:23:03AM -0300, Soni "They/Them" L. wrote:
> > > So, asking again - why do you think it would be beneficial if the server
> > > had to care?
> > 
> > Because DNS64 is a crime (sometimes literally, but often at least breach of
> > contract, because it breaks DNSSEC) and 464XLAT lets you avoid it. And on a
> > server, you might wanna run NixOS, which depends on github and that's still
> > IPv4-only.
>
> ok, I understand your use-case.  I'd still go for "no IPv4 anywhere near
> my servers" - and DNS64 synthesis from a local (and trusted) resolver that
> honours upstream DNSSEC is just fine in my book.
>
> Removing avoidable code and configuration complexity from servers is a plus -
> "perfection has been reached when there is nothing left to take away",
> not when every possible variant has been added.

We mean we still think moving the CLAT to libc would be a good idea. 
Because, yeah, remove that in-kernel IPv4 stack. Why should we need it?

(Moving the CLAT to libc also has an obvious solution to the whole "what 
does binding to IPv6 do with IPv4" issue around IPv4-mapped IPv6 that 
eventually led to the IPV6_V6ONLY socket option. And it's far more 
flexible about which interfaces/addresses to accept both IPv6 and IPv4 
connections on, if you ever wanted multiple IPv4s on the same server for 
some reason.)

>
> Gert Doering
>          -- NetMaster