IETF Logo Mail Archive

Re: [v6ops] IPREF as a transitioning tool

waldemar <waldemar@wdmsys.com> Sat, 11 November 2023 11:57 UTC

Return-Path: <waldemar@wdmsys.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79EF5C15C2A3 for <v6ops@ietfa.amsl.com>; Sat, 11 Nov 2023 03:57:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.852
X-Spam-Level:
X-Spam-Status: No, score=-0.852 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.091, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=wdmsys.com header.b="Sw7OjYO8"; dkim=pass (2048-bit key) header.d=outbound.mailhop.org header.b="nTMFppOZ"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nssaqsl9z_3H for <v6ops@ietfa.amsl.com>; Sat, 11 Nov 2023 03:57:19 -0800 (PST)
Received: from barn.elm.relay.mailchannels.net (barn.elm.relay.mailchannels.net [23.83.212.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53BD9C1522CD for <v6ops@ietf.org>; Sat, 11 Nov 2023 03:57:18 -0800 (PST)
X-Sender-Id: _forwarded-from|217.96.228.89
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 4BFA080CB1 for <v6ops@ietf.org>; Sat, 11 Nov 2023 11:57:18 +0000 (UTC)
Received: from outbound1b.ore.mailhop.org (unknown [127.0.0.6]) (Authenticated sender: duocircle) by relay.mailchannels.net (Postfix) with ESMTPA id 6BDFD81A54 for <v6ops@ietf.org>; Sat, 11 Nov 2023 11:57:17 +0000 (UTC)
ARC-Seal: i=2; s=arc-2022; d=mailchannels.net; t=1699703837; a=rsa-sha256; cv=pass; b=gKl6c+5onZMf/vTpAWgkMEsidgxVabPO6h2ZlGIke+p00nTW6xNwMx9Lh/Yc6EfKNcSQRX ys4uoS5fm2SNyCCyiRrneDSPlM6P+aTCDkNqPzw1fqTY75UtUbeSMSmVjYF3Dde6u4dx4W TcueJw2Pr9rxL8wl6SAKHLEAaBbQTBqCa+PZ3PTq5ManqUJoh9qvZpsEZDr+5CWRVweqfU NT4+nagIDEbecIQQXFWhHjxuzy9z+oDa/oG4+X/3GgBnr5zQW78ex2YCFkA3Ajr6pm9l84 WU5x2L+nPjUqS2pmzzmjWE8s0NeN4sZpqBRl32eL2xfyJT3eGydNJtXS1HKXkA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1699703837; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=r0loI04LgnX8PpCaiKfzl5QYVTrismR+0qDf8SDPWfg=; b=KRNYth/r2sym8gTcOizJYgs5tQuAArs0kdhFBye4R6WTBu4wZVndkSMJZ7e/G8x/KsSATZ e8EXpIvAkRve2d3LI6Q+HlEQgC0iWd1tTCExGEWpsVZkc43oy2JTc4dRM4skVGJ59lH/Rn oC6Y7EmjumSbFTvTbu9Uvqb/402EqphzyQbBNftVGSQtfYHW4J8hXzU7yPL624EdzYI9/j GM5omo5M14vM0towQeFWLxFPa5rxGMfT1wewTnCbd1KuLe8aY3PXzvELAxvZAbPuIcsbdT 0vWwYCSMjIDxERRrDiNasn3VOEf3qz/PlrYsmB+zJUe4P4XfrUaXdf1fYLIYTQ==
ARC-Authentication-Results: i=2; rspamd-6f98f74948-kkzxq; arc=pass ("outbound.mailhop.org:s=arc-outbound20181012:i=1"); auth=pass smtp.auth=duocircle smtp.mailfrom=waldemar@wdmsys.com
X-Sender-Id: _forwarded-from|217.96.228.89
X-MC-Relay: Junk
X-MailChannels-SenderId: _forwarded-from|217.96.228.89
X-MailChannels-Auth-Id: duocircle
X-Industry-Illustrious: 2d19f7c7231f49d2_1699703837692_4160809087
X-MC-Loop-Signature: 1699703837692:4277619332
X-MC-Ingress-Time: 1699703837692
Received: from outbound1b.ore.mailhop.org (outbound1b.ore.mailhop.org [54.200.247.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.127.137.45 (trex/6.9.2); Sat, 11 Nov 2023 11:57:17 +0000
ARC-Seal: i=1; a=rsa-sha256; t=1699703836; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=jahyQNqMbGBJn19vsjpX0LFEOHYVZtJKXAC/UDwd90rpwuI3FnN+tD7Ppr4MngrmcV8Q1ykGTXaey Zaqc2otzVDg0V0YOzATpvEDJk36p57K1vPMWwaOUj7GfYwmPSCBvLMyJA1HeWGVC+KBnGc/DOReu7X t1ug/VUM/6MfqKRXmWiWkwsQcWVbkvRQG2JW5pLAYWGtETPv7QtupmSJdJgcPpJUC+yiDA7y8L+rSP oMAOQ17U9PmV8BzV7KqnHDsc2mTdolKqbv1IbZiAw/PjsPCT/E7X9kzijk5rcE4Zwg3j28w/KhFAu1 et+Xz1H7oIOhXbqgHw3S7+hF98ggWtQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-transfer-encoding:content-type:in-reply-to:from:references:cc:to: subject:mime-version:date:message-id:dkim-signature:dkim-signature:from; bh=r0loI04LgnX8PpCaiKfzl5QYVTrismR+0qDf8SDPWfg=; b=Of3vHntp+3W2jtpSORF5BornWiGyqAyeTRvTDgsHPFyYHubqkPJ5tkzHlpaUvxH+KKj3KIbmyqK5S Ho2oYed70nn8rvUWsXWGJEWnYmt13043YO3P4Al0m6Sfr80pLn616ipNJfIqjSCjZVmee/6F2GPAk2 xzdRnntkZvT4L3c+Dcez6CPIcXLut/eSxJdbZTRJXJ4X/gq5Z+2+KpkQqaum0wdTGlVsMWbeaq9zhS BYfqMdLUErnj8I2tLpkHn9t8jv3BAjpoJHGUqJSsXsgDcGw43vlZWj8NfAtGkXWTrLEUth5fC9zVzm V+LBEi36q/UsyoGCni/ZMZ222Y0VrJA==
ARC-Authentication-Results: i=1; outbound3.ore.mailhop.org; spf=softfail smtp.mailfrom=wdmsys.com smtp.remote-ip=168.235.72.19; dmarc=none header.from=wdmsys.com; arc=none header.oldest-pass=0;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wdmsys.com; s=duo-1675405977089-29a98ead; h=content-transfer-encoding:content-type:in-reply-to:from:references:cc:to: subject:mime-version:date:message-id:from; bh=r0loI04LgnX8PpCaiKfzl5QYVTrismR+0qDf8SDPWfg=; b=Sw7OjYO8Ydpu7S2kTCWKKBmIGywXS5JhSDMaCzPS9YtM0lk62crRcF0ziSQiqgWb1YzOEQlSLfpBS nTYA5zNER2NnZWwYWNWcxhsa6OSjD+HtKfvw/1DiBHCUgJMr9HJsDmJDf6HFTjM7ieZOxcXiZsR6Pn JIx6ZdJL550j59pI=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-transfer-encoding:content-type:in-reply-to:from:references:cc:to: subject:mime-version:date:message-id:from; bh=r0loI04LgnX8PpCaiKfzl5QYVTrismR+0qDf8SDPWfg=; b=nTMFppOZlEQJqQ56vhGcTapKmRrfTCRG0ZcS1FaiOrRWhV15HE/87twXpdw7NqMLeh6N1w9QlL+m6 aElhXdVgImL17b2rKIG6Vl3dWRIwCI6h5i0EqndmG5Iybs73A5njDtu0T8OEu7nv+bQNsvUyv5ygdf t8kXXmb3ubgCwqGRCMc9xRHbN19/m8jBocvdnAuiVjA/0ce3hlOLxdD3Gg/BUSGWrOCdPhpbc4tFO9 eglc4DUluMU4U/l1JzsNKnDanYvgfvf7YIF7eTYVChkB5vzBN1WjJT7XwaWmIblPVtCzK3UbcOn1ev yHi20Z30ivUF11Y1PWpjxijuLN0qMQg==
X-Originating-IP: 168.235.72.19
X-MHO-RoutePath: d2FsZGVtYXI=
X-MHO-User: 725a549b-8089-11ee-8626-d1581f149e9f
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from cmail.wdmsys.com (168-235-72-19.cloud.ramnode.com [168.235.72.19]) by outbound3.ore.mailhop.org (Halon) with ESMTPSA id 725a549b-8089-11ee-8626-d1581f149e9f; Sat, 11 Nov 2023 11:57:14 +0000 (UTC)
Received: from 217.96.228.89.ipv4.supernova.orange.pl ([217.96.228.89] helo=[192.168.1.13]) by cmail.wdmsys.com with esmtpsa (TLS1.3) tls TLS_AES_128_GCM_SHA256 (Exim 4.95) (envelope-from <waldemar@wdmsys.com>) id 1r1mbu-000eX5-UD; Sat, 11 Nov 2023 11:57:11 +0000
Message-ID: <e61d1472-03c4-c537-c81d-903264c976a4@wdmsys.com>
Date: Sat, 11 Nov 2023 03:57:08 -0800
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1
Content-Language: en-US
To: Martin Huněk <martin.hunek@tul.cz>
Cc: v6ops@ietf.org
References: <90f07ffa-1f44-8fa6-a6eb-b35c14fcf655@wdmsys.com> <33892F6F-A2AF-4BAA-BB33-1ED99F9FD674@isc.org> <442536ba-f736-5106-615c-7fcc0b8dc2a1@wdmsys.com> <1964267.2dr1X8vxzf@asclepius.adm.tul.cz> <9f1eede1-ab65-0b52-4cda-58d305544b4c@wdmsys.com> <07bb6f08-188a-4ecb-8327-7db4221845c6@tul.cz>
From: waldemar <waldemar@wdmsys.com>
In-Reply-To: <07bb6f08-188a-4ecb-8327-7db4221845c6@tul.cz>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/OBa9CPl8DUucL8ei6RlRHCR022g>
Subject: Re: [v6ops] IPREF as a transitioning tool
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Nov 2023 11:57:23 -0000

On 11/10/23 16:48, Martin Huněk wrote:
> On 10. 11. 23 19:06, waldemar wrote:
>>
>> On 11/10/23 07:31, Martin Huněk wrote:
>>> Hi,
>>>
>>> If it is required in every network in the whole Internet, then it is 
>>> a blocker, isn't it?
>> No, not really, We're requiring every network to transition and it is 
>> not a blocker.
> We are not requiring them to do anything. Operators are forced to do 
> that by their own reasons (shortage of IPv4 space, local regulations, 
> customer requests). They do have a motivation. What would be the 
> motivation for the IPREF? I see none.
Maybe I don't understand the question. As far as  I know we do ask the 
customers of the Internet to do something to their networks, such as 
upgrade to IPv6. A gateway would be part of it. I guess, I just don't 
see what the problem is. I don't think there is one.
>>>
>>> Especially if it has to be in CPE, as many don't have any software 
>>> support, and changes in HW take years to do.
>>>
>>> Dne pátek 10. listopadu 2023 9:30:12 CET, waldemar napsal(a):
>>>> On 11/9/23 22:12, Mark Andrews wrote:
>>>>> There is nothing new in this proposal other than adding an 
>>>>> unnecessary new DNS record.
>>>>>
>>>>> Many moons ago the IETF/IRTF was presented with a DNS server that 
>>>>> talked to a NAT64 to
>>>>> establish A to AAAA mappings on demand to allow IPv4 machines to 
>>>>> connect to IPv6 machines.
>>>>> See section 3.2 of your proposal.  It worked but clearly had 
>>>>> scaling limitations as it needed
>>>>> a large IPv4 block to service a small IPv4 client base. Putting 
>>>>> one in every home CPE router
>>>>> would probably work but is it really necessary when 99.99% of 
>>>>> clients already support dual
>>>>> stack.
>>>> ...scaling issues.  Yes, exactly. IPREF does not have scaling issues.
>>> If you put it in the CPE, you had to have the dual-stack all the way 
>>> from the Internet to the CPE. Then you have got a dual-stack 
>>> network. You are depending on both protocols until everyone 
>>> transitions. If you do that, why should latecomers transition at 
>>> all? Also, if everyone had to have dual-stack anyway, why use IPREF 
>>> at all? Be aware that having GW on CPE means NAT/CGNAT on the 
>>> operator's edge as it is now - if you do not have enough IPv4 public 
>>> addresses to NAT on the GW. That can also be an issue.
>> There is no dual stacks with IPREF. It works differently than 
>> traditional tools. I guess, we really have to build it, then it would 
>> be easier to show it. I have a working model but model is not as 
>> convincing as a bona fide gateway (which could be a software upgrade 
>> on existing routers).  For now, maybe a detailed walkthrough would 
>> help. I'm guessing you already read it in the draft?? In that case, 
>> let's leave it at that with me saying dual stacks are not required.
>>>
>>>>> We already have the ability for IPv6 to connect to IPv6 to IPv4 
>>>>> using NAT64.  This can be run
>>>>> with initiating traffic coming from both directions at the same 
>>>>> time.  IPv6 on the public side
>>>>> to IPv4 on the private side with static mapping and AAAA records 
>>>>> in the DNS as well as the more
>>>>> common use of dynamic mappings when running IPv6 only on the 
>>>>> private side.  This has been done
>>>>> for many years now.
>>>> ...thereby reinforcing IPv4. You will never do away with IPv4 Internet
>>>> this way.
>>>>
>>>> For as long as IPv4 Internet exists, the transition to IPv6 will never
>>>> be completed.  Are you concerned at all that this may happen? Has 
>>>> there
>>>> ever been a doubt in your mind that IPv4 might survive?  Is the fight
>>>> over transition tools worth risking IPv6? IPREF transitions only to 
>>>> pure
>>>> IPv6, it uses only pure IPv6 Internet. It removes IPv4 addresses.
>>> IPREF doesn't do that either - you need the dual-stack connectivity 
>>> for the GW. BTW, if you use SIIT-DC, you don't have to have IPv4 
>>> inside your content-providing network. If you use NAT64, you also do 
>>> not have IPv4 in your network. In both cases, traffic going through 
>>> the translator is only the one for that it is needed, not all the 
>>> traffic.
>> I guess, this is related to the comment above. Dual stacks are not 
>> needed. If you haven't read the draft, or read it quickly, there is a 
>> detailed walkthrough describing how packets travel over the different 
>> address spaces. At no point there is a need for dual stacks (gateways 
>> have them of course, but that's not what we're talking about here).
>
> I'm talking about the WAN side of the IPREF GW! If you want to put it 
> inside of the CPE, you absolutely need the dual-stack all the way 
> between the Internet and the CPE/GW. Surprise, this means the whole 
> ISP infrastructure had to be dual-stack. Now, as an ISP, if I have a 
> dual-stack all the way to the CPE, why do I need IPREF then? I don't. 
> I do provide dual-stack connectivity already, so I do not care if the 
> customer is running legacy IPv4-only devices or did not configure IPv6 
> for some reason. Long story short, it is useless inside the CPE.
>
> I have read the draft. Look at your figure in the section 4. What is 
> the Network A? What is the Internet in it? If Network A is a home 
> network, GWA is CPE, then the Internet includes the provider's 
> network. Try to draw the same figure for yourself for the case where 
> there are three networks (two dual-stack on WAN, one IPv4-only WAN - 
> the IPv6 latecomer). Now, as long as there is an IPv6 latecomer 
> connected, you cannot disable IPv4 on the WAN interface of the GWs. So 
> you are not removing dual-stack; you are preserving together with the 
> IPv4 Internet. It doesn't work; it cannot be placed into the CPE, and 
> it makes no sense to do that. Draw it on the paper. You will see. If 
> you don't see it, draw there also ISP devices between Network A and 
> the Internet. Then, it must be apparent.
Yes, the gateway would connect to both IPv4 and IPv6 Internet on the WAN 
side. But the IPv4 Internet would be dropped if the interesting parties 
all have IPv6 Internet as well.  In the three site scenario, assuming 
all three participate in some application, then all three would need to 
connect to IPv6 Interent before we could take down IPv4 Internet. That's 
correct, but no site would ever employ dual stacks inside their network. 
That alone is a gain, and indeed that is the way to do away with 
existing internal dual stacks. We need to remove them before taking down 
IPv4 Internet, don't we? Notice, for the procrastinators, we only ask 
them to install the gateway (upgrade software on their edge routers) and 
get an IPv6 Internet address. This is a very low threshold. A bit of 
IPREF popularity elsewhere would make it a negligible effort for them. 
They can keep their networks for what we care so long as they go over 
IPv6 Internet. [and just a reminder they do not need global IPv4 
addresses, or IPv4 Internet for their IPv4 networks]
>
> Regards,
> Martin

v2.23.0 | Report a Bug | By Email