[v6ops] Re: The V6OPS WG has placed draft-link-v6ops-claton in state "Call For Adoption By WG Issued"
Ed Horley <ed@hexabuild.io> Thu, 30 May 2024 17:50 UTC
Return-Path: <ed@hexabuild.io>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0C04C16940B for <v6ops@ietfa.amsl.com>; Thu, 30 May 2024 10:50:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.886
X-Spam-Level:
X-Spam-Status: No, score=-6.886 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hexabuild-io.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L1xwOHTfTR20 for <v6ops@ietfa.amsl.com>; Thu, 30 May 2024 10:50:11 -0700 (PDT)
Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0FE9C15154F for <v6ops@ietf.org>; Thu, 30 May 2024 10:50:11 -0700 (PDT)
Received: by mail-lf1-x129.google.com with SMTP id 2adb3069b0e04-52b7c82e39eso1322979e87.1 for <v6ops@ietf.org>; Thu, 30 May 2024 10:50:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hexabuild-io.20230601.gappssmtp.com; s=20230601; t=1717091409; x=1717696209; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=3ojGchqAOwvCoYhvh6VBSMfRrcJm3YFzemLheGhXYWY=; b=QWKKyv7l6Tyd6HcwuDusG/xhbZQDulUZxiofdvuiNwYpi228UC163tAfazm5irVpZB FU7OnthSI1P4wCz3WfSxC/ASuiYy+gwprkVfayjdkl/H/LxAhmCO5Jeu8pzSB/2LqmWr b2nhjMtG6VCTAVx+O7r6Hv6Cx95bqqYzPDLEoymqZ7ZQ7cKtvaScF6JEhsTt+68jWWvN fKOZTldkKKckb0kLvP6KoN6zYInxge1Pg8RFXQpJ5bNaoOfKXB6hoVcIcvevsgv2uSlI NquYiBSWFiDBgWSAWQuBJ6L2jujzubFwVDF/0gliUFIomCaWOvpZrEx6hyi0F5U5A/oH 04kQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717091409; x=1717696209; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3ojGchqAOwvCoYhvh6VBSMfRrcJm3YFzemLheGhXYWY=; b=chFHlUYs6QbSg8MO9gJV3yRj7nzH07aGDXOgGavt4x/ea3V3PXs/k4EBrcr1tjlTVg Lp45oIpqKDv0GQDiS+Out1GPLgmNTMFTqfpLa8oRTnkT1jwT80qRDg22XYjEBSI3bBr4 rd81aoBi6iB5nvNeSTm6ZjBWP0rdMmxteH7gkP6HwjwnARLCanoN79Xv8oIeBGdPRq5q DZkBe3gG/8b1QTUY+FU3RiNMmXnV+TCqhmeEruHROKmHtWLgF5i2civTJ1fCKlD1uBcF 0wXDstj5mPbOZUQAHqogG2ozO44a2pXD+T2zq/XWlOWlP+PKR2hXP//1JIUAzIacFyDl DMzA==
X-Forwarded-Encrypted: i=1; AJvYcCVCkEgFA1zCccj+/xEhFQVvzVUbH8GQgCgsP1SfIZD7sdTKZfziTS5+kYOA9+OTNhIZchH1+VfVkPo9ad5BxA==
X-Gm-Message-State: AOJu0YxJFqhV4zUUrsE7UipK5yM/f90jsqj4MFV154PODnyEex49fL9t b9BN3CtTR+YtOwKdwsyLYJeUeIuncSt6H6diEzLeRNf40/2nkjCZZqVTaKyJPfkW4Vo8v4L5XGx ySoALFsh/flaL7KLgMkFPsRjRvW+Wj7uD3O9Wwg==
X-Google-Smtp-Source: AGHT+IHqGtGbEgSbLe2gcrjk1OUbpqNd5fP/FvNFFL4eG2sE7OWn+lCsYMor1MsvryDy3UncoHZUQoGQDa5MqqYxPcM=
X-Received: by 2002:a19:e00a:0:b0:52b:863a:59b4 with SMTP id 2adb3069b0e04-52b863a5b05mr57710e87.41.1717091408738; Thu, 30 May 2024 10:50:08 -0700 (PDT)
MIME-Version: 1.0
References: <171690957965.11067.11831597982527870211@ietfa.amsl.com> <BL1PR18MB42777EB42DB48CE0CD596C5AACF12@BL1PR18MB4277.namprd18.prod.outlook.com> <CAE=N4xcn-pYn4N9PnGpD-WNkHOYa7-1Lc-0oWuqAiOmE1pNROw@mail.gmail.com> <BL1PR18MB4277A0CB3EC15A7511432DFEACF32@BL1PR18MB4277.namprd18.prod.outlook.com>
In-Reply-To: <BL1PR18MB4277A0CB3EC15A7511432DFEACF32@BL1PR18MB4277.namprd18.prod.outlook.com>
From: Ed Horley <ed@hexabuild.io>
Date: Thu, 30 May 2024 10:49:57 -0700
Message-ID: <CAE=N4xdywQCAbD=ZMB-5FvLg-ABqH1SFy6A9=w66q7W=LvxTdg@mail.gmail.com>
To: Jeremy Duncan <jduncan@tachyondynamics.com>
Content-Type: multipart/alternative; boundary="0000000000007717cc0619af7f2f"
Message-ID-Hash: DV76QWFFRW2LN52HYIGDL3VBSDSEXPBF
X-Message-ID-Hash: DV76QWFFRW2LN52HYIGDL3VBSDSEXPBF
X-MailFrom: ed@hexabuild.io
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-v6ops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF Secretariat <ietf-secretariat-reply@ietf.org>, "draft-link-v6ops-claton@ietf.org" <draft-link-v6ops-claton@ietf.org>, "v6ops-chairs@ietf.org" <v6ops-chairs@ietf.org>, "v6ops@ietf.org" <v6ops@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [v6ops] Re: The V6OPS WG has placed draft-link-v6ops-claton in state "Call For Adoption By WG Issued"
List-Id: v6ops discussion list <v6ops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/PSsY9QiCgk_TwzUs4d82joliyvs>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Owner: <mailto:v6ops-owner@ietf.org>
List-Post: <mailto:v6ops@ietf.org>
List-Subscribe: <mailto:v6ops-join@ietf.org>
List-Unsubscribe: <mailto:v6ops-leave@ietf.org>
Jeremy, That seems a reasonable approach - I haven't thought through all the potential situations so perhaps change the MUST NOT to a SHOULD NOT for the APIPA/link-local IPv4 comments? But I leave that up to far smarter people than myself. I don't know if there are use cases that leverage APIPA is a way that might cause issues, but likely those would be nonstandard use cases and something the IETF doesn't necessarily have to address with this draft. Just thinking out loud on this one. - Ed On Thu, May 30, 2024 at 9:32 AM Jeremy Duncan <jduncan@tachyondynamics.com> wrote: > Ed- > > > > I 100% agree with this statement. How about more specific working as > stated below? > > > > "For performance and security reasons CLAT SHOULD NOT be enabled if the > node has IPv4 connectivity over the given interface." > > To > > "For performance and security reasons CLAT MUST NOT be enabled if the > node has routable IPv4 connectivity over the given interface. If the > interface has an APIPA/link-local IPv4 address, then this MUST NOT be > considered routable IPv4 connectivity." > > And > > "From a performance perspective, native IPv4 connectivity is > preferrable over 464XLAT, so CLAT SHOULD NOT be enabled if the node has > IPv4 connectivity over the given interface." > > To > > "From a performance perspective, native IPv4 connectivity is preferrable > over 464XLAT, so CLAT MUST NOT be enabled if the node has routable IPv4 > connectivity over the given interface. If the interface has an > APIPA/link-local IPv4 address, then this MUST NOT be considered routable > IPv4 connectivity." > > > > > > -Jeremy > > > > > > *From:* Ed Horley <ed@hexabuild.io> > *Sent:* Thursday, May 30, 2024 11:09 AM > *To:* Jeremy Duncan <jduncan@tachyondynamics.com> > *Cc:* IETF Secretariat <ietf-secretariat-reply@ietf.org>; > draft-link-v6ops-claton@ietf.org; v6ops-chairs@ietf.org; v6ops@ietf.org > *Subject:* Re: [v6ops] Re: The V6OPS WG has placed > draft-link-v6ops-claton in state "Call For Adoption By WG Issued" > > > > CAUTION: This email originated from outside the organization. Do not click > links or open attachments unless you validate the sender and know the > content is safe. Please forward this email to > suspicious@tachyondynamics.com if you believe this email is suspicious. > > Jeremy, > > While I am okay with changing these to a MUST, I do wonder about the > situation with APIPA addresses and if that might potentially impact a given > node that might have self provisioned an IPv4 address to a given interface. > Is an APIPA address considered valid IPv4 connectivity (perhaps the node is > doing mDNS and has discovered a resource it needs?) There might need to be > an exception to account for this? > > - Ed > > > > On Tue, May 28, 2024 at 8:39 AM Jeremy Duncan <jduncan= > 40tachyondynamics.com@dmarc.ietf.org> wrote: > > I support adoption and request making these changes: > > "For performance and security reasons CLAT SHOULD NOT be enabled if > the node has IPv4 connectivity over the given interface." > > To > > "For performance and security reasons CLAT MUST NOT be enabled if > the node has IPv4 connectivity over the given interface." > > And > > "From a performance perspective, native IPv4 connectivity is > preferrable over 464XLAT, so CLAT SHOULD NOT be enabled if the node > has IPv4 connectivity over the given interface." > > To > > "From a performance perspective, native IPv4 connectivity is > preferrable over 464XLAT, so CLAT MUST NOT be enabled if the node > has IPv4 connectivity over the given interface." > > > The discussion points and arguments made for security and performance > reasons are laid out well as I think could make the case that this be a > MUST NOT instead of a SHOULD NOT. > > > -Jeremy > > > -----Original Message----- > From: IETF Secretariat <ietf-secretariat-reply@ietf.org> > Sent: Tuesday, May 28, 2024 11:20 AM > To: draft-link-v6ops-claton@ietf.org; v6ops-chairs@ietf.org; > v6ops@ietf.org > Subject: [v6ops] The V6OPS WG has placed draft-link-v6ops-claton in state > "Call For Adoption By WG Issued" > > CAUTION: This email originated from outside the organization. Do not click > links or open attachments unless you validate the sender and know the > content is safe. Please forward this email to > suspicious@tachyondynamics.com if you believe this email is suspicious. > > The V6OPS WG has placed draft-link-v6ops-claton in state Call For Adoption > By WG Issued (entered by Nick Buraglio) > > The document is available at > https://datatracker.ietf.org/doc/draft-link-v6ops-claton/ > > Comment: > This email starts an adoption call for the following document: > > Title : 464 Customer-side Translator (CLAT): Node Recommendations Authors > : J. Linkova, T. Jensen Pages : 14 Date : 28-May-2024 > > https://datatracker.ietf.org/doc/draft-link-v6ops-claton/ > > This draft details how CLAT shall operate on endpoints. > > _______________________________________________ > v6ops mailing list -- v6ops@ietf.org > To unsubscribe send an email to v6ops-leave@ietf.org > _______________________________________________ > v6ops mailing list -- v6ops@ietf.org > To unsubscribe send an email to v6ops-leave@ietf.org > > > > > -- > > Ed Horley > > ed@hexabuild.io | (925) 876-6604 > > Advancing Cloud, IoT, and Security with IPv6 > > https://hexabuild.io > > And check out the IPv6 Buzz Podcast at > https://packetpushers.net/series/ipv6-buzz/ > -- Ed Horley ed@hexabuild.io | (925) 876-6604 Advancing Cloud, IoT, and Security with IPv6 https://hexabuild.io And check out the IPv6 Buzz Podcast at https://packetpushers.net/series/ipv6-buzz/
- [v6ops] The V6OPS WG has placed draft-link-v6ops-… IETF Secretariat
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Jeremy Duncan
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Ed Horley
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Jeremy Duncan
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Ed Horley
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Xipengxiao
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Jen Linkova
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Jeremy Duncan
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Gert Doering
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Xipengxiao
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Jen Linkova
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… jordi.palet@consulintel.es
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Nick Buraglio
- [v6ops] Re: The V6OPS WG has placed draft-link-v6… Xipengxiao