IETF Logo Mail Archive

Re: [v6ops] 464xlat case study (was reclassify 464XLAT as standard instead of info)

Ca By <cb.list6@gmail.com> Thu, 28 September 2017 01:56 UTC

Return-Path: <cb.list6@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54B5913523F for <v6ops@ietfa.amsl.com>; Wed, 27 Sep 2017 18:56:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.448
X-Spam-Level:
X-Spam-Status: No, score=-2.448 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K7naS2TLF1gv for <v6ops@ietfa.amsl.com>; Wed, 27 Sep 2017 18:56:56 -0700 (PDT)
Received: from mail-yw0-x234.google.com (mail-yw0-x234.google.com [IPv6:2607:f8b0:4002:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE5F113232C for <v6ops@ietf.org>; Wed, 27 Sep 2017 18:56:55 -0700 (PDT)
Received: by mail-yw0-x234.google.com with SMTP id u11so64790ywh.7 for <v6ops@ietf.org>; Wed, 27 Sep 2017 18:56:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2v3d6B4zQZt52Fctv3NbaUAHv+0wD5+ePfyolFQIZuQ=; b=Giv/H5+qCaIlddzFOi0yFSd22LWky17wCRCNrfU/sMsK7m4/QzjRZqT29pVI6qJ8O0 TGz8g4YNWZGNLlzFFaPbV0sSu4/j8C00RkwLTDD1zLx6bP8Lffvhc557B9JiN5rSJuOY mLlagr/sOXdxmu8oUidPtES6mfG7Xp1fpR+DpgAxb01cci7CiI254Q8c16gOmWGZ46Y6 1rAELk9i/el4G567WTqn+rJlYbytr30UYNTqfL8vcfvBC946Wgj5SDWkQsZCBR/cjGEh D4ijM3k8Fk/9Pl2oOmDAdzy4FDIJXJ2USPfg3HVWpllTricXBtt/kkBACw0RbsIVJTfa wfHQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2v3d6B4zQZt52Fctv3NbaUAHv+0wD5+ePfyolFQIZuQ=; b=fbb3S7cQdWafMH4/X8CZ5+7TUe8bFCjT3pKx4hYfjq4rafGzVyiA2dUQ84U+USzcAk SW20t/pINj3fUvNedLY4GyJrnSt9z+eNfVrVeekuSFMWEiKaXPVbzGUdhkWFLOrWTRTT H80cRMcCEIaxI9yjxRMP7/s2hPqHAjjDa/G9XgCWtS3+AQTaIVfqNN/M/iy0LDz2hKRE OcVRK437gaUQx6a12ARISvLAlD6waGhAgxBi5KMcZt//Z/qssztgW0/rxiL3A5Vd9IWE fPfzrFKAB3HWmW1O3eAyTxecCDJwx74iEqjlCYyeNyXYk8TdzYC+RAm/XeNmyVcCXI6h 9E+A==
X-Gm-Message-State: AHPjjUi7sCVK2uL86ZCf+4mLnYxwPNCmDhL2SKBvXLIchD1whH6TwIB9 /KEUWGJLSNS+eWRJUDk74Yb6oIzKMcTJN/IIBks=
X-Google-Smtp-Source: AOwi7QB6ACsy3BMnXkeJW5Z87wVz3Y6IUXhh/ec0xIV0+Ay+pOAqy5A5VVx+V3lDxRYt2hrfM0Hq6H2pjQ1tsT5hWZ8=
X-Received: by 10.13.239.2 with SMTP id y2mr2383141ywe.65.1506563815029; Wed, 27 Sep 2017 18:56:55 -0700 (PDT)
MIME-Version: 1.0
References: <LO1P123MB01168388285206BB7C26F029EA7A0@LO1P123MB0116.GBRP123.PROD.OUTLOOK.COM> <46045DAA-9096-43BA-A5FD-571232767726@google.com> <CAKD1Yr3vziaHfkR+hQ7QHXaz7QraKH2HLUVXUW63GpnOAj4JoQ@mail.gmail.com> <E72C3FBE-57A4-4058-B9E5-F7392C9E9101@google.com> <LO1P123MB0116805F9A18932E2D0694FEEA780@LO1P123MB0116.GBRP123.PROD.OUTLOOK.COM> <1496304E-54BE-47FA-A7F1-1AA6E163DAB1@employees.org> <CAD6AjGQdMFgv4727wHm41HmEyo2Z-PCabPHPSRSVwOi_rey7OQ@mail.gmail.com> <20170928002712.A92A2885F18B@rock.dv.isc.org>
In-Reply-To: <20170928002712.A92A2885F18B@rock.dv.isc.org>
From: Ca By <cb.list6@gmail.com>
Date: Thu, 28 Sep 2017 01:56:44 +0000
Message-ID: <CAD6AjGTOFbBxPvi4HzF-ddwE7uvGYywY_rTppriBum_EaPwfpw@mail.gmail.com>
To: Mark Andrews <marka@isc.org>
Cc: "Heatley, N, Nick, TQB R" <nick.heatley@bt.com>, IPv6 Ops WG <v6ops@ietf.org>, Ole Troan <otroan@employees.org>, james woodyatt <jhw@google.com>
Content-Type: multipart/alternative; boundary="94eb2c03505806bf0e055a3639d0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/aGVNbjll7zY602S2956LsDKUpss>
Subject: Re: [v6ops] 464xlat case study (was reclassify 464XLAT as standard instead of info)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Sep 2017 01:56:58 -0000

On Wed, Sep 27, 2017 at 5:28 PM Mark Andrews <marka@isc.org> wrote:

>
> In message <
> CAD6AjGQdMFgv4727wHm41HmEyo2Z-PCabPHPSRSVwOi_rey7OQ@mail.gmail.com>, Ca
> By writes:
> >
> > On Wed, Sep 27, 2017 at 3:43 PM Ole Troan <otroan@employees.org> wrote:
> >
> > > > A specific example: certain vpn clients, still in service, fail when
> > > > tethered to a nat64/dns64 device. Typically, a customer is tethering
> > > > their work machine to their personal handset. NAT64/DNS64 does not
> > > > provide what the client needs and neither can the OS. Such client SW
> > > > may be older but is still in service, they are not yet end of
> support.
> > > >
> > > > Customers care if this breaks. So do I, this is doing harm. And no,
> > > > they won't revert to their corp IT dept. They know this relates to
> their
> > > > provider.
> > > > With 464xlat these usecases simply work.
> > > > I have zero calls into customer services concerning devices with
> > > > 464xlat.
> > > >
> > > > 464xlat is the reason why IPv6-only can work where the end OS is
> > > > unknown. IPv6-only for the handset mass-market is the way to mitigate
> > > > exhaustion.
> > >
> > > 464xlat is a mechanism to deliver IPv4 service across an IPv6
> transport.
> > > Yes, it mitigates exhaustion. - By sharing a single IPv4 address among
> > > more and more end-users.
> > > It's just like any other CGN, with the differences being that you need
> > > CE support and you can disable IPv4 in the access network.
> > >
> > > MAP-E, MAP-T, DS-lite, Configured tunnels, L2 NAT... pretty much all do
> > > the same.
> > > The main difference is where session state is kept.
> > >
> > > 464XLAT or more commonly deployed 44464XLAT is the worst of any
> > > combination. It keeps sessions state both at the CE/CLAT and the
> > > BR/PLAT.
> > > Building scalable stateful devices is hard and expensive. And in the
> > > case of IPv4 sharing mechanisms unnecessary.
> > >
> > > Ole
> >
> >
> > Ole, Mark, and James — always good to have the non-operator viewpoint.
> > Insightful observations as always.
> >
> > Nick has offered the “hey we did 464xlat, it worked, no regrets” case
> > study, also insightful.
> >
> > I am trying to stay out of this discussion about purity of one solution
> vs
> > the other.  I was happy to leave that discussion years ago and move on
> > with
> > real work.
> >
> > But i like helping people, so i can share some insight
> >
> > Slide 4 of a deck
> >
> >
> https://www.ietf.org/proceedings/98/slides/slides-98-maprg-measuring-trend
> > s-in-ipv6-support-tommy-pauly-00.pdf
> >
> > The blue area is not one of constant growth.  The lesson is that what
> > James
> > said does not fly with mobile subscribers that can change carriers.  They
> > want their “broken” apps. That said, i have it on good word that blue
> blob
> > is  thriving now that we added some additional control points to allows
> > people to use “broken” apps.  Life is good.
> >
> > Another data point
> >
> > http://www.worldipv6launch.org/measurements/
> >
> > As of today in the top 25, Numbers 7, 11, 17, 18 (i think), and 20 have
> > deployed 464xlat.  Pretty good real world stats moving real v6 packets
> for
> > what Ole calls “the worst” and Mark calls “sexy”.
>
> I said other people think it is "sexy".  I'm with Ole, it is the worst
> of the solutions.


Ethernet is also the worst.

Token ring is much more elegant than ethernet too.  And packet over sonet
is much more industrial than ethernet.

Yet the chaotic mess ethernet is ubiquitous.  Why?  Because people had a
relatively good experience deploying it.


>
>         It breaks DNSSEC as it depends on DNS64.
>         Applications have to deal with "this connection may be NAT'd to
> IPv4"
>         which impacts on those not using 464xlat or NAT64/DNS64.
>         It requires application gateways on both ends.
>         It requires complicated code on both end.
>
> > And, i will reinterate an important point Nick made. The majority of
> > traffic goes e2e ipv6. A minority of traffic requires NAT64/DNS64. And a
> > sliver of traffic requires 464XLAT or 4464.  Those numbers are all
> growing
> > in the right direction, more e2e v6.
> >
> >
> >
> >
> > > _______________________________________________
> > > v6ops mailing list
> > > v6ops@ietf.org
> > > https://www.ietf.org/mailman/listinfo/v6ops
> > >
> >
>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org
>

v2.23.0 | Report a Bug | By Email