Re: [v6ops] Apple and IPv6, a few clarifications
Tore Anderson <tore@fud.no> Sat, 20 June 2015 09:21 UTC
Return-Path: <tore@fud.no>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E2641A007E for <v6ops@ietfa.amsl.com>; Sat, 20 Jun 2015 02:21:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.79
X-Spam-Level:
X-Spam-Status: No, score=0.79 tagged_above=-999 required=5 tests=[BAYES_50=0.8, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wSMHcBq3OVBA for <v6ops@ietfa.amsl.com>; Sat, 20 Jun 2015 02:21:37 -0700 (PDT)
Received: from greed.fud.no (greed.fud.no [IPv6:2a02:c0:1001:100::145]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6268E1A008B for <v6ops@ietf.org>; Sat, 20 Jun 2015 02:21:37 -0700 (PDT)
Received: from [2a02:fe0:c412:1fe0::1] (port=41190 helo=envy.fud.no) by greed.fud.no with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.82) (envelope-from <tore@fud.no>) id 1Z6Exu-0001X8-TF; Sat, 20 Jun 2015 11:21:30 +0200
Date: Sat, 20 Jun 2015 11:21:30 +0200
From: Tore Anderson <tore@fud.no>
To: David Schinazi <dschinazi@apple.com>
Message-ID: <20150620112130.42377dd1@envy.fud.no>
In-Reply-To: <E1C235B5-1421-4DAF-A2F3-F963982233DF@apple.com>
References: <E1C235B5-1421-4DAF-A2F3-F963982233DF@apple.com>
X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.28; x86_64-redhat-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/RWCG5uhftgWyDisLVZR6dXwsHEs>
Cc: v6ops@ietf.org, Vividh Siddha <vsiddha@apple.com>
Subject: Re: [v6ops] Apple and IPv6, a few clarifications
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Jun 2015 09:21:39 -0000
Hello David, First of all, let me say that the news from WWDC is very exciting, and I hope your strategy proves successful. With some luck, your approach of forcing app developers to write IPv6-capable code will also indirectly benefit the other platforms too. I have some follow-up questions though, see in-line: * David Schinazi > *) Personal hotspot on iOS > If your iPhone has dual-stack connectivity on its cellular network, > the hotspot it creates will be dual-stack as well. The phone will > share its prefix with Wi-Fi clients. And if the cellular network is IPv6-only? Does the tethered WLAN become IPv6-only too? If so, I can imagine that this would cause IPv4 compatibility issues for older Apple devices without the new Bump-in-the-API stuff, as well as for non-Apple devices attaching to the tethered WLAN. Hopefully this is not something that will put network operators off from provisioning IPv6(-only) connectivity to the Apple devices on their network... > *) Internet Sharing on the Mac - NAT64 testing mode > The NAT64 test mode was designed to help developers ensure that their > app can still function with IPv6-only NAT64+DNS64 connectivity and > communicate with their IPv4 server, even if the developer does not > have access to the IPv6 internet. That NAT64 network does not have > IPv6 connectivity to the global IPv6 internet. As such, the current > version advertises addresses from 2001::/64 instead of ULAs to > simulate real IPv6 connectivity, as all IPv6 packets are terminated > at the NAT64 server on the Mac. This implementation detail could > change in the future. One thing that is not clear to me, is if what happens if the app developer's server is dual-stacked. For example, if the DNS entries are as follows: www.example.com. IN A 192.0.2.1 www.example.com. IN AAAA 2001:db8::1 ...what exactly happens when the iOS node on the NAT64 testing WLAN attempts to access it? Obviously, as there is no connectivity to 2001:db8::1, native IPv6 towards the "IN AAAA" record cannot work. Does the DNS64 in the OS X host consider "::/0" as part of the Special Exclusion Set (cf. RFC6146 s5.1.4), causing it to ignore the upstream AAAA record and perform DNS64 synthesis instead, e.g., returning this to the tethered host: www.example.com. IN A 192.0.2.1 www.example.com. IN AAAA 2001::192.0.2.1 Or will it simply return the upstream DNS records verbatim (i.e., not performing any DNS64 synthesis), and rely on the Happy Eyeballs implementation in the iOS node to quickly figure out that the 2001:db8::1 address is unreachable and fail over to 192.0.2.1 (at which point the Bump-in-the-API can kick in and perform local translation to 2001::192.0.2.1)? Or perhaps something else entirely? > *) Making IPv4 literals work on NAT64 networks when using high-level > APIs Starting with this year's versions, if you use NSURLSession to > connect to an IPv4 literal on an IPv6-only NAT64-DNS64 network, the > API will bump in a IPv6 literal synthesized using RFC 7050. Note that > this will not happen when using sockets directly. We do not support > under-the-sockets bump-in-API (RFC 3338) and we do not support > 464XLAT. Does this mean that if the app is using socket directly, but in a correct and IPv6-supporting way, to either: 1) communicate with dual-stacked hostnames (assuming ::/0 is not in the DNS64's Special Exclusion Set as per what I wrote earlier), or 2) directly to an IPv6 literal address (think for example peer-to-peer applications/protocols that do not use DNS to begin with), ..will then any tests for correct IPv6-only app behaviour the developer performs on the NAT64 network fail, even though the app is doing everything right? A related question: Will the test system that validates App Store submissions for correct IPv6-only behaviour have full access to the entire IPv6 Internet, ensuring that apps such as the above will be approved, even though they might not work correctly behind an OS X NAT64-only test network? > *) Happy Eyeballs > We've heard feedback on our Happy Eyeballs implementation and are > investigating this topic. Great! Let me add my voice to this: Please ensure that IPv6 is consistently preferred over IPv4, if both protocols work equally well/fast (or roughly so). Only fall back on IPv4 it is clear that IPv6 is performing *significantly* worse than IPv4, or not at all. See RFC6555 s4.1. Tore
- [v6ops] Apple and IPv6, a few clarifications David Schinazi
- Re: [v6ops] Apple and IPv6, a few clarifications Ca By
- Re: [v6ops] Apple and IPv6, a few clarifications Ross Chandler
- Re: [v6ops] Apple and IPv6, a few clarifications Tore Anderson
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Jeremy Visser
- Re: [v6ops] Apple and IPv6, a few clarifications … Gert Doering
- Re: [v6ops] Apple and IPv6, a few clarifications … Hemant Singh (shemant)
- Re: [v6ops] Apple and IPv6, a few clarifications … Mikael Abrahamsson
- Re: [v6ops] Apple and IPv6, a few clarifications … Ross Chandler
- Re: [v6ops] Apple and IPv6, a few clarifications … Hemant Singh (shemant)
- Re: [v6ops] Apple and IPv6, a few clarifications … Ross Chandler
- [v6ops] Happy eyeballs suggestions, was: Re: Appl… Iljitsch van Beijnum
- Re: [v6ops] Apple and IPv6, a few clarifications … Hemant Singh (shemant)
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Owen DeLong
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Erik Nygren
- Re: [v6ops] Apple and IPv6, a few clarifications … Owen DeLong
- Re: [v6ops] Apple and IPv6, a few clarifications … Owen DeLong
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Owen DeLong
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Iljitsch van Beijnum
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Iljitsch van Beijnum
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … james woodyatt
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Iljitsch van Beijnum
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Owen DeLong
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Paul Saab
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … james woodyatt
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Ca By
- Re: [v6ops] Apple and IPv6, a few clarifications … Mark Andrews
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … james woodyatt
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Iljitsch van Beijnum
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Owen DeLong
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Mark Andrews
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Iljitsch van Beijnum
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Iljitsch van Beijnum
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Owen DeLong
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Iljitsch van Beijnum
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Howard, Lee
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Mark Andrews
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Owen DeLong
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Mark Andrews
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications David Schinazi
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … 🔓Dan Wing
- Re: [v6ops] Apple and IPv6, a few clarifications Heatley, Nick
- Re: [v6ops] Apple and IPv6, a few clarifications 🔓Dan Wing
- Re: [v6ops] Apple and IPv6, a few clarifications … Erik Kline
- Re: [v6ops] Apple and IPv6, a few clarifications … Mikael Abrahamsson
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Mikael Abrahamsson
- Re: [v6ops] Apple and IPv6, a few clarifications … Ca By
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Ross Chandler
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Lorenzo Colitti
- Re: [v6ops] Apple and IPv6, a few clarifications … Gert Doering
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Gert Doering
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … james woodyatt
- Re: [v6ops] Apple and IPv6, a few clarifications … james woodyatt
- Re: [v6ops] Apple and IPv6, a few clarifications … Mark Andrews
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Mikael Abrahamsson
- Re: [v6ops] Apple and IPv6, a few clarifications … Gert Doering
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Mikael Abrahamsson
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Nick Hilliard
- Re: [v6ops] Apple and IPv6, a few clarifications … Gert Doering
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Jouni Korhonen
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … james woodyatt
- Re: [v6ops] Apple and IPv6, a few clarifications … james woodyatt
- Re: [v6ops] Apple and IPv6, a few clarifications … Gert Doering
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Jared Mauch
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Gert Doering
- Re: [v6ops] Apple and IPv6, a few clarifications … Owen DeLong
- Re: [v6ops] Apple and IPv6, a few clarifications … Gert Doering
- Re: [v6ops] Apple and IPv6, a few clarifications … Owen DeLong
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Jared Mauch
- Re: [v6ops] Apple and IPv6, a few clarifications … Mark ZZZ Smith
- Re: [v6ops] Apple and IPv6, a few clarifications … Philip Homburg
- Re: [v6ops] Apple and IPv6, a few clarifications … Owen DeLong
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Owen DeLong
- Re: [v6ops] Apple and IPv6, a few clarifications David Schinazi
- Re: [v6ops] Apple and IPv6, a few clarifications Ross Chandler
- Re: [v6ops] Apple and IPv6, a few clarifications Erik Kline
- Re: [v6ops] Apple and IPv6, a few clarifications … holger.metschulat
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Vízdal Aleš
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications … Vízdal Aleš
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu
- Re: [v6ops] Apple and IPv6, a few clarifications Ross Chandler
- Re: [v6ops] Apple and IPv6, a few clarifications Heatley, Nick
- Re: [v6ops] Happy eyeballs suggestions, was: Re: … Iljitsch van Beijnum
- Re: [v6ops] Apple and IPv6, a few clarifications … Alexandru Petrescu