IETF Logo Mail Archive

Re: [v6ops] Are we competitive?

"Soni \"They/Them\" L." <fakedme+ipv6@gmail.com> Wed, 10 August 2022 20:21 UTC

Return-Path: <fakedme+ipv6@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34D40C13CCE5 for <v6ops@ietfa.amsl.com>; Wed, 10 Aug 2022 13:21:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.611
X-Spam-Level:
X-Spam-Status: No, score=-0.611 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, NORMAL_HTTP_TO_IP=0.001, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qnQkylSvg87n for <v6ops@ietfa.amsl.com>; Wed, 10 Aug 2022 13:21:22 -0700 (PDT)
Received: from mail-vs1-xe33.google.com (mail-vs1-xe33.google.com [IPv6:2607:f8b0:4864:20::e33]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B799C13CCED for <v6ops@ietf.org>; Wed, 10 Aug 2022 13:21:22 -0700 (PDT)
Received: by mail-vs1-xe33.google.com with SMTP id s129so16297646vsb.11 for <v6ops@ietf.org>; Wed, 10 Aug 2022 13:21:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=in-reply-to:content-language:references:cc:to:subject:from :user-agent:mime-version:date:message-id:sender:from:to:cc; bh=DDKS0UiuTdgBKYqprMwqJ/d0Rh8fNCcQNDl8dL/6z8Q=; b=AZZz6QqXaiQGuam2BAjc/skY2M5Npv8Tw3+gJ8NBueZm1lfzw6uFaUYtHWsFsJqL3x wGPayn+gC4tId4ZdqJpLDVUL8J44Z/JP62i/ME+0E17+4UkVMmnLIM503Yz87XL9T3P1 Shimf9L34jQLNxY/rjz+mJbSDmtFRidW9CCD2whvKQ1TwkGEdjDPZyXMfunY8lv6oYuI bC2v/K/gIjVnb0aUsXbu33hCfJL9aMzzx6PR6b/BfTgAdb1+p2hg8LbNWIbVXOLoPVVw 8oXTzjhjimJ9z7fqnK8FnTOB2xnt6qSx4YlCu571fGX0hAHWipeY542VSLmJwBTuuQAE ZwiA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-language:references:cc:to:subject:from :user-agent:mime-version:date:message-id:sender:x-gm-message-state :from:to:cc; bh=DDKS0UiuTdgBKYqprMwqJ/d0Rh8fNCcQNDl8dL/6z8Q=; b=yqF5CA2mSJlpYNnA5aKPidu86IHoe2nk++QLjs+jAuVvb2sCCqq2HXcRw8brN4wFoH rm6kfdDrx5y3ofThNKBcmIb/KPtt9vVmWw3Y1n72vHn2lExBA6TTx4yfxMmQNzBZq+wn MUadOf+ENsOLz4tnhyBXG1NhwC0RTj6d0fshi+6JVTmzA5+n8OJE2euoAkv7BLmvpfyL d/z77w853smp3CgWuASDSHoBRSjHFAK1SCqCIRafiMZL46pIbsha4T/TnGNXI828Ury5 W6+aPmX4ZKVjV8uJ+O2MLO2124VClWVUxPNwLRgQUzGcOiLfeimfYEm/apIU8qjUB90i fd4Q==
X-Gm-Message-State: ACgBeo34bqYkk+Fpd+D58YNIEwbT6vpAQkeYn9DkEp58g2npJ9ox+vfN sBqFI0yHNNcop0X9fC6Jptm2fE5T4OY=
X-Google-Smtp-Source: AA6agR6S3N73EBMpYIMa13gHOjs8Gaz2qMMHvMXh+J0l07dQL3hqpAP/5P3Z+nqXdcSHBvenXMIr2Q==
X-Received: by 2002:a67:fd6a:0:b0:38a:8637:c396 with SMTP id h10-20020a67fd6a000000b0038a8637c396mr1634211vsa.5.1660162881161; Wed, 10 Aug 2022 13:21:21 -0700 (PDT)
Received: from ?IPV6:2804:431:cfcd:6994::536f:6e69? ([2804:431:cfcd:6994::536f:6e69]) by smtp.googlemail.com with ESMTPSA id 6-20020a9f2106000000b0038c6e8c8ec2sm10083741uab.19.2022.08.10.13.21.19 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 10 Aug 2022 13:21:20 -0700 (PDT)
Sender: "Soni L." <fakedme@gmail.com>
Content-Type: multipart/alternative; boundary="------------804nzMF0VZNa0PqBeG5acZ0P"
Message-ID: <a803e9e9-4913-53a8-b628-ece055fa3344@gmail.com>
Date: Wed, 10 Aug 2022 17:21:17 -0300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
From: "Soni \"They/Them\" L." <fakedme+ipv6@gmail.com>
To: Gábor LENCSE <lencse@hit.bme.hu>
Cc: IPv6 Operations <v6ops@ietf.org>
References: <e4a35f0c-757a-aefa-c211-05b6015a4215@gmail.com> <YuJXbruluDmzF3RD@Space.Net> <ec68b29c62034d3e98adec9c5da45ff3@huawei.com> <25e4f9e4-e055-241c-7047-97dca8b09cc8@gmail.com> <3c35a91af90d4b82af724e7ce98378d3@huawei.com> <CAE=N4xcPq3CB5DDjPOk3oAqBfpJRebhXsFExSEAX_Yr3_XsSUg@mail.gmail.com> <97662d43-7daa-191c-792b-49a626fb9769@gmail.com> <CAM5+tA_w9n2=cXc=mgsr8iOx2rndAWgPhnoNBs4UQnJd3gJxNA@mail.gmail.com> <CADzU5g4mSqqVXE9ppe1U=dMM59GUPviArL_5tiQe0yxm-YZrgw@mail.gmail.com> <CAM5+tA9tOGuy8scXStxOTzWOwG_zvDHx4Hi5CwkGiYmzNLOvqw@mail.gmail.com> <CAPt1N1neKi_8A=WQz44vsO9nywmfCjXhiWrDMuhaFFTHvj_g7A@mail.gmail.com> <CAM5+tA-hse1OoVT_R90u76GpF8ZSW7PaGhXP4V6UbT4Xe8=BFg@mail.gmail.com> <CADzU5g6q=PL+yaijHZvgTz9F7ePUtdAgPCv-3Qmf0vNS4mZENQ@mail.gmail.com> <40a92b22-eeee-c359-3c50-e9ba51375364@gmail.com> <6f2e674aa8b3417983fe43435761d331@huawei.com> <47d37ba4-840d-8948-84f4-be1a2a51a243@hit.bme.hu>
Content-Language: en-US
In-Reply-To: <47d37ba4-840d-8948-84f4-be1a2a51a243@hit.bme.hu>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/EX1G2KWltuuEQlz146_B8N1In10>
Subject: Re: [v6ops] Are we competitive?
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Aug 2022 20:21:24 -0000

(attempting to re-send this because something seems to have gone wrong...)


On Wed, Aug 10, 2022, 08:01 Gábor LENCSE <lencse@hit.bme.hu> wrote:

    Dear Eduard,

    TAYGA is a stateless NAT64 implementation. We use it for educational
    purposes: we demonstrate stateful NAT64 using TAYGA (stateless NAT64) +
    iptables (stateful NAT44). We use it because it is easy to configure
    and
    everything can be easily observed and debugged (unlike with the much
    more powerful Jool stateful NAT64 solution).


1. why with NAT44 instead of NAT66?
2. can jool really use the same 192.0.0.2 on all clients? it seemed to
use 1918 and 100.64.0.0/10 <http://100.64.0.0/10>?


    However, I would not recommend TAYGA for ISP-s due to performance
    issues. (It works in userspace and it is not able to utilize more
    than a
    single CPU core.)


ohh. but it's fine for hotspot software? why isn't hotspot software
using 464 instead of 1918? it's gonna be NAT either way but one of them
at least stress tests IPv6 in the wild.


    Best regards,

    Gábor


    8/10/2022 12:12 PM keltezéssel, Vasilenko Eduard írta:
    > Hi Soni,
    > I do not understand how your comment is relevant to NAT66.
    >
    > If the source traffic is private IPv4 then indeed we need stateful
    translation somewhere.
    > lw4o6 and MAP-E/T prefer to do the stateful translation on the client.
    > DS-Lite, 464XLAT, and DS-Lite prefer to do the stateful
    translation on the CGNAT.
    > NAT66 requirement is not visible in any translation RFC.
    >
    > Sorry, I am not familiar with TAYGA implementation.
    > And could not guess which one RFC it breaks.
    > Eduard
    > -----Original Message-----
    > From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Soni
    "They/Them" L.
    > Sent: Wednesday, August 10, 2022 12:49 AM
    > To: v6ops@ietf.org
    > Subject: Re: [v6ops] Are we competitive?
    >
    >
    >
    > On 2022-08-09 18:16, Clark Gaylord wrote:
    >> That there are commercial NAT66 offerings is less compelling. Vendors
    >> frequently want you to do bad things. NAT66 suffers from the same
    >> problem as NAT44 -- there is no exit strategy. NAT64 is
    specifically a
    >> *transition* technology and over time there is less and less NAT.
    >>
    > how do you make it so e.g. TAYGA uses the same client IP(v4) for
    all CLATs without NAT66, i.e. without mapping IPv6 addresses to a
    single canonical, internal IPv6 address (maybe [::1]) for TAYGA to use?
    >
    > since TAYGA is stateless, it wants to map single IPv6 to single IPv4.
    > "true" NAT64 using the DS-Lite range requires the use of NAT66 +
    TAYGA, otherwise you have to use 1918 (or, alternatively, CGNAT
    addresses) +
    > NAT44 + TAYGA.
    >
    > (still trying to see if this works, haven't had the time to play
    with it... still annoyed at the lack of out-of-box linux distro
    464XLAT support also.)
    >
    > _______________________________________________
    > v6ops mailing list
    > v6ops@ietf.org
    > https://www.ietf.org/mailman/listinfo/v6ops
    >
    > _______________________________________________
    > v6ops mailing list
    > v6ops@ietf.org
    > https://www.ietf.org/mailman/listinfo/v6ops

    _______________________________________________
    v6ops mailing list
    v6ops@ietf.org
    https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email