Re: [v6ops] IPv6-only section [draft-ietf-v6ops-enterprise-incremental-ipv6 WGLC]

"cb.list6" <cb.list6@gmail.com> Thu, 08 August 2013 12:45 UTC

Return-Path: <cb.list6@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEDBD21E80AC for <v6ops@ietfa.amsl.com>; Thu, 8 Aug 2013 05:45:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.085
X-Spam-Level:
X-Spam-Status: No, score=-2.085 tagged_above=-999 required=5 tests=[AWL=-0.086, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_13=0.6, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bUpOk-H1DR8C for <v6ops@ietfa.amsl.com>; Thu, 8 Aug 2013 05:45:42 -0700 (PDT)
Received: from mail-wi0-x236.google.com (mail-wi0-x236.google.com [IPv6:2a00:1450:400c:c05::236]) by ietfa.amsl.com (Postfix) with ESMTP id BD75121E80AD for <v6ops@ietf.org>; Thu, 8 Aug 2013 05:45:33 -0700 (PDT)
Received: by mail-wi0-f182.google.com with SMTP id hi8so520084wib.9 for <v6ops@ietf.org>; Thu, 08 Aug 2013 05:45:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=EEz87t9FJE8hGzvd2LpvAU0Zep3YLu0bO3mp4QB26zw=; b=p94iCg14BJyWV9uWwyGbamOSAukCY/cabwJvpnDLDmD04IAXtULZ2iN9AaQp2Lf/KH 90Zzkq0px4ZHBn+p+oEEErRuH/zwmL8WRVPhXj33WZ+cDn1qsNoRlHeAjv4L8zNqQkdH FgXJqGjEYMra7ur0ZCmor6F7q6qbR72+QOSFEFTpAJMEehzL+L909XCVM0ew1UqUTUXY yDjE131nlNrUrnWFo0sD/6DhXimlDm6O1yZBGrZlnD6/k5cJX+Csj8HC52INK4JBbh8Y 1Q7slcwYra4w419QK0OAF2UfOPpp+eykUx2BTsRJVCKnhIKFCQy8tAdzttvrsWImM7gO Sp2Q==
MIME-Version: 1.0
X-Received: by 10.180.188.49 with SMTP id fx17mr4948185wic.49.1375965932745; Thu, 08 Aug 2013 05:45:32 -0700 (PDT)
Received: by 10.216.15.68 with HTTP; Thu, 8 Aug 2013 05:45:32 -0700 (PDT)
Received: by 10.216.15.68 with HTTP; Thu, 8 Aug 2013 05:45:32 -0700 (PDT)
In-Reply-To: <52031D69.3070604@gmail.com>
References: <201308041800.r74I03pC023049@irp-view13.cisco.com> <5200804D.2050006@gmail.com> <CAD6AjGTGL9JVK6egOAVXhMFv77L0b=9eVjKAauwNzLnaM=Mcyw@mail.gmail.com> <52031D69.3070604@gmail.com>
Date: Thu, 8 Aug 2013 05:45:32 -0700
Message-ID: <CAD6AjGTAJVvmG_byRMW_F2g+WDBvdRLop_oLshgwbUsfBjRzbA@mail.gmail.com>
From: "cb.list6" <cb.list6@gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Content-Type: multipart/alternative; boundary=001a11c25bdaa4f93104e36f08a4
Cc: v6ops@ietf.org
Subject: Re: [v6ops] IPv6-only section [draft-ietf-v6ops-enterprise-incremental-ipv6 WGLC]
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2013 12:45:42 -0000

On Aug 7, 2013 9:24 PM, "Brian E Carpenter" <brian.e.carpenter@gmail.com>
wrote:
>
> On 08/08/2013 16:08, cb.list6 wrote:
> > On Aug 5, 2013 9:49 PM, "Brian E Carpenter" <brian.e.carpenter@gmail.com
>
> > wrote:
> >> On a different topic, section 5 covers IPv6-only issues.
> >> I'm a bit concerned that this might need a health warning:
> >> deploying NAT64/DNS64 might cause pain and suffering.
> >> Perhaps after this text:
> >>
> >>>    Together, RFCs
> >>>    6146 and RFC 6147 provide a viable method for an IPv6-only client
to
> >>>    initiate communications to an IPv4-only server.
> >> we should add something like:
> >>
> >>    At enterprise level, operating NAT64 and DNS64 services for
> >>    heavy usage may have significant practical implications.
> >>
> >
> > Can you be more specific? Pratical data?
>
> Not really, because I've never operated one in real life. It doesn't
> strike me as the sort of service that most enterprise network
> managers will be familiar with, and a v6-only site needing a normal
> level of access to v4-land would end up sending most of its external
> traffic via NAT64 and most of its external DNS queries via DNS64.
> Therefore, these would become an important single point of failure
> and a potential bottleneck. The text doesn't seem to point this out.
>

Agree with Joel, nat64 will be parity with common nat44 and firewalls in
terms of availability

Regarding majority of traffic, i believe the scales have tipped to show v6
is the majority for campus networks, which is the best proxy in the
available data

http://www.worldipv6launch.org/measurements/

These numbers also skew low since Apple has a non-deterministic happy
eyeballs

Given that enterprises and all users of IP are out of ipv4, so they need to
not use ipv4 yet have access to it, guidance against nat64 will frustrate
the issue.

Guidance should be given to make as many flow v6 e2e. Full stop.

CB
>    Brian
>
> > CB
> >
> >> Also, the last paragraph of section 5:
> >>
> >>>    It is worth noting that for IPv6-only access networks that use
> >>>    technologies such as NAT64, the more content providers (and
> >>>    enterprises) that make their content available over IPv6, the less
> >>>    the requirement to apply NAT64 to traffic leaving the access
network.
> >> A reference to RFC 6883 would fit nicely there.
> >>
> >> Regards
> >>    Brian
> >> _______________________________________________
> >> v6ops mailing list
> >> v6ops@ietf.org
> >> https://www.ietf.org/mailman/listinfo/v6ops
> >