Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xlat-prefix
<mohamed.boucadair@orange.com> Tue, 09 May 2017 06:36 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C3D8129AEB; Mon, 8 May 2017 23:36:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.62
X-Spam-Level:
X-Spam-Status: No, score=-2.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oil-ADeIGEXc; Mon, 8 May 2017 23:36:18 -0700 (PDT)
Received: from relais-inet.orange.com (mta239.mail.business.static.orange.com [80.12.66.39]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73CE8129AFF; Mon, 8 May 2017 23:36:17 -0700 (PDT)
Received: from opfedar01.francetelecom.fr (unknown [xx.xx.xx.2]) by opfedar23.francetelecom.fr (ESMTP service) with ESMTP id D5CD51604E6; Tue, 9 May 2017 08:36:15 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.69]) by opfedar01.francetelecom.fr (ESMTP service) with ESMTP id B75FC16005E; Tue, 9 May 2017 08:36:15 +0200 (CEST)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILMA2.corporate.adroot.infra.ftgroup ([fe80::bc1c:ad2f:eda3:8c3d%18]) with mapi id 14.03.0339.000; Tue, 9 May 2017 08:36:15 +0200
From: mohamed.boucadair@orange.com
To: Warren Kumari <warren@kumari.net>, IPv6 Operations <v6ops@ietf.org>, "draft-ietf-v6ops-v4v6-xlat-prefix.all@ietf.org" <draft-ietf-v6ops-v4v6-xlat-prefix.all@ietf.org>, Joe Clarke <jclarke@cisco.com>
Thread-Topic: [v6ops] AD review of draft-ietf-v6ops-v4v6-xlat-prefix
Thread-Index: AQHSxbFPs712K9DuykCz43s9LaifGqHrjZsg
Date: Tue, 09 May 2017 06:36:14 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B933009E6C4E8@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <CAHw9_i+=ewtPR9qrmXR_CrSt57y=4RrE-JgZX8Mu-2sL+2cw-Q@mail.gmail.com>
In-Reply-To: <CAHw9_i+=ewtPR9qrmXR_CrSt57y=4RrE-JgZX8Mu-2sL+2cw-Q@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.5]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/KoGGna_7uvwBF9XxNdvbfOO7c1s>
Subject: Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xlat-prefix
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 May 2017 06:36:20 -0000
Hi Warren, all, Please see inline. Cheers, Med > -----Message d'origine----- > De : v6ops [mailto:v6ops-bounces@ietf.org] De la part de Warren Kumari > Envoyé : vendredi 5 mai 2017 17:06 > À : IPv6 Operations; draft-ietf-v6ops-v4v6-xlat-prefix.all@ietf.org; Joe > Clarke > Objet : [v6ops] AD review of draft-ietf-v6ops-v4v6-xlat-prefix > > First off, thank you for a clear, well written document. > I have completed my AD review, and had a few comments / suggestions. > > I'd also like to thank Fred for requesting early review, and Joe Clarke > for > the helpful review. I agree with all of his comments, other than the xref > in the > abstract -- but, see below on the Updates bit. > > I've annotated my comments with [C]. > > W > > > Abstract > > This document reserves the IPv6 prefix 64:ff9b:1::/48 for local use > within domains that enable IPv4/IPv6 translation mechanisms. This > document updates RFC6890. > > [C]: This document updates RFC6890 by ... ? A very brief summary would be > good. > Actually, I'm not really sure *why* this updates 6890, from what I can see > it > simply reserves an additional prefix in the registry. If it really > *does* update 6890 it should also have a section clearly explaining > what changes it makes (including the "new" text). It's entirely > possible that I've missed > something really obvious here... > > > 4. Why 64:ff9b:1::/48? > > [C]: I suspect that there may be some feedback during IESG review that > this section is really long, and provides a lot of (once published) > unnecessary justification -- however, I found it useful and > interesting (and likely needed before publication) - just mentioning > so you are prepared. > > 5. Deployment Considerations > > 64:ff9b:1::/48 is intended as a technology-agnostic and generic > reservation. A network operator may freely use it in combination > with any kind of IPv4/IPv6 translation mechanism deployed within his > network. > > [C]: If editing anyway, may want to replace "his" with "their" - > normally I wouldn't point this out, but apart from the gender issue, > network operator could be plural / networks are often owned by > multiple people / an org. > > > 64:ff9b:1::/48 or any other more-specific prefix SHOULD NOT be > advertised in inter-domain routing, except by explicit agreement > between all involved parties. Such prefixes MUST NOT be advertised > to the default-free zone. > > [C]: ... but you *know* that they will leak - what happens when they > do? Does this break anything? (probably not, *might* be worth > mentioning though) [Med] I wonder if a pointer to https://tools.ietf.org/html/rfc6052#section-3.2 would be sufficient here instead of having the full discussion. > > > 6. Checksum Neutrality > > Use of 64:ff9b:1::/48 does not in itself guarantee checksum > neutrality, as many of the IPv4/IPv6 translation algorithms it can be > used with are fundamentally incompatible with checksum-neutral > address translations. > > [C]: Er?! What is this checksum neutral thing of which you speak?! :-) > (I think you need a reference here -- I *think* that RFC6296, Section > 2.6 is the closest.) > [Med] The text already cites a pointer that is relevant for IPv4/IPv6 address translation matters: Section 4.1 of [RFC6052] contains further discussion about IPv4/IPv6 translation and checksum neutrality. > > The Stateless IP/ICMP Translation algorithm [RFC7915] is one well- > known algorithm that can operate in a checksum-neutral manner, when > using the [RFC6052] algorithm for all of its address translations. > However, in order to attain checksum neutrality is imperative that > the translation prefix is chosen carefully. Specifically, in order > for a 96-bit [RFC6052] prefix to be checksum neutral, all the six > 16-bit words in the prefix must add up to a multiple of 0xffff. > > The following non-exhaustive list contains examples of translation > prefixes that are checksum neutral when used with the [RFC7915] and > [RFC6052] algorithms: > > o 64:ff9b:1:fffe::/96 > > o 64:ff9b:1:fffd:1::/96 > > o 64:ff9b:1:fffc:2::/96 > > o 64:ff9b:1:abcd:0:5431::/96 > > Section 4.1 of [RFC6052] contains further discussion about IPv4/IPv6 > translation and checksum neutrality. > > [C]: Oh! Here is the reference (I think 6296 Sec 2.6 is clearer.) [Med] Citing RFC6052 is appropriate here because it discusses IPv4/IPv6 address translation matters while RFC6269 is about IPv6 prefix translation. RFC6052 is clear about the meaning: ... one's complement checksum if both the IPv4- translatable and the IPv4-converted IPv6 addresses were constructed in a "checksum-neutral" manner, that is, if the IPv6 addresses would have the same one's complement checksum as the embedded IPv4 address. > > 7. IANA Considerations > > The IANA is requested to add the following entry to the IPv6 Special- > Purpose Address Registry: > > +----------------------+---------------------+ > | Attribute | Value | > +----------------------+---------------------+ > | Address Block | 64:ff9b:1::/48 | > | Name | IPv4-IPv6 Translat. | > | RFC | (TBD) | > | Allocation Date | (TBD) | > | Termination Date | N/A | > | Source | True | > | Destination | True | > | Forwardable | True | > | Global | False | > | Reserved-by-Protocol | False | > +----------------------+---------------------+ > > The IANA is furthermore requested to add the following footnote to > the 0000::/8 entry of the Internet Protocol Version 6 Address Space > registry: > > 64:ff9b:1::/48 reserved for Local-use IPv4/IPv6 Translation [TBD] > > 8. Security Considerations > > The reservation of 64:ff9b:1::/48 is not known to cause any new > security considerations beyond those documented in Section 5 of > [RFC6052]. > > 9. References > > 9.1. Normative References > > [SNIP] > > [C]: IMO it would be better to have the Acknowledgments section as a > numbered section, not an Appendix (I'm not sure if this is actually > required, but is, IMO, better form). > > Appendix A. Acknowledgments > > The author would like to thank Fred Baker, Mohamed Boucadair, Brian E > Carpenter, Pier Carlo Chiodi, David Farmer, Holger Metschulat and > David Schinazi for contributing to the creation of this document. > > > -- > I don't think the execution is relevant when it was obviously a bad > idea in the first place. > This is like putting rabid weasels in your pants, and later expressing > regret at having chosen those particular rabid weasels and that pair > of pants. > ---maf > > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops
- [v6ops] AD review of draft-ietf-v6ops-v4v6-xlat-p… Warren Kumari
- Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xl… Warren Kumari
- Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xl… Fred Baker
- Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xl… Brian E Carpenter
- Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xl… Warren Kumari
- Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xl… mohamed.boucadair
- Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xl… Warren Kumari
- Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xl… Tore Anderson