IETF Logo Mail Archive

Re: [v6ops] Are we competitive?

Clark Gaylord <cgaylord@vt.edu> Sat, 13 August 2022 00:28 UTC

Return-Path: <cgaylord@vt.edu>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96AB5C159485 for <v6ops@ietfa.amsl.com>; Fri, 12 Aug 2022 17:28:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.905
X-Spam-Level:
X-Spam-Status: No, score=-6.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=vt-edu.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NxsCUBNXHvVW for <v6ops@ietfa.amsl.com>; Fri, 12 Aug 2022 17:28:51 -0700 (PDT)
Received: from mail-io1-xd2b.google.com (mail-io1-xd2b.google.com [IPv6:2607:f8b0:4864:20::d2b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F635C157B58 for <v6ops@ietf.org>; Fri, 12 Aug 2022 17:28:50 -0700 (PDT)
Received: by mail-io1-xd2b.google.com with SMTP id q124so2054444iod.3 for <v6ops@ietf.org>; Fri, 12 Aug 2022 17:28:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vt-edu.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=5MV8JDNkoYfMDzr+t4E9uBjeQ1RcWBu+rT4m3WGRpYs=; b=Zm4MAvIk7d0guyqG6AyZe0XltifHymUjzcP34fqOtZprhOfIzkxc58+NW0l/FXyN2q h5sxfV4AB5rP9fU6m4dSLjZ47+IHVE9r2LMlU73mGHKi0ZNKlaUTKf4+2fFCQaoT8DEx Jv1oTWGSCT6u34AVU6mQ2XBMCY83tO1qP1+79qLeMKWTeHweGq4CQZw6uPqx+5j/ZFWc sRC9zYZeaHrgrKB0TapxGLzVs38Y0xgokS4JUQ4SgrIUtt9lfOB7aOelUicl9nO2pdeS l7TpKWczOp6dQNraKo1S+hGjWbsHiis4AOX6duR3oYEOnRKadj0w8KlY/JJnxLiprxoZ aWnw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=5MV8JDNkoYfMDzr+t4E9uBjeQ1RcWBu+rT4m3WGRpYs=; b=nVvyua2ok9YPVo978XBUanFhQLjVHYj+AytXFPWdHZGs+tNbiEbgW2olTG8DgCuEeK cAVvx3QI9kekcQVQLo33zMm6ljmV8IrVGYs6L69rZOMwn4kZWdAwOZJjnO3rODlI/LwF u2arVENjWnrOgyAfV7G6ANZMzxtVZr0kYqXn5GKvRLMUbK2DsvHlO3uoRfIJHG+RwZdQ ETSOt+tpymCdFVwydDNGu32vvpo+p9TOgHaxwRJhbPsS0SzTIjT7H9Z3F6TVarfZEPFW r0EGf2n5oNYk83BL9KFpbVJT5UJMuuxL/R2tHnEhtUWXgsBPbk1rNZbHUqCzOvaXZsgu jJtQ==
X-Gm-Message-State: ACgBeo3h0VLPW67/uwwIwldVoXy0BakKO18FqQqNWkYCFVqakQ/h/Hef 7uh+6AW/2UME2nmBcJKq1/mPM61nXPnrxuFlG2D1dt/967M=
X-Google-Smtp-Source: AA6agR64bQoloDF0AfBd+Pzpc8/QgohaygmhpoK8iVsKgYolL6IDpUvi5csqRnxDRJurIkHNHR4IbfZGs4NxP5anK4U=
X-Received: by 2002:a05:6638:149:b0:342:d201:5eb3 with SMTP id y9-20020a056638014900b00342d2015eb3mr3056845jao.170.1660350529755; Fri, 12 Aug 2022 17:28:49 -0700 (PDT)
MIME-Version: 1.0
References: <e4a35f0c-757a-aefa-c211-05b6015a4215@gmail.com> <YuJXbruluDmzF3RD@Space.Net> <ec68b29c62034d3e98adec9c5da45ff3@huawei.com> <25e4f9e4-e055-241c-7047-97dca8b09cc8@gmail.com> <3c35a91af90d4b82af724e7ce98378d3@huawei.com> <CAE=N4xcPq3CB5DDjPOk3oAqBfpJRebhXsFExSEAX_Yr3_XsSUg@mail.gmail.com> <97662d43-7daa-191c-792b-49a626fb9769@gmail.com> <CAM5+tA_w9n2=cXc=mgsr8iOx2rndAWgPhnoNBs4UQnJd3gJxNA@mail.gmail.com> <CADzU5g4mSqqVXE9ppe1U=dMM59GUPviArL_5tiQe0yxm-YZrgw@mail.gmail.com> <CAM5+tA9tOGuy8scXStxOTzWOwG_zvDHx4Hi5CwkGiYmzNLOvqw@mail.gmail.com> <9687af1f59a6492f8353ade4d920fa95@huawei.com> <CAM5+tA8UF-3ZHkE0npZ0r5sDQ+FudTSPhpWns1BsPCk=NecX+Q@mail.gmail.com> <7e4606c4534c49a593863bda870b6e63@huawei.com> <3f138b03-940a-e83a-6c6e-6039506b6e4b@gont.com.ar> <10f89b7cbe784881bd22b4af81577aa6@huawei.com> <CAN-Dau0nz0TouDnz5pei0MCmTzSbP8q+gHLx1m0sxX0hsuPX3w@mail.gmail.com> <b9f33aa499b043bb90ff926731db9739@huawei.com>
In-Reply-To: <b9f33aa499b043bb90ff926731db9739@huawei.com>
From: Clark Gaylord <cgaylord@vt.edu>
Date: Fri, 12 Aug 2022 20:28:34 -0400
Message-ID: <CADzU5g5OEE2wXuawv0qB0N+vB5tc_0eKbwho4hsfk2LDFyNgrw@mail.gmail.com>
To: Vasilenko Eduard <vasilenko.eduard=40huawei.com@dmarc.ietf.org>
Cc: David Farmer <farmer=40umn.edu@dmarc.ietf.org>, IPv6 Operations <v6ops@ietf.org>, Fernando Gont <fernando@gont.com.ar>
Content-Type: multipart/alternative; boundary="000000000000877b5505e6147b16"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/ApUHj7OHwWZyK306z8UutwnIsV0>
Subject: Re: [v6ops] Are we competitive?
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Aug 2022 00:28:54 -0000

I accept that NPT makes IPv6 native NAT somewhat more palatable. Like a
milk bath makes kidney more palatable, while still "[giving to your] palate
a fine tang of faintly scented urine."

Most people might have a somewhat coarser assessment of kidney, under any
circumstances,  making it an ideal analogy for NAT. I like kidney more than
NAT.

I do agree with Dave that IPv6 NAT warrants a mention, despite my emphasis
on the economy of the message, simply because of the preponderance of
legacy NAT in so much of the rank and file IT Professional's background.

c.f. James Joyce's Ulysses: "Mr Leopold Bloom ate with relish the inner
organs of beasts and fowls.... Most of all he liked grilled mutton kidneys
which gave to his palate a fine tang of faintly scented urine."
https://www.goodreads.com/quotes/22237-mr-leopold-bloom-ate-with-relish-the-inner-organs-of

--ckg

On Fri, Aug 12, 2022, 04:00 Vasilenko Eduard <vasilenko.eduard=
40huawei.com@dmarc.ietf.org> wrote:

> It is possible every time people talk about NAT to say
>
> “Yes for NAT, but the NPT flavor of NAT is better. It preserves ports and
> IID, hence it does not need logging and fewer interrupt applications. It is
> stateless, hence cheaper and scalable.”
>
>
>
> It is still possible that some extremely conservative person would insist
> on stateful translation.
> I hope the majority would agree to NPT. Then even conservative people
> would choose NPT because of the more popular solution.
>
>
>
> IMHO: it is doable to move the market to NPT.
>
> IMHO: it is NOT doable to cancel NAT completely.
>
> Ed/
>
> *From:* David Farmer [mailto:farmer=40umn.edu@dmarc.ietf.org]
> *Sent:* Thursday, August 11, 2022 2:59 PM
> *To:* Vasilenko Eduard <vasilenko.eduard@huawei.com>
> *Cc:* Fernando Gont <fernando@gont.com.ar>; IPv6 Operations <
> v6ops@ietf.org>; buraglio@es.net
> *Subject:* Re: [v6ops] Are we competitive?
>
>
>
> It may be evident to you and me, but it’s not necessary evident to
> everyone. Furthermore, you need to discuss NAT66, if you have any hope of
> showing that NPT is a superior solution to NAT66. The idea that NAT66 will
> go away if we just don’t talk about it, is utterly false.
>
>
>
> The point that I and others are trying to make is that NAT66 exists and it
> needs to be talked about. Do you, I, and most others in this conversation
> think there are better solutions in almost all cases, sure, but you don’t
> convince anyone else of that fact without discussing NAT66.
>
>
>
> Thanks.
>
>
>
> On Thu, Aug 11, 2022 at 04:54 Vasilenko Eduard <vasilenko.eduard=
> 40huawei.com@dmarc.ietf.org> wrote:
>
> Hi Fernnado,
> You are right that people are not always logical.
> But for the "NAT66 against NPT" the choice is evident.
> IMHO: It is possible to prove by logic.
> Let's try.
> If NAT is inevitable then let it better be NPT.
> Eduard
> -----Original Message-----
> From: Fernando Gont [mailto:fernando@gont.com.ar]
> Sent: Thursday, August 11, 2022 11:48 AM
> To: Vasilenko Eduard <vasilenko.eduard@huawei.com>; buraglio@es.net
> Cc: IPv6 Operations <v6ops@ietf.org>; Xipengxiao <xipengxiao@huawei.com>
> Subject: Re: [v6ops] Are we competitive?
>
> Hi, Eduard,
>
> On 11/8/22 04:46, Vasilenko Eduard wrote:
> > Hi Nick,
> >
> > If no use case for NAT66 specifically
> >
> > Then I propose never mentioning it again.
> >
> > For a few NAT cases that I have in mind (like MHMP environment)
> >
> > NPT is much better.
>
> Comparing NPT with NAT66 is a bit like comparing a steak with a burger.
>   People probably don't eat burgers over stakes because they are better,
> but rather because there are other properties that seem attractive -- e.g.
> "you know what you are getting", "tastes the same everywhere", "you're used
> to it", "it's fast", "you can probably buy it nearby", or the like (not
> necessarily prioritizing the same properties that other people might
> prioritize)
>
> In this case, any folk that can get his/her problem solved by solving it
> with what he/she already knows, with well understood properties, will
> probably do it that way.
>
> Example: I ran into a VPN deployment (access corporate stuff) where IPv4
> connectivity was RFC1918/NAT as expected, and where the v6 part was
> ULA/NAT66.
>
> * Did it solve the problem that it was meant to solve? - Yes
>
> * How would we have changed such deployment if NAT66 was removed? --
> Probably global IPv6 + a stateful (diode-like) firewall.
>
> The setup felt familiar to the network folks, and at the end of the day
> was acceptable for the security folk (me) -- "win"-"win"... so let's spend
> our time on a problem we actually had, or things that warranted more
> attention.
>
> Going back to the beef analogy: If you are into the meat business, you
> probably want folks to be able to pick among burgers and stakes, as opposed
> to go for, say, vegetables, because they can't get their quick-and-tasty
> burger. :-)
>
> P.S.: Apologies for the (possibly questionable) analogies ;-)
>
> Thanks,
> --
> Fernando Gont
> e-mail: fernando@gont.com.ar
> PGP Fingerprint: 7F7F 686D 8AC9 3319 EEAD C1C8 D1D5 4B94 E301 6F01
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>
> --
>
> ===============================================
> David Farmer               Email:farmer@umn.edu
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE        Phone: 612-626-0815
> Minneapolis, MN 55414-3029   Cell: 612-812-9952
> ===============================================
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>

v2.23.0 | Report a Bug | By Email