Re: [v6ops] FYI: Microsoft's latest on CLAT
Tore Anderson <tore@fud.no> Sun, 10 March 2024 10:23 UTC
Return-Path: <tore@fud.no>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 555E7C14F60C; Sun, 10 Mar 2024 03:23:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KCFVv-0YcO-Z; Sun, 10 Mar 2024 03:23:24 -0700 (PDT)
Received: from mail.fud.no (mail.fud.no [IPv6:2a02:c0:2f0:de01:f816:3eff:fede:dc6a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1EC91C14F5F4; Sun, 10 Mar 2024 03:23:21 -0700 (PDT)
Received: from vpn.i.bitbit.net ([2a02:c0:2:6:18:59ff:fe38:da0d]:49540 helo=[IPV6:2a02:c0:2:7::2]) by mail.fud.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <tore@fud.no>) id 1rjGKs-0008IW-Es; Sun, 10 Mar 2024 11:23:18 +0100
Message-ID: <1113ad66-424a-4c49-bbab-713916fe357a@fud.no>
Date: Sun, 10 Mar 2024 11:23:18 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: Ole Trøan <otroan=40employees.org@dmarc.ietf.org>, Jen Linkova <furry13@gmail.com>
Cc: v6ops@ietf.org, Tommy Jensen <Jensen.Thomas@microsoft.com>
References: <CAFU7BAQsnionnO_VZoxAnqAKad_cuQbyHzFKK4XMai_Hw8-Kyg@mail.gmail.com> <56FFAFE7-94B4-47BD-9139-1A1FA83FB472@employees.org>
Content-Language: en-GB, nn-NO
From: Tore Anderson <tore@fud.no>
In-Reply-To: <56FFAFE7-94B4-47BD-9139-1A1FA83FB472@employees.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/JEhS-V79QqFt5-RaiyG-aj_HCMw>
Subject: Re: [v6ops] FYI: Microsoft's latest on CLAT
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Mar 2024 10:23:25 -0000
On 09/03/24 08:58, Ole Trøan wrote: > Could stateful XLAT be made to work on a host with a single address? Yes. Would using a single address lead to interoperability problems? No. > I.e. it’s an implementation choice. Indeed. On Linux this can be easily done today, by assigning a locally significant IPv6 address (e.g., ULA) to the CLAT function, and then running the packets through Netfilter's stateful IPv6 NAT function prior to forwarding to the external network. This works just fine on any IPv6 network, unlike the dual address approach. It also means NDP interaction is not an issue to worry about, so it is actually easier to implement than the dual address approach too (in my opinion, anyway). I can also imagine a single-address in-kernel CLAT that achieves the same more elegantly by integrating directly with the socket layer, e.g., by ensuring that an outbound TCP/UDP connection assigned 192.0.2.1:portX claims [2001:db8::1]:portX automatically, and where return traffic destined for [2001:db8::1]:portX will be directed to the CLAT function for IPv6→IPv4 translation. [2001:db8::1]:portY may be used by a regular native IPv6 socket simultaneously. Tore
- [v6ops] FYI: Microsoft's latest on CLAT Tommy Jensen
- Re: [v6ops] FYI: Microsoft's latest on CLAT Lorenzo Colitti
- Re: [v6ops] FYI: Microsoft's latest on CLAT Ole Troan
- Re: [v6ops] FYI: Microsoft's latest on CLAT Jen Linkova
- Re: [v6ops] FYI: Microsoft's latest on CLAT Ole Troan
- Re: [v6ops] FYI: Microsoft's latest on CLAT Ted Lemon
- Re: [v6ops] FYI: Microsoft's latest on CLAT Brian E Carpenter
- Re: [v6ops] FYI: Microsoft's latest on CLAT Nick Buraglio
- Re: [v6ops] FYI: Microsoft's latest on CLAT Lorenzo Colitti
- Re: [v6ops] FYI: Microsoft's latest on CLAT Jen Linkova
- Re: [v6ops] FYI: Microsoft's latest on CLAT Ole Trøan
- Re: [v6ops] FYI: Microsoft's latest on CLAT Gyan Mishra
- Re: [v6ops] FYI: Microsoft's latest on CLAT Gyan Mishra
- Re: [v6ops] FYI: Microsoft's latest on CLAT Tore Anderson
- Re: [v6ops] FYI: Microsoft's latest on CLAT Daryll Swer
- Re: [v6ops] FYI: Microsoft's latest on CLAT Gert Doering
- Re: [v6ops] [EXTERNAL] Re: FYI: Microsoft's lates… Tommy Jensen
- Re: [v6ops] FYI: Microsoft's latest on CLAT Gert Doering
- Re: [v6ops] [EXTERNAL] Re: FYI: Microsoft's lates… Daryll Swer
- Re: [v6ops] [EXTERNAL] Re: FYI: Microsoft's lates… Jen Linkova
- Re: [v6ops] FYI: Microsoft's latest on CLAT Vasilenko Eduard
- Re: [v6ops] [EXTERNAL] Re: FYI: Microsoft's lates… Ole Troan
- Re: [v6ops] FYI: Microsoft's latest on CLAT Daryll Swer
- Re: [v6ops] FYI: Microsoft's latest on CLAT Vasilenko Eduard
- Re: [v6ops] FYI: Microsoft's latest on CLAT Ole Troan
- Re: [v6ops] FYI: Microsoft's latest on CLAT Soni "They/Them" L.
- Re: [v6ops] FYI: Microsoft's latest on CLAT Jen Linkova
- Re: [v6ops] FYI: Microsoft's latest on CLAT Vasilenko Eduard
- Re: [v6ops] FYI: Microsoft's latest on CLAT Lorenzo Colitti
- Re: [v6ops] FYI: Microsoft's latest on CLAT Gyan Mishra
- Re: [v6ops] FYI: Microsoft's latest on CLAT Bob Hinden
- Re: [v6ops] FYI: Microsoft's latest on CLAT Nick Buraglio
- Re: [v6ops] [EXTERNAL] Re: FYI: Microsoft's lates… Nick Buraglio
- Re: [v6ops] FYI: Microsoft's latest on CLAT Jen Linkova
- Re: [v6ops] [EXTERNAL] Re: FYI: Microsoft's lates… Tommy Jensen
- Re: [v6ops] FYI: Microsoft's latest on CLAT Chongfeng Xie
- Re: [v6ops] FYI: Microsoft's latest on CLAT Tim Chown
- Re: [v6ops] [EXTERNAL] Re: FYI: Microsoft's lates… Tommy Jensen
- Re: [v6ops] FYI: Microsoft's latest on CLAT Vasilenko Eduard