IETF Logo Mail Archive

[v6ops] Is 464XLAT really inferior to all other IPv6 transition technologies? -- Re: updating RFC8026 to support 464XLAT in draft-ietf-v6ops-transition-ipv4aas

Lencse Gábor <lencse@hit.bme.hu> Wed, 13 June 2018 09:12 UTC

Return-Path: <lencse@hit.bme.hu>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E79B1130E14 for <v6ops@ietfa.amsl.com>; Wed, 13 Jun 2018 02:12:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i9VNGR914pht for <v6ops@ietfa.amsl.com>; Wed, 13 Jun 2018 02:11:57 -0700 (PDT)
Received: from frogstar.hit.bme.hu (frogstar.hit.bme.hu [IPv6:2001:738:2001:4020::2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F87A130E0A for <v6ops@ietf.org>; Wed, 13 Jun 2018 02:11:56 -0700 (PDT)
Received: from [192.168.1.114] (host-79-121-41-164.kabelnet.hu [79.121.41.164]) (authenticated bits=0) by frogstar.hit.bme.hu (8.15.2/8.15.2) with ESMTPSA id w5D9BjOO081302 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <v6ops@ietf.org>; Wed, 13 Jun 2018 11:11:50 +0200 (CEST) (envelope-from lencse@hit.bme.hu)
X-Authentication-Warning: frogstar.hit.bme.hu: Host host-79-121-41-164.kabelnet.hu [79.121.41.164] claimed to be [192.168.1.114]
To: v6ops@ietf.org
References: <FEACFE5A-F2E6-4533-8602-C05F8A1FB59A@consulintel.es> <28C9E7B4-1D2F-4C65-A121-90E9AFB470AD@gmail.com> <CAHL_VyDc1iF7T4k3J1uQvDYUpxaRg7_eOqK6poV_cZ-NAFAEDQ@mail.gmail.com> <7B87AAA7-E5C5-498E-A41E-8927BC554F29@consulintel.es> <CAKD1Yr2HpJFvW3=CQQV6HVr6tOGSW=Kj5mpO-rLLrEEuPZ4vmg@mail.gmail.com> <966D347E-0A4F-4F51-90AB-03D178EF4CEB@consulintel.es> <CAKD1Yr3uSr-KJCOhTJvaf1xh4g7hOqwzxZSv7TNH5fB5Z1VigQ@mail.gmail.com> <C48F6BAD-84CE-4121-B862-218004A417D3@consulintel.es> <CAKD1Yr1_NeLyAmdAJitd=jUKeY0kW8qxV_9FWGCbNf1__ppecw@mail.gmail.com> <018DD24B-DD2F-4B31-A939-328173891F3E@consulintel.es> <CAKD1Yr1ohmb9BUV+KO2Ff+LJ1+pNwQ+-UJ6t7MmwY6PV3MLhyA@mail.gmail.com> <0F82C180-CE02-4DC1-88EE-5BB6CEC46F3C@consulintel.es> <CAKD1Yr1FVdWt446zq9mDec4fsCmN6K=M1MkK4FUWv=RBMQMrbQ@mail.gmail.com>
From: Lencse Gábor <lencse@hit.bme.hu>
Message-ID: <da095b32-3bb9-d2ec-dd41-e6e526cff83f@hit.bme.hu>
Date: Wed, 13 Jun 2018 11:11:40 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <CAKD1Yr1FVdWt446zq9mDec4fsCmN6K=M1MkK4FUWv=RBMQMrbQ@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------145621110D1AA7D5F60123BD"
X-Virus-Scanned: clamav-milter 0.100.0 at frogstar.hit.bme.hu
X-Virus-Status: Clean
Received-SPF: pass (frogstar.hit.bme.hu: authenticated connection) receiver=frogstar.hit.bme.hu; client-ip=79.121.41.164; helo=[192.168.1.114]; envelope-from=lencse@hit.bme.hu; x-software=spfmilter 2.001 http://www.acme.com/software/spfmilter/ with libspf2-1.2.10;
X-DCC--Metrics: frogstar.hit.bme.hu; whitelist
X-Scanned-By: MIMEDefang 2.79 on 152.66.248.44
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/bnC6W5jHpDWVpPrYxFvc_YKM1Fc>
Subject: [v6ops] Is 464XLAT really inferior to all other IPv6 transition technologies? -- Re: updating RFC8026 to support 464XLAT in draft-ietf-v6ops-transition-ipv4aas
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jun 2018 09:12:03 -0000

Dear Lorenzo,

I think it is a rather strong statement that "464XLAT is pretty much the 
worse of the transition mechanisms from a technical perspective."

We have listed 26+ IPv6 transition technologies in our workshop paper 
[1], but there are even more solutions exist.

Which of them do you mean to be better than 464XLAT?

What technical points do you consider when stating that 464XLAT is worse 
than the others? (E.g. resource consumption, scalability, security, ease 
of implementation, etc.)

I think it is important for network operators to have a balanced view of 
the advantages and disadvantages of the different IPv6 transition 
mechanisms, this is why I am asking these questions.

Best regards,

Gábor Lencse


[1] G. Lencse and Y. Kadobayashi, "Survey of IPv6 Transition 
Technologies for Security Analysis", IEICE Communications Society 
Internet Architecture Workshop, Tokyo, Japan, Aug. 28, 2017, /IEICE 
Tech. Rep./, vol. 117, no. 187, pp. 19-24. Available online: 
http://www.hit.bme.hu/~lencse/publications/IEICE-IA-2017-survey.pdf


6/13/2018 9:38 AM keltezéssel, Lorenzo Colitti írta:
> That goes back to my earlier point of that from a technical 
> perspective 464xlat is pretty much the worst of the transition 
> mechanisms.. I don't think we should be recommending running it on 
> wireline at all, let alone prioritizing it over something else .:-)
>
> On Wed, Jun 13, 2018 at 3:50 PM JORDI PALET MARTINEZ 
> <jordi.palet=40consulintel.es@dmarc.ietf.org 
> <mailto:40consulintel.es@dmarc.ietf.org>> wrote:
>
>     Lorenzo, you’re missing the key aspect: Being able to prioritize,
>     when an ISP supports several transition mechanisms.
>
>     RFC8026 key aspect is priority. If we don’t add an option code for
>     464XLAT, then it can’t be managed the same way.
>
>
>     Regards,
>
>     Jordi
>
>     *De: *v6ops <v6ops-bounces@ietf.org
>     <mailto:v6ops-bounces@ietf.org>> en nombre de Lorenzo Colitti
>     <lorenzo=40google.com@dmarc.ietf.org
>     <mailto:40google.com@dmarc.ietf.org>>
>     *Fecha: *miércoles, 13 de junio de 2018, 4:45
>     *Para: *<jordi.palet=40consulintel.es@dmarc.ietf.org
>     <mailto:40consulintel.es@dmarc.ietf.org>>
>     *CC: *"v6ops@ietf.org <mailto:v6ops@ietf.org> WG" <v6ops@ietf.org
>     <mailto:v6ops@ietf.org>>
>     *Asunto: *Re: [v6ops] updating RFC8026 to support 464XLAT in
>     draft-ietf-v6ops-transition-ipv4aas
>
>     On Tue, Jun 12, 2018 at 7:40 PM JORDI PALET MARTINEZ
>     <jordi.palet=40consulintel..es@dmarc.ietf.org
>     <mailto:40consulintel.es@dmarc.ietf.org>> wrote:
>
>         You don’t need RFC7050 neither DNS64, you can use PCP
>         (RFC7225) to tell the CLAT the NAT64 prefix. It also provides
>         additional advantages to the operator to control many related
>         aspects (see section 3 of RFC7225).
>
>         1.If the operator wants to enable 464xlat: they should hand
>         out a DNS64 to the CPE.
>
>         2.If the operator wants to disable 464xlat: they should NOT
>         hand out a DNS64 to the CPE.
>
>         This doesn’t work, because the operator may be using RFC7225
>         instead of RFC7050. You need to try both in that case, and you
>         aren’t providing a “priority” to a possible list of
>         mechanisms, which is what RFC8026 does.
>
>     But it's the same problem again: what's the use case for this
>     DHCPv6 option? An operator that's using RFC7225 has an easy way to
>     tell the CPE not to do 464xlat: don't hand out the prefix64 to
>     those CPEs. So this is already possible today.
>
>         3.If the operator uses 464xlat, they should not allow the user
>         to change the DNS server.
>
>         Let’s be realistic. You can’t “force” the customer to avoid
>         changing the DNS …
>
>     On an operator-managed CPE, you can. On a user-managed CPE, you
>     can't. But on such a CPE you probably shouldn't be disabling
>     464xlat. If the user wants to use it, it's their CPE, right?
>
>     _______________________________________________ v6ops mailing list
>     v6ops@ietf.org <mailto:v6ops@ietf.org>
>     https://www.ietf.org/mailman/listinfo/v6ops
>
>
>     **********************************************
>     IPv4 is over
>     Are you ready for the new Internet ?
>     http://www.consulintel.es
>     The IPv6 Company
>
>     This electronic message contains information which may be
>     privileged or confidential. The information is intended to be for
>     the exclusive use of the individual(s) named above and further
>     non-explicilty authorized disclosure, copying, distribution or use
>     of the contents of this information, even if partially, including
>     attached files, is strictly prohibited and will be considered a
>     criminal offense. If you are not the intended recipient be aware
>     that any disclosure, copying, distribution or use of the contents
>     of this information, even if partially, including attached files,
>     is strictly prohibited, will be considered a criminal offense, so
>     you must reply to the original sender to inform about this
>     communication and delete it.
>
>
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email