IETF Logo Mail Archive

Re: [v6ops] Vicious circle [ULA precedence [Thoughts about wider operational input]]

Ed Horley <ed@hexabuild.io> Fri, 29 April 2022 15:00 UTC

Return-Path: <ed@hexabuild.io>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFAB4C15ED43 for <v6ops@ietfa.amsl.com>; Fri, 29 Apr 2022 08:00:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.888
X-Spam-Level:
X-Spam-Status: No, score=-1.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hexabuild-io.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vgoQFD4SBfkx for <v6ops@ietfa.amsl.com>; Fri, 29 Apr 2022 08:00:20 -0700 (PDT)
Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52286C15E41D for <v6ops@ietf.org>; Fri, 29 Apr 2022 08:00:20 -0700 (PDT)
Received: by mail-lf1-x134.google.com with SMTP id p10so14505149lfa.12 for <v6ops@ietf.org>; Fri, 29 Apr 2022 08:00:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hexabuild-io.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=UcLqFA1umoIj3v0QhSE2Oth9yh/dfxWwYlkJsIqGbmc=; b=ZdU761duBxL0sCNeMI/UwMVio5QdnidbkKMxWr3jv37tFUVLCXjyUxgIM+EC6mjdgm WZCdrOA86ySmNzZPP0UVunBIpUuP93n+ezVWO6S5wftD9/rDzD0uU7hDzicjQIA7z/q5 /v2n0CEs5iu7L2NSOeekm7X7r1xdg5sVAgaiP9Px3QV7WSrlPDPj8JSNj9eCaEejjKgv 66H17cnYbHgzVvyS7T+fK8P42jrizQO50m5SqiCqPMFoPA/LI5qt5qCKLL+qyYCvtrxn 7SAmsbQv+e05887KtAVqWOa6YQxt/so+8JAYEsutgAwsjESIbsAnoNh5LwUNZttfR1BF 4Arw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UcLqFA1umoIj3v0QhSE2Oth9yh/dfxWwYlkJsIqGbmc=; b=UKOoKBCqm7t3bHOw6T/5dOhdnNQaNXIVPqMGrQoXaT73UHE7rcxfv38VAjAcvAL9J6 gaQU4+rbpqKx6M97H4GRdvQkW4x9NKrwcmMPJlxSjuy/zoObq6wsuTGAeIqlv23mKIJ+ I5hxb0AR9kKMXep1m9ec4TY453SkLU7rEvzdCPgRIqeirQjSrVB1oW59Guc7EHDvnzGe O9Q8HEGlt7dYC0zAeQMuh3dRvpBr1RQohY6Srb/xJPPol3I/55PS7yFryzUSdGWAT6Yk +lTAoxR5jUgDKtf5tRQpJ0sUx+J2GAFa0wUQhofoGYWNXaILqAu20Rr74IoMWUQqvqVe 1ecQ==
X-Gm-Message-State: AOAM530B8l0kKm3cpD8P66McQ5NYX1aMxGJ5WohJTh1iHEB8vbU+gu8e BC8bney482XI+a0JhhucWE+EGrCEUKjO3wk1NEwetQ==
X-Google-Smtp-Source: ABdhPJwqIYF1dw4puZ2Mx33TXhmR2XIscnPofINcvYEf8iFL2i43Du2dE3twNOaB7UHpp51XUhIiPM6QERfq7QPmMvs=
X-Received: by 2002:a19:ca0d:0:b0:472:1a4d:a67d with SMTP id a13-20020a19ca0d000000b004721a4da67dmr13401892lfg.222.1651244418349; Fri, 29 Apr 2022 08:00:18 -0700 (PDT)
MIME-Version: 1.0
References: <CAM5+tA8WvjvWirxqE6kQ9LQAG0NcpWyCLGVooB=G7gZ9ETb2zQ@mail.gmail.com> <20220424172743.GA218999@fg-networking.de> <CAKD1Yr1v0Tkh+pWD-ts=PL3gZf7Qj6OHW6Cuvj8iGcSSMibjew@mail.gmail.com> <0afe25f5-52b7-a438-0696-cf8b0a83c2dc@gmail.com> <BN8PR07MB70760D9693580F5BDCB61DD995F89@BN8PR07MB7076.namprd07.prod.outlook.com> <CAKD1Yr3Z9wGQ+uiA2WcW00MrOiLyHs+bSoFjHVtrixCi2qp4DA@mail.gmail.com> <BN8PR07MB7076A6456CAB48EF428D6E8695F89@BN8PR07MB7076.namprd07.prod.outlook.com> <65d0d9ac-77fc-c200-09e3-0c3949ca1541@gmail.com> <CAN-Dau2FS99ewfgH8xk-jSJFCnO92CJV9ZC98DUE2UDR7V1Eww@mail.gmail.com> <CANMZLAYbpZBDA8uFnJqfWfWTQ4S9RN4a-DqWe36qzfAfDtXiQA@mail.gmail.com> <CAN-Dau0BjRR2_7xz38DpJsz0Y=Z_8bV5n-=Eh1QUVEDzqVxmaA@mail.gmail.com> <CAPt1N1=H=eAyRu0JcHnLpZEUizDZ4Kj0VwPu=0nM=Wn+y3Ho1w@mail.gmail.com> <CAM5+tA_4rtSkgEuRUFZ2LYr6i8a7vWeKODYieVARF3RbRvgRww@mail.gmail.com> <BN8PR07MB7076DE3E745CB916FB81879595FA9@BN8PR07MB7076.namprd07.prod.outlook.com> <ADAE42CE-448F-42F5-89BE-692F493E2DC8@consulintel.es> <CAM5+tA_ksJ+agY1tze1-zPHLsgYFgjEYtnuPs+ffZbnRqiHytw@mail.gmail.com> <BAD082DA-0958-4926-B3E5-4E4599A75078@consulintel.es> <BN8PR07MB7076564E50C0DAFBFAB950FD95FA9@BN8PR07MB7076.namprd07.prod.outlook.com> <CAPt1N1ncVkekecS=dBHSR3WtaEMruy55Udxy0WSMGTgbN24pKw@mail.gmail.com> <CAM5+tA8-Zqka-vZ9jRL3wn0dtfuJj0ECx_k9prwyS2ypisaPtw@mail.gmail.com> <FB031B76-7E88-4824-876F-D1A05F8D2215@thehobsons.co.uk> <CAFU7BAST-oNGpy4JvODDsf=8eS69hV8XCi8OgEHBkkoujRN3Rw@mail.gmail.com> <699f556a3eac41179a80d2cc8749a191@huawei.com> <CAO42Z2wiebCOPmtcEOJ3rOaZEpHE7qFZZTf5KLWybSsL6rOd9Q@mail.gmail.com> <CAN-Dau1FV-uEkX1S7vOEVxggjcNvUVTmokPAEOiapxPTySN-vw@mail.gmail.com> <CAPt1N1mk8Qv1anXohCJaiH0WWn-BkS4mr=ffyF0cCaE7CM314w@mail.gmail.com>
In-Reply-To: <CAPt1N1mk8Qv1anXohCJaiH0WWn-BkS4mr=ffyF0cCaE7CM314w@mail.gmail.com>
From: Ed Horley <ed@hexabuild.io>
Date: Fri, 29 Apr 2022 08:00:06 -0700
Message-ID: <CAE=N4xf_wRPQeChkfXWxj7+Do8jp2U6hDtjH+-RUNis+ynMRbQ@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
Cc: David Farmer <farmer=40umn.edu@dmarc.ietf.org>, Xipengxiao <xipengxiao=40huawei.com@dmarc.ietf.org>, v6ops list <v6ops@ietf.org>, 6man list <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000fe58c505ddcc4c73"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/c4RqM111PRvn0dzyqH41ELVxKw8>
Subject: Re: [v6ops] Vicious circle [ULA precedence [Thoughts about wider operational input]]
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Apr 2022 15:00:25 -0000

To bring things back into focus. I believe the goal of the submitted
informational draft was to identify the "Unintended Operational issues with
ULA" (which is the title of the draft) so that it was clear what structural
problems exist with ULA currently. It does not propose any fixes, I believe
that would be a separate but important discussion (well, a yelling
match apparently). I am specifically interested if anyone has any
documented and verifiable configurations that either counter the points
made, disprove the points made, or prove false the points made in the
submitted draft. For those that have not read it yet you can find it here:
https://datatracker-ietf-org.lucaspardue.com/doc/draft-buraglio-v6ops-ula/
or
https://www.ietf.org/id/draft-buraglio-v6ops-ula-01.html

Once we agree on what the problem space is, I believe it makes it a bit
easier to talk about what to actually fix, if anything. I believe that was
the goal Nick had originally with this, but he can confirm that I imagine.
- Ed

On Fri, Apr 29, 2022 at 7:38 AM Ted Lemon <mellon@fugue.com> wrote:

> The difference is that NAT44 made things better. NAT66 arguably doesn’t.
> Pretty clearly there is a better alternative for the specific pci case
> we’ve been discussing.
>
> This doesn’t mean people won’t do nat66 out of habit anyway, but it will
> cost extra and add no value, so I don’t see any reason why it would become
> and remain a best practice.
>
> On Fri, Apr 29, 2022 at 10:16 David Farmer <farmer=
> 40umn.edu@dmarc.ietf.org> wrote:
>
>>
>>
>> On Thu, Apr 28, 2022 at 6:02 PM Mark Smith <markzzzsmith@gmail.com>
>> wrote:
>>
>>> On Fri, 29 Apr 2022 at 07:37, Xipengxiao
>>> <xipengxiao=40huawei.com@dmarc.ietf.org> wrote:
>>>
>>> > My point is, given PCI DSS 4.0 (what Jen wrote as PCR DSS 4.0), we
>>> should tell enterprises they no longer need NAT. But if some enterprises
>>> still insist, respect their decision.
>>>
>>> Ignore them. IPv6 doesn't solve any problem they have, and adding NAT
>>> to IPv6 still won't solve any problem they have, because IPv6 still
>>> won't solve a problem they have.
>>>
>>> ...
>>>
>>> Even government mandates to get enterprises to adopt a networking
>>> protocol don't work - the Internet is supposed to be running CLNS by
>>> now as mandated by governments around the world. (I expect Vint Cerf
>>> was being nice while working on this rather than truly believing OSI
>>> would take over.)
>>>
>>> Explaining the Role of GOSIP
>>> https://www.rfc-editor.org/rfc/rfc1169.html
>>>
>>>
>>>  It's more important to get enterprises to use IPv6 ASAP, than to
>>> insist that they use the "right" IPv6 solution.
>>> >
>>>
>>> Why is it important to get enterprises to use IPv6 ASAP?
>>>
>>>
>>> Regards,
>>> Mark.
>>>
>>
>> Ignore credit cards and enterprises, that's your advice for IPv6?
>>
>> So, no one using IPv6 wants to get paid for anything? Or, are you
>> suggesting we maintain a quaint IPv4 network in the corner, so we can do
>> credit cards and can get paid?
>>
>> As for enterprises, Google and AWS are enterprises, are you suggesting
>> they should be ignored too? Most of the valuable things on the Internet are
>> run by enterprises.
>>
>> Supporters of IPv6 need to very much care about enterprises; We need them
>> to make their content available via IPv6. We need them to enable IPv6 on
>> the Internet-facing parts of their networks.
>>
>> Do we need them to enable IPv6 on their internal networks, maybe or maybe
>> not. However, if enterprises are not comfortable with IPv6 why would they
>> enable their content over IPv6?
>>
>> I'm not suggesting we have to do NAT66 or even NPTv6, however, I think we
>> should have something to tell those doing NAT44 today and want to maintain
>> an internal private network. Maybe ULA with application gateways and
>> proxies instead of NAT. But I don't think the internal private network
>> model is just going to go away, too many people are comfortable with it.
>>
>> Furthermore, ignoring NAT44 from a standardization point of view worked
>> so well the last time. "Ignore them, and they will go away," didn't work
>> last time and it's not going to work this time either.
>>
>> Thanks
>>
>>
>> --
>> ===============================================
>> David Farmer               Email:farmer@umn.edu
>> Networking & Telecommunication Services
>> Office of Information Technology
>> University of Minnesota
>> 2218 University Ave SE
>> <https://www.google.com/maps/search/2218+University+Ave+SE?entry=gmail&source=g>
>>       Phone: 612-626-0815
>> Minneapolis, MN 55414-3029   Cell: 612-812-9952
>> ===============================================
>> _______________________________________________
>> v6ops mailing list
>> v6ops@ietf.org
>> https://www.ietf.org/mailman/listinfo/v6ops
>>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>


-- 
Ed Horley
ed@hexabuild.io | (925) 876-6604
Advancing Cloud, IoT, and Security with IPv6
https://hexabuild.io
And check out the IPv6 Buzz Podcast at
https://packetpushers.net/series/ipv6-buzz/

v2.23.0 | Report a Bug | By Email