[v6ops] Re: 464XLAT-only networks
Lorenzo Colitti <lorenzo@google.com> Fri, 25 October 2024 22:59 UTC
Return-Path: <lorenzo@google.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A96AAC14F70D for <v6ops@ietfa.amsl.com>; Fri, 25 Oct 2024 15:59:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.608
X-Spam-Level:
X-Spam-Status: No, score=-17.608 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DQhaIK0o3eii for <v6ops@ietfa.amsl.com>; Fri, 25 Oct 2024 15:59:10 -0700 (PDT)
Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD44FC14F6E2 for <v6ops@ietf.org>; Fri, 25 Oct 2024 15:59:10 -0700 (PDT)
Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-71ec997ad06so1826649b3a.3 for <v6ops@ietf.org>; Fri, 25 Oct 2024 15:59:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1729897150; x=1730501950; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=gAMkwJiZVZ2ovycUjNqlWqSn212An17mDiH/1487W30=; b=upHCHLhQ1YRmQfZv4tdhJdbFHC7u5qUobYOiZUpadbW1y8iyvH4Y0EF3Jwi9X2cp+D BSMEIkHDPrb8UG7UkLTa/fcnAfr0iysO6O8+N8z+nPLVEmS/JiF1rDCHKbMjdbOs9FuF Xd9nkta7mgC8Lc8FveTQ+OMJO2MfWjwQtx0O8O/oaAK5xrw0JDVsA9GAFmT+i1rrZQvZ wfGpJvDIcqY1GQNvy/bcCJDnGoZocwS9bvzjfvmMief257ob3NmZnSClcjJ66Fsg77Cv 5yZoO0gTxJiYVx2cpPvvnfBAM+Lb3MpcECr2n73MVdC1EGCEV0Kfu1X94DS37Wnwyu1M +E7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729897150; x=1730501950; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gAMkwJiZVZ2ovycUjNqlWqSn212An17mDiH/1487W30=; b=Lhl0q7TEMgHyloqP/u5YcPVqdsdsl/Q96PsYuDV88C1c1E4irNwSPd2STrxcG8GzHF 4qA6UUtSTNzl0OvXf5ddRqaLDBN3xN6/Et5OOYONiZqyhq+syRaJ0j6KB3tTZI+ObTSo fzfvq+6JLdvim6riwouTfTtPrwylRHlvshpkL97+vEoLNa2N/JN9aHYhRPQAmxGX78hD jFOSXnbtbqdxx/wE8/c/5JPZALyaCMsia2W0uK+HnBv20jYWpoiwkR0Axg3hgPEz9dZa 3TGhnsGcst92GQt0LCJPJfe/OS5OZuwUi6+dURxwE/fz/rAHEIBN5zvyqmgSRa5ZwLgY Shfg==
X-Forwarded-Encrypted: i=1; AJvYcCW7l4bOJvxPFZJhnd7bpzxc62J68I01bnqOjhTvvHC3FYjPu2i1LgSua4ygCzaHNCYqS1q+aA==@ietf.org
X-Gm-Message-State: AOJu0Ywxg36joCNdy1/ontiaVyWKN3dE10c++r/H3tCIg4/ePXVlUbET j4yA45Hh7qj/Z/Si0/OzIOej8/TWir3TOaKhcGvxX+P3kJ053zusYGraUNUbGTTp4m4cp+5KAXc ofTOXlSWIgD6oB+pSbmKoTboa187V1r3teWPF1qjatv09XW/D5A==
X-Google-Smtp-Source: AGHT+IHfRxxW9DeWOmX6MMdOsqFQ0/dpyJpApqrUgpVQBtxV6pdwfPetk09eZKkvVUDm+z0qM/ycDEgsenNr1PNmA6Q=
X-Received: by 2002:a05:6a00:1303:b0:71e:7636:3323 with SMTP id d2e1a72fcca58-72062f81c4dmr1828412b3a.7.1729897149854; Fri, 25 Oct 2024 15:59:09 -0700 (PDT)
MIME-Version: 1.0
References: <CA+-cKyPQR8k=PnG+X+Sj1XXwHmioUQQej3Wmx7jzMGFc=NtXLA@mail.gmail.com> <ZxowSz2G_eY3Mkt5@Space.Net> <CA+-cKyMJwLd+EVMNCt7m=-7pt4Tfr5g5aFUxQa5m02c+VSB04w@mail.gmail.com> <Zxo6mVmCPnYEDVjo@Space.Net> <CA+-cKyPPgsKsAWARw-nKEH5NgQeV+NkWfyiDK_aXQu0Vmh7sgQ@mail.gmail.com> <541a14ae-dd64-4fc9-ae61-ffd068dd2d08@gmail.com> <CA+-cKyMev6AH42LQcvcH07qtQSn4Vqw-JhV+vrvq3pQbZnq1mA@mail.gmail.com> <CAN-Dau0qCsteaPi_pFvSHoSBnC4Si0hizuyvEWbNjfQydhvDOg@mail.gmail.com> <CACyFTPGbp-EwOuZBLsgppNVtNPMuyAbtbG9H4zS-+RjgE2xRaw@mail.gmail.com> <CA+-cKyOk9GPJGrHrO-fqUnAuo9G5DGYU3=tuUEt4E30icyuVrg@mail.gmail.com>
In-Reply-To: <CA+-cKyOk9GPJGrHrO-fqUnAuo9G5DGYU3=tuUEt4E30icyuVrg@mail.gmail.com>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Sat, 26 Oct 2024 07:58:52 +0900
Message-ID: <CAKD1Yr3b63v8YibDR-KzJ3mwxuP9eq+iR6nPo-pg42MTXbsWmw@mail.gmail.com>
To: "Soni L." <fakedme+ietf@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000001e140506255511bc"
Message-ID-Hash: XHB7MUML2N4BDRGJFWHODY3U6A25FM7G
X-Message-ID-Hash: XHB7MUML2N4BDRGJFWHODY3U6A25FM7G
X-MailFrom: lorenzo@google.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-v6ops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: David Farmer <farmer=40umn.edu@dmarc.ietf.org>, IPv6 Operations <v6ops@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [v6ops] Re: 464XLAT-only networks
List-Id: v6ops discussion list <v6ops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/SKmM1qVV-BdPVsv93DnG50Y0e5w>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Owner: <mailto:v6ops-owner@ietf.org>
List-Post: <mailto:v6ops@ietf.org>
List-Subscribe: <mailto:v6ops-join@ietf.org>
List-Unsubscribe: <mailto:v6ops-leave@ietf.org>
You can apply it anywhere there is native IPv6. That's pretty common these days. For example, native IPv6 Is available to about 45% of Google users and 90% of US mobile users, and many countries have IPv6 adoption rates well into the double digits. In most countries it's possible to find either a residential or mobile ISP that provides IPv6. On Fri, 25 Oct 2024, 23:24 Soni L., <fakedme+ietf@gmail.com> wrote: > Okay. You can learn IPv6, yes. > > ... And apply it where? Unlike IPv6, 464XLAT-only can be easily applied on > existing IPv4 networks. > > On Fri, Oct 25, 2024, 11:00 Daryll Swer <contact@daryllswer.com> wrote: > >> David's analogy is a good one. >> >> Soni, all of this can take place inside GNS3, EVE-NG, containerlabs etc. >> >> That's how we learn networking in general in the absence of a dedicated >> hardware lab (with or without IPv6). >> >> -- >> Sent from my iPhone >> >> >> On Fri, 25 Oct 2024 at 6:17 PM, David Farmer <farmer= >> 40umn.edu@dmarc.ietf.org> wrote: >> >>> Let me use the metaphor of flight training. You can learn to fly a plane >>> in a simulator, but if the controls of the simulator are backwards. You are >>> going to have a very hard time flying a real plane. >>> >>> If your goals for this are an environment to lean IPv6 in, which is what >>> you seem to be saying. Then the IPv6 environment you are creating is so >>> different from the normal IPv6 environment, I'm not sure it will be >>> helpful, and it could very well be detrimental to the learners. >>> >>> I'm trying to keep an open mind, but I'm not seeing something very >>> useful here, at least yet. >>> >>> Thanks. >>> >>> On Thu, Oct 24, 2024 at 15:13 Soni L. <fakedme+ietf@gmail.com> wrote: >>> >>>> for the record, the end result of a 464XLAT-only network is that it >>>> ends up becoming a 464XLAT-enabled IPv6 network (eventually). there are no >>>> security considerations beyond those that already apply to 464XLAT-enabled >>>> IPv6 networks, it just happens to not have access to the IPv6 internet. >>>> >>>> 464XLAT-enabled IPv6 seems to be the recommended deployment strategy >>>> for IPv6 these days, so despite the bastardization... it still works out in >>>> the end. >>>> >>>> >>>> On Thu, Oct 24, 2024, 16:43 Brian E Carpenter < >>>> brian.e.carpenter@gmail.com> wrote: >>>> >>>>> In a few seconds I'll be putting this thread in a filter so that it >>>>> will never trouble me again, but for now I'll just say that we originally >>>>> invented 6to4 for such scenarios, and while it did help a bit when IPv6 >>>>> support was rare, it later became an operational nightmare and a security >>>>> hole. It took years to exterminate. We should not repeat this. >>>>> >>>>> However, 6to4 within a university network that doesn't otherwise >>>>> support IPv6 probably still works. I saw a case of that during 2023, caused >>>>> by rogue behaviour in Windows Server 2008 and similar antiquities. >>>>> >>>>> Regards >>>>> Brian Carpenter >>>>> >>>>> On 25-Oct-24 01:45, Soni L. wrote: >>>>> > maybe you're a student and your university is ipv4-only but you want >>>>> to work with/make a practical ipv6 network as part of some project. this is >>>>> the use-case for the "rogue" network (which would have to be approved by >>>>> the university anyway). this would be the intended use-case for this cursed >>>>> bastardization of ipv6... >>>>> > >>>>> > a lot of folks interested in ipv6 told us their university doesn't >>>>> have ipv6. this might let them play with it in an university setting. ofc, >>>>> gotta be careful about pissing off IT... (pissing off IT is probably >>>>> ill-advised.) >>>>> > >>>>> > On Thu, Oct 24, 2024, 09:16 Gert Doering <gert@space.net <mailto: >>>>> gert@space.net>> wrote: >>>>> > >>>>> > Hi, >>>>> > >>>>> > On Thu, Oct 24, 2024 at 09:15:04AM -0300, Soni L. wrote: >>>>> > > some providers still don't do ipv6, maybe you still want to >>>>> migrate your >>>>> > > internal network to ipv6 to get it ready for future provider >>>>> upgrades. >>>>> > > >>>>> > > or maybe you want to develop an ipv6-only consumer/SOHO >>>>> router that works >>>>> > > on ipv4-only ISPs. >>>>> > > >>>>> > > or maybe you want to deploy a rogue ipv6-only network on an >>>>> otherwise >>>>> > > ipv4-only organization, to prove a point. >>>>> > >>>>> > None of these sound like anyone would want to do that... >>>>> > >>>>> > Gert Doering >>>>> > -- NetMaster >>>>> > -- >>>>> > have you enabled IPv6 on something today...? >>>>> > >>>>> > SpaceNet AG Vorstand: Sebastian v. Bomhard, >>>>> Ingo Lalla, >>>>> > Karin Schuler, >>>>> Sebastian Cler >>>>> > Joseph-Dollinger-Bogen 14 >>>>> <https://www.google.com/maps/search/Joseph-Dollinger-Bogen+14?entry=gmail&source=g> >>>>> Aufsichtsratsvors.: A. Grundner-Culemann >>>>> > D-80807 Muenchen HRB: 136055 (AG Muenchen) >>>>> > Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 >>>>> > >>>>> > >>>>> > _______________________________________________ >>>>> > v6ops mailing list -- v6ops@ietf.org >>>>> > To unsubscribe send an email to v6ops-leave@ietf.org >>>>> _______________________________________________ >>>>> v6ops mailing list -- v6ops@ietf.org >>>>> To unsubscribe send an email to v6ops-leave@ietf.org >>>>> >>>> _______________________________________________ >>>> v6ops mailing list -- v6ops@ietf.org >>>> To unsubscribe send an email to v6ops-leave@ietf.org >>>> >>> _______________________________________________ >>> v6ops mailing list -- v6ops@ietf.org >>> To unsubscribe send an email to v6ops-leave@ietf.org >>> >> _______________________________________________ > v6ops mailing list -- v6ops@ietf.org > To unsubscribe send an email to v6ops-leave@ietf.org >
- [v6ops] 464XLAT-only networks Soni L.
- [v6ops] Re: 464XLAT-only networks Brian E Carpenter
- [v6ops] Re: 464XLAT-only networks Gert Doering
- [v6ops] Re: 464XLAT-only networks Brian Candler
- [v6ops] Re: 464XLAT-only networks Marco Moock
- [v6ops] Re: 464XLAT-only networks Soni L.
- [v6ops] Re: 464XLAT-only networks Gert Doering
- [v6ops] Re: 464XLAT-only networks Soni L.
- [v6ops] Re: 464XLAT-only networks Gert Doering
- [v6ops] Re: 464XLAT-only networks Soni "It/Its" L.
- [v6ops] Re: 464XLAT-only networks Soni L.
- [v6ops] Re: 464XLAT-only networks Costello, Tom
- [v6ops] Re: 464XLAT-only networks Marco Moock
- [v6ops] Re: 464XLAT-only networks Daryll Swer
- [v6ops] Re: 464XLAT-only networks Nick Buraglio
- [v6ops] Re: 464XLAT-only networks Daryll Swer
- [v6ops] Re: 464XLAT-only networks Gert Doering
- [v6ops] Re: 464XLAT-only networks Nick Buraglio
- [v6ops] Re: 464XLAT-only networks Daryll Swer
- [v6ops] Re: 464XLAT-only networks Daryll Swer
- [v6ops] Re: 464XLAT-only networks Soni "It/Its" L.
- [v6ops] Re: 464XLAT-only networks Daryll Swer
- [v6ops] Re: 464XLAT-only networks Marco Moock
- [v6ops] Re: 464XLAT-only networks Soni L.
- [v6ops] Re: 464XLAT-only networks Lorenzo Colitti
- [v6ops] Re: 464XLAT-only networks Soni "It/Its" L.
- [v6ops] Re: 464XLAT-only networks Lorenzo Colitti
- [v6ops] Re: 464XLAT-only networks Soni "It/Its" L.
- [v6ops] Re: 464XLAT-only networks Marco Moock
- [v6ops] Re: 464XLAT-only networks David Farmer
- [v6ops] Re: 464XLAT-only networks Daryll Swer
- [v6ops] Re: 464XLAT-only networks Soni L.
- [v6ops] Re: 464XLAT-only networks Ted Lemon
- [v6ops] Re: 464XLAT-only networks David Farmer
- [v6ops] Re: 464XLAT-only networks Lorenzo Colitti
- [v6ops] Re: 464XLAT-only networks Lorenzo Colitti
- [v6ops] Re: 464XLAT-only networks Lorenzo Colitti
- [v6ops] Re: 464XLAT-only networks Soni "It/Its" L.
- [v6ops] Re: 464XLAT-only networks Daryll Swer
- [v6ops] Re: 464XLAT-only networks Lorenzo Colitti
- [v6ops] Re: 464XLAT-only networks Lorenzo Colitti
- [v6ops] Re: 464XLAT-only networks Marco Moock
- [v6ops] Re: 464XLAT-only networks Soni "It/Its" L.
- [v6ops] Re: 464XLAT-only networks Ted Lemon
- [v6ops] Re: 464XLAT-only networks Lorenzo Colitti