IETF Logo Mail Archive

Re: [v6ops] IPv6 mostly for DS-Lite

Ole Troan <otroan@employees.org> Fri, 22 March 2024 07:18 UTC

Return-Path: <otroan@employees.org>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD84AC151997 for <v6ops@ietfa.amsl.com>; Fri, 22 Mar 2024 00:18:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=employees.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d5n5XDBD5KMR for <v6ops@ietfa.amsl.com>; Fri, 22 Mar 2024 00:18:54 -0700 (PDT)
Received: from proxmox01.kjsl.com (proxmox01.kjsl.com [IPv6:2607:7c80:54:6::6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF8F6C15198C for <v6ops@ietf.org>; Fri, 22 Mar 2024 00:18:54 -0700 (PDT)
Received: from proxmox01.kjsl.com (localhost.localdomain [127.0.0.1]) by proxmox01.kjsl.com (Proxmox) with ESMTP id 53CD6E3561; Fri, 22 Mar 2024 07:18:54 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=employees.org; h=cc:cc:content-transfer-encoding:content-type:content-type :date:from:from:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=prox2023; bh=ds9F/UIxRh2i0kv4 JMWAnxWgAYZOTdun1elaZjI5DC4=; b=fOnhyb4KChG3/tqN6AMUiNpnRC03ssiw ygoh27siK0Z83hChDjOleQh6sG/uq25yS+VFcg2wSLS5ff9tBy0nsaU7LInpKNLC rnkKlkkqE/zoURWvtTQRaQFjrOOjZirUH4/dQoBBfN5pqH+YUoBhaYz3ulabAH0j 8ThRmUQDbc0Mnvz8YhN2OtENfKYVZBRBmTi3CCrMsfap2yfZ5F3XdyfPi/swLXI0 MVCp8FPnVLJ3TPUqL9Gk/fpg1T/fVl9hg9s91C5Nyasfgvj+gTzzM9eb9BX+RyBd 1uZN/e3pponLTBRlFye1CKxrHWvoQ7dKyQevtQIiZWniIyxExJDcEQ==
Received: from clarinet.employees.org (clarinet.employees.org [198.137.202.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by proxmox01.kjsl.com (Proxmox) with ESMTPS id 3252BE353E; Fri, 22 Mar 2024 07:18:54 +0000 (UTC)
Received: from smtpclient.apple (unknown [IPv6:2001:4650:c3ed:37a:1e9f:54b:1ba9:d468]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by clarinet.employees.org (Postfix) with ESMTPSA id 7508F4E11B48; Fri, 22 Mar 2024 07:18:53 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.500.171.1.1\))
From: Ole Troan <otroan@employees.org>
In-Reply-To: <Zfy1TuzigKQ1Njb5@Space.Net>
Date: Fri, 22 Mar 2024 08:18:41 +0100
Cc: Mark Andrews <marka@isc.org>, v6ops <v6ops@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <18ACB8EA-1EF6-4EE2-8B81-5A7311C3B306@employees.org>
References: <6de22cfd-b845-bd65-5b79-bc05f1eee1e8@gmail.com> <D6FA6215-DB44-47AE-AB5B-9C5DD51E08EA@isc.org> <Zfy1TuzigKQ1Njb5@Space.Net>
To: Gert Doering <gert@space.net>
X-Mailer: Apple Mail (2.3774.500.171.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/B-nlBTy2PAlPIz4CfIVeJdgmAGc>
Subject: Re: [v6ops] IPv6 mostly for DS-Lite
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Mar 2024 07:18:58 -0000

>> I don???t see why we don???t make it work for every IPV6AAS.  It???s just a DHCPv4 option. We could most probably extend 108 to support it with a list of methods in the payload after the wait timer. No list implies 464XLAT.  The node would set its supported methods and the DHCP server would match against the methods it is configured for.  A registry of methods would be required.
> 
> the way to hell is paved with implementor options

… and operators options. Experience has shown that there will be just enough operators for each mechanism that it’s justified to implement.

Now, if we try to do a merit based evaluation of the options here.
Let me make up some requirements.

1. 64 edge: MUST allow sharing NAPT44 pool and NAT64 IPv4 pool
2. 46 side: MUST be independent of IPv6 addressing
3. Both: Scale, as little state as possible, transparent, possible to troubleshoot

The A+P style solutions fail on 1 and 2. So we’re left with DS-lite and 464XLAT.

464XLAT as commonly implemented also fails on 2.
464XLAT does a loss-less translation while DS-lite does encapsulation up to the 64 edge.
464XLAT hides the IPv4 packet, making it harder to troubleshoot.
Both mechanisms increase the size of the packet and will have MTU issues. RFC6877 doesn’t even have the word MTU in it.

Neither scale well, but large stateful devices can be built. It’s just a matter of cost.

I see David posted a draft trying to improve on 464XLAT troubleshooting-ness.
Would be interesting to hear implementors perspective on implementing 464XLAT CLAT so it supports 2.

DS-lite is the better choice on merit.
464XLAT has enough deployment momentum that it’s the likely winner.
May depend on how willing the 464XLAT proponents are to fix the areas where it has short-comings.

Cheers,
Ole

v2.23.0 | Report a Bug | By Email