IETF Logo Mail Archive

Re: [v6ops] draft-palet-v6ops-nat64-deployment discussion

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Tue, 29 May 2018 20:44 UTC

Return-Path: <prvs=168717744b=jordi.palet@consulintel.es>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDE7312D94D for <v6ops@ietfa.amsl.com>; Tue, 29 May 2018 13:44:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mQW_IeFxjKLf for <v6ops@ietfa.amsl.com>; Tue, 29 May 2018 13:44:17 -0700 (PDT)
Received: from mail.consulintel.es (mail.consulintel.es [IPv6:2001:470:1f09:495::5]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46EBD12E8D7 for <v6ops@ietf.org>; Tue, 29 May 2018 13:44:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1527626654; x=1528231454; i=jordi.palet@consulintel.es; q=dns/txt; h=User-Agent:Date: Subject:From:To:Message-ID:Thread-Topic:References:In-Reply-To: Mime-version:Content-type:Content-transfer-encoding; bh=BYC/FEOx U0HQsYWC9j6uhGjGPrE0AR/vLNer5gm69uU=; b=dBI35VXyndvpEXqTY5MxS+OJ 0iuHYgI4CN5P1zkk02xPZ6Zx5THdN6hOElk+8g46e/TKa+25PHJLTv4PM62MwGSP M5l9zJWSee7mGgXiDMa5wwboiTqK7TyioqHsY7irpT42lBaY8tUzB2hQ1rt6kPAP fjZrhXLomo3pXhwQMiw=
X-MDAV-Result: clean
X-MDAV-Processed: mail.consulintel.es, Tue, 29 May 2018 22:44:14 +0200
X-Spam-Processed: mail.consulintel.es, Tue, 29 May 2018 22:44:13 +0200
Received: from [10.10.10.129] by mail.consulintel.es (MDaemon PRO v16.5.2) with ESMTPA id md50005778979.msg for <v6ops@ietf.org>; Tue, 29 May 2018 22:44:12 +0200
X-MDRemoteIP: 2001:470:1f09:495:7d90:7c58:9f18:46a9
X-MDHelo: [10.10.10.129]
X-MDArrival-Date: Tue, 29 May 2018 22:44:12 +0200
X-Authenticated-Sender: jordi.palet@consulintel.es
X-Return-Path: prvs=168717744b=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: v6ops@ietf.org
User-Agent: Microsoft-MacOutlook/10.d.1.180523
Date: Tue, 29 May 2018 22:44:09 +0200
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: v6ops@ietf.org
Message-ID: <737B4FD7-863D-4947-B79C-2130706F1BAC@consulintel.es>
Thread-Topic: [v6ops] draft-palet-v6ops-nat64-deployment discussion
References: <C9183F53-FF89-4FA2-9787-B238A5BCA21F@gmail.com> <20180529175709.GI19425@mx4.yitter.info> <2D818599-B204-4F0E-9C49-CFCD9636654F@consulintel.es> <847afa59-3eef-8bf1-488f-11bbd2898d9e@asgard.org>
In-Reply-To: <847afa59-3eef-8bf1-488f-11bbd2898d9e@asgard.org>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/Elut5Gs9_O21ZNdLNM2jKJ4DaUI>
Subject: Re: [v6ops] draft-palet-v6ops-nat64-deployment discussion
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 May 2018 20:44:20 -0000

Hi Lee,

Responses below in-line.

Regards,
Jordi
 
 

-----Mensaje original-----
De: v6ops <v6ops-bounces@ietf.org> en nombre de Lee Howard <lee@asgard.org>
Fecha: martes, 29 de mayo de 2018, 22:06
Para: <v6ops@ietf.org>
Asunto: Re: [v6ops] draft-palet-v6ops-nat64-deployment discussion

    
    
    On 05/29/2018 02:27 PM, JORDI PALET MARTINEZ wrote:
    > I understand your point that NAT64 was meant to be "imperfect", but this is something that is not valid for operators. Operators need to support existing customers with existing devices and apps, that only have IPv4 support, and this is only possible with NAT64 + CLAT.
    
    This statement is too broad in several ways.
    "Operators" may use 2G, 3G, LTE, fixed wireless, DSL, FTTH, DOCSIS, PON, 
    Wi-Fi, or local Ethernet.
    They may serve different kinds of customers, including their enterprise 
    users, homes, businesses, mobile handsets, mobile tablets, hospitality, 
    retail Wi-Fi. Some of those cases may not require IPv4 at the host, or 
    even the app. Even in a heterogeneous network, an operator may prefer to 
    offer NAT64 only to some customers, and native dual-stack to others, 
    rather than requiring a CLAT of all of them.

If the CE supports CLAT, but is getting dual stack in the WAN, then CLAT should not be used, so the operator will make sure that those customers have a different information by means of the provisioning or whatever. Nevertheless, I think this is out of the scope of this document (draft-ietf-v6ops-transition-ipv4aas is probably the most appropriate for that).

    To say that existing customers have IPv4-only requirements is true for a 
    specific subset of the kinds of networks and the endpoints served. 
    IPv6-only may work, or NAT64 may work.
    
    Further, as far as I can tell, MAP solves as many use cases, with as 
    much scale, as 464xlat. DS-Lite also solves the use cases, but maybe not 
    at the same scale. And so on.
  
Agree, but my comment was in the scope of "if you want to use NAT64, you better do 464XLAT". But still yes, this need to be better qualified, as that sentence only makes sense if you still need to provide "dual-stack" inside the customer CE.  
    
    For the sake of this document, I agree that NAT64 is the focus, and CLAT 
    provides a useful reference, but it is not the only way to deploy NAT64.

Today I believe is difficult to find cases that differ from "if you want to use NAT64, you better do 464XLAT ": almost every residential and business customer of every ISP in the world still has the need to have support for IPv4-only devices and apps. This will change in the next years? Yes, for sure.

    
    > What I disagree with you is in your comment that anyone who is willing to deploy (let's concentrate in) 464XLAT, will do DNS64 too. This is actually not needed in that case.
    >
    > I've no problem to add text, to more explicitly say "If you're going to deploy NAT64, you need DNS64, and here are some limitations".
    
    That would be better. Experience suggests that anyone deploying NAT64 
    and/or 464xlat will deploy DNS64 too, so explicit exceptions would be nice.
    
    > Would you agree that if an operator deploying IPv6-only access want to make sure that the customers using some IPv4-only devices work fine, the only way is using NAT64+CLAT, and that using NAT64+DNS64 will not work?
    
    I don't agree with that, as I said above.
    >
    > Regards,
    > Jordi
    >   
    >   
    Lee
    
    _______________________________________________
    v6ops mailing list
    v6ops@ietf.org
    https://www.ietf.org/mailman/listinfo/v6ops
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

v2.23.0 | Report a Bug | By Email