Re: [v6ops] Apple and IPv6, a few clarifications - 64share

Owen DeLong <owen@delong.com> Mon, 22 June 2015 17:01 UTC

Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 853DD1B304F for <v6ops@ietfa.amsl.com>; Mon, 22 Jun 2015 10:01:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.589
X-Spam-Level: *
X-Spam-Status: No, score=1.589 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_ADSP_ALL=0.8, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y_WYOrNC6WGQ for <v6ops@ietfa.amsl.com>; Mon, 22 Jun 2015 10:01:26 -0700 (PDT)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id 19AEF1B29D4 for <v6ops@ietf.org>; Mon, 22 Jun 2015 10:01:26 -0700 (PDT)
Received: from [IPv6:2620::930:0:ae87:a3ff:fe29:7192] ([IPv6:2620:0:930:0:ae87:a3ff:fe29:7192]) (authenticated bits=0) by owen.delong.com (8.14.4/8.14.2) with ESMTP id t5MH1Nb3000991 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 22 Jun 2015 10:01:24 -0700
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
From: Owen DeLong <owen@delong.com>
In-Reply-To: <5587EFDD.6030807@gmail.com>
Date: Mon, 22 Jun 2015 10:01:23 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <7075A962-5B82-4922-B037-AF71D2591C5F@delong.com>
References: <E1C235B5-1421-4DAF-A2F3-F963982233DF@apple.com> <5587EFDD.6030807@gmail.com>
To: Alexandru Petrescu <alexandru.petrescu@gmail.com>
X-Mailer: Apple Mail (2.2098)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.3 (owen.delong.com [IPv6:2620:0:930::200:2]); Mon, 22 Jun 2015 10:01:24 -0700 (PDT)
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/PHFLQcRTARqmagSNQ6_OLL_gsFQ>
Cc: v6ops@ietf.org
Subject: Re: [v6ops] Apple and IPv6, a few clarifications - 64share
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jun 2015 17:01:27 -0000

> On Jun 22, 2015, at 04:22 , Alexandru Petrescu <alexandru.petrescu@gmail.com> wrote:
> 
> Hi,
> 
> Thanks for the report.  I have a few comments.
> 
> Le 19/06/2015 23:46, David Schinazi a écrit :
> [...]
>> *) Personal hotspot on iOS If your iPhone has dual-stack connectivity
>> on its cellular network, the hotspot it creates will be dual-stack as
>> well. The phone will share its prefix with Wi-Fi clients.
> 
> The way of sharing a prefix with the Wi-Fi Clients is supposedly the one
> documented in RFC7278 "Extending an IPv6 /64 Prefix from a Third
> Generation Partnership Project (3GPP) Mobile Interface to a LAN Link"
> https://tools.ietf.org/html/rfc7278
> 
> That is straightforward to implement yet it does have some drawbacks.
> 
> The most important drawback of 64share IMHO is that the smartphone can not make two hotspots simultaneouly: one on WiFi and one on Bluetooth. Or otherwise one on WiFi5GHz and one on WiFi2.4GHz.  Or several subnets in a car connected with an Apple phone to the Internet.  Because it is impossible to share a unique /64 prefix to more than just one subnet.

Not entirely true. True, you cannot have multiple subnets. This is true in any situation where the device in question receives only one /64 (unless you make absurd small subnets).

However, in the case of hotspot on 5, 2.4, and BT, as long as the phone can bridge them all together as a single subnet, that’s perfectly viable. If the phone wants to treat them as routed interfaces, then it breaks.

> 
> It is better to tell the operator to provide a /63 to smartphones (not a
> /64), with DHCPv6 Prefix Delegation.  That will fix it.

No… If you’re going to go to PD, a /63 is stupid. Ideally, use a /48, but at least provide enough subnets to cover BT, USB, 2.4, and 5Ghz plus some headroom for future applications.

>> *) Internet Sharing on the Mac Today, regular internet sharing (from
>> your ethernet to Wi-Fi for example) does not support IPv6 because of
>> the limited use cases, and the lack of demand for it.
> 
> If you get done the above then you get Internet Sharing on the Mac Today
> as well, for free.

Since iOS and OSX  are separate code bases, I’m not sure why you think that.

>> *) Internet Sharing on the Mac - NAT64 testing mode The NAT64 test
>> mode was designed to help developers ensure that their app can still
>> function with IPv6-only NAT64+DNS64 connectivity and communicate with
>> their IPv4 server, even if the developer does not have access to the
>> IPv6 internet. That NAT64 network does not have IPv6 connectivity to
>> the global IPv6 internet. As such, the current version advertises
>> addresses from 2001::/64 instead of ULAs to simulate real IPv6
>> connectivity, as all IPv6 packets are terminated at the NAT64 server
>> on the Mac. This implementation detail could change in the future.
> 
> Makes sense.
> 

Not really… This address is currently in the IANA free pool. It could be
assigned to an RIR and then put on a real network at any point in the
future.

It would be much better to use a /64 Apple can set aside from their own space
or some other block of addresses registered for this purpose… Heck, worst
case, Apple could sign up for a free tunnel from HE and burn the /64
assigned to that tunnel.

Ideally, the prefix should be user configurable as well.

> Alex
> 
>> *) Making IPv4 literals work on NAT64 networks when using high-level
>> APIs Starting with this year's versions, if you use NSURLSession to
>> connect to an IPv4 literal on an IPv6-only NAT64-DNS64 network, the
>> API will bump in a IPv6 literal synthesized using RFC 7050. Note
>> that this will not happen when using sockets directly. We do not
>> support under-the-sockets bump-in-API (RFC 3338) and we do not
>> support 464XLAT.

They really should support 464XLAT at this point IMHO, though some of
what they are doing may obviate or lessen the need. It will be interesting
to see if this is sufficient for T-Mo to finally turn on IPv6 for my phone.

Ideally, T-Mo should pull their head out of their ass about dual-stack and
Apple should pull their head out of their ass about 464XLAT, but either
one would meet my immediate needs. Unfortunately, they’re both sitting
there playing internet chicken waiting for the other one to blink.

Given the number of other cellular networks that are following the same
path as T-Mo, I think mass is on their side, but Apple may be too stubborn
to blink and a head-on may be inevitable.

Unfortunately, it’s the end-users that will be the victims in this crash, not
the drivers.

Owen