IETF Logo Mail Archive

Re: [v6ops] draft-ietf-v6ops-nat64-experience WGLC

Sheng Jiang <jiangsheng@huawei.com> Wed, 04 September 2013 10:00 UTC

Return-Path: <jiangsheng@huawei.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E83821F9DBA for <v6ops@ietfa.amsl.com>; Wed, 4 Sep 2013 03:00:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.199
X-Spam-Level:
X-Spam-Status: No, score=-6.199 tagged_above=-999 required=5 tests=[AWL=-0.200, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ol0P7zytPH+I for <v6ops@ietfa.amsl.com>; Wed, 4 Sep 2013 03:00:45 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id 1D28B21E8086 for <v6ops@ietf.org>; Wed, 4 Sep 2013 03:00:41 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml204-edg.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.5-GA FastPath queued) with ESMTP id AWW82389; Wed, 04 Sep 2013 10:00:40 +0000 (GMT)
Received: from LHREML402-HUB.china.huawei.com (10.201.5.241) by lhreml204-edg.china.huawei.com (172.18.7.223) with Microsoft SMTP Server (TLS) id 14.3.146.0; Wed, 4 Sep 2013 11:00:11 +0100
Received: from nkgeml409-hub.china.huawei.com (10.98.56.40) by lhreml402-hub.china.huawei.com (10.201.5.241) with Microsoft SMTP Server (TLS) id 14.3.146.0; Wed, 4 Sep 2013 11:00:25 +0100
Received: from NKGEML512-MBX.china.huawei.com ([169.254.7.66]) by nkgeml409-hub.china.huawei.com ([10.98.56.40]) with mapi id 14.01.0323.007; Wed, 4 Sep 2013 18:00:16 +0800
From: Sheng Jiang <jiangsheng@huawei.com>
To: GangChen <phdgang@gmail.com>
Thread-Topic: [v6ops] draft-ietf-v6ops-nat64-experience WGLC
Thread-Index: AQHOpz0vWCDAHDiqKkSa1e+LJBgdQJmznjkAgAEXhACAAKbD4A==
Date: Wed, 04 Sep 2013 10:00:15 +0000
Message-ID: <5D36713D8A4E7348A7E10DF7437A4B923AD05DFE@nkgeml512-mbx.china.huawei.com>
References: <201309011800.r81I0Ao1006741@irp-view13.cisco.com> <5D36713D8A4E7348A7E10DF7437A4B923AD05610@nkgeml512-mbx.china.huawei.com> <CAM+vMETtLCpeByjgpksOg+AfiTtOwqL-W4my-na8Wa4dxnp0qg@mail.gmail.com>
In-Reply-To: <CAM+vMETtLCpeByjgpksOg+AfiTtOwqL-W4my-na8Wa4dxnp0qg@mail.gmail.com>
Accept-Language: en-GB, zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.111.98.145]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Cc: "v6ops@ietf.org" <v6ops@ietf.org>
Subject: Re: [v6ops] draft-ietf-v6ops-nat64-experience WGLC
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Sep 2013 10:00:51 -0000

You response looks proper for me.

Sheng

>-----Original Message-----
>From: GangChen [mailto:phdgang@gmail.com]
>Sent: Wednesday, September 04, 2013 4:03 PM
>To: Sheng Jiang
>Cc: Fred Baker; v6ops@ietf.org
>Subject: Re: [v6ops] draft-ietf-v6ops-nat64-experience WGLC
>
>Hi Sheng,
>
>Thank you for your detailed review. Please see my reply inline.
>
>2013/9/3, Sheng Jiang <jiangsheng@huawei.com>:
>> Hi, v6ops and authors,
>>
>> I volunteered to review this document during IETF87 meeting. The below is
>my
>> comments.
>>
>> In general, this document have done a good job on sharing their NAT64
>> experience. The information is useful for IPv6 society and the document has
>> organized in a form easy to read and understand.
>>
>> So I support this WGLC.
>>
>> Some nits are as following.
>>
>> The second and fourth paragraphs are both describe the coexistence
>between
>> IPv4 and IPv6. Merging them together would get better logicality.
>>
>> Section 3.1 contains fairly long statements. It may be better to create
>> sub-sections to gauge the discussion.
>
>We will address that at the next update.
>
>> For the statement,
>>
>>    Therefore, NAT64 may serve double roles in some cases,
>>    i.e. a translator and IPv6 forwarder.  Some failure cases may occur
>>    once NAT64 serves a IPv6 gateway but is configured only with IPv4 on
>>
>> It should be noted native IPv6 paths may not traverse NAT64. You may add
>> some discussions regarding this point.
>
>I would make following changes on this point
>
>OLD
>---------------
>   Operators should not expect to access IPv4 parts
>   of a dual-stack server using NAT64/DNS64.  NAT64 would forwards all
>   the traffic on IPv6 paths if dual-stack servers are targeted.  In
>   some sense, it encourages IPv6 transmission and restrains NAT uses
>   compared to NAT44(if used), on which all traffic flows have to
>   traverse.  Therefore, NAT64 may serve double roles in some cases,
>   i.e. a translator and IPv6 forwarder.  Some failure cases may occur
>   once NAT64 serves a IPv6 gateway but is configured only with IPv4 on
>   WAN links.  We tested on Top100 websites (referring to [Alexa]
>   statistics) in such condition. 43% of websites are failed to be
>   connected since those websites have both AAAA and A records.  To be
>   reliable, it's recommended to enable NAT64 WAN links with dual-stack
>   connections in the deployment.
>
>NEW
>-----------------
>   Operators should not expect to access IPv4 parts
>   of a dual-stack server using NAT64/DNS64. The traffic is forwarded
>   on IPv6 paths if dual-stack servers are targeted. IPv6 traffic may be routed
>   not going through NAT64. Only the traffic going to IPv4-only service
>   would traverse NAT64. In some sense, it encourages IPv6 transmission
>   and restrains NAT uses compared to NAT44(if used), on which all traffic
>   flows have to be traversed and translated. In some cases, NAT64-CGN
>may
>   serve double roles, i.e. a translator and IPv6 forwarder. Some failure
>   cases may be occured once NAT64 serves a IPv6 gateway while is
>configured
>   only with IPv4 on WAN links.  We tested on Top100 websites
>(referring to [Alexa]
>   statistics) in such condition. 43% of websites are failed to be
>   connected since those websites have both AAAA and A records. Therefore,
>it's
>   recommended to enable NAT64 WAN links with dual-stack connections
>in such case.
>
>
>> Section 4.1 has done a good discussion on the different flavors of
>> redundancy. It would be better to move the testing table into the appendix.
>> You could detail the testing condition so audiences could compare it with
>> their-own situation.
>
>It will be done at the next update.
>
>
>> In section 4.2, you have the below text
>>
>>       With the absence of DNS64, internal
>>       hosts could learn multiple IPv6 prefixes through the approaches
>>       defined in[I-D.ietf-behave-nat64-discovery-heuristic]...
>>
>> However, I-D.ietf-behave-nat64-discovery-heuristic also requests DNS64
>> involvement. It may need some clarifications ?
>
>Thank you for pointing me this issue. I would make following change
>
>      For the applications not requiring DNS resolver, internal
>      hosts could learn multiple IPv6 prefixes through the approaches
>      defined in[I-D.ietf-behave-nat64-discovery-heuristic] and then
>      select one based on a given prefix selection policy.
>
>
>> In section 5.2, it may be worth to add a quota or reference to rfc6967. It
>> analyzes several potential solutions in geo-location area.
>
>It was mentioned at
>http://www.ietf.org/mail-archive/web/v6ops/current/msg17131.html.
>The new text for the statement is
>
>   o  The NAT64-CGN equipments may not implement XFF.  Geo-location
>      based on shared IPv4 address is rather inaccurate in that case.
>      [RFC6967] analyzed several options to reveal the host identifier.
>      Each one may have their-own specific usage. With regards to
>      NAT64 deployment, it's desirable to offer geo-location system
>      the internal IPv6 address, which has the meaning in global scale.
>      For the geo-location systems relying on a Radius database[RFC5580],
>we
>      have investigated to deliver NAT64 BIBs and Session Table Entrys
>(STEs)
>      to a Radius server[I-D.chen-behave-nat64-radius-extension].
>      This method could get along with [RFC5580] to convey original source
>      address through same message bus.
>
>Best Regards
>
>Gang
>
>> Best regards,
>>
>> Sheng
>>
>>>-----Original Message-----
>>>From: v6ops-bounces@ietf.org [mailto:v6ops-bounces@ietf.org] On Behalf
>>>Of Fred Baker
>>>Sent: Monday, September 02, 2013 2:00 AM
>>>To: v6ops@ietf.org
>>>Subject: [v6ops] draft-ietf-v6ops-nat64-experience WGLC
>>>
>>>This is to initiate a two week working group last call of
>>>http://tools.ietf.org/html/draft-ietf-v6ops-nat64-experience.  Please read
>>> it
>>>now. If you find nits
>>>(spelling errors, minor suggested wording changes, etc), comment to the
>>>authors; if you find greater issues, such as disagreeing with a
>>>statement or finding additional issues that need to be addressed,
>>>please post your comments to the list.
>>>
>>>We are looking specifically for comments on the importance of the
>>>document as well as its content. If you have read the document and
>>>believe it to be of operational utility, that is also an important
>>>comment to make.
>>>_______________________________________________
>>>v6ops mailing list
>>>v6ops@ietf.org
>>>https://www.ietf.org/mailman/listinfo/v6ops
>> _______________________________________________
>> v6ops mailing list
>> v6ops@ietf.org
>> https://www.ietf.org/mailman/listinfo/v6ops
>>

v2.23.0 | Report a Bug | By Email