IETF Logo Mail Archive

Re: [v6ops] FYI: Microsoft's latest on CLAT

Vasilenko Eduard <vasilenko.eduard@huawei.com> Mon, 11 March 2024 07:45 UTC

Return-Path: <vasilenko.eduard@huawei.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AE93C14F5FE for <v6ops@ietfa.amsl.com>; Mon, 11 Mar 2024 00:45:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.204
X-Spam-Level:
X-Spam-Status: No, score=-4.204 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CM3L1sr1xyne for <v6ops@ietfa.amsl.com>; Mon, 11 Mar 2024 00:45:40 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2976DC14F6AE for <v6ops@ietf.org>; Mon, 11 Mar 2024 00:45:40 -0700 (PDT)
Received: from mail.maildlp.com (unknown [172.18.186.216]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4TtTMx5qxRz67bbH; Mon, 11 Mar 2024 15:45:33 +0800 (CST)
Received: from mscpeml100004.china.huawei.com (unknown [7.188.51.133]) by mail.maildlp.com (Postfix) with ESMTPS id 67D18140D26; Mon, 11 Mar 2024 15:45:36 +0800 (CST)
Received: from mscpeml500004.china.huawei.com (7.188.26.250) by mscpeml100004.china.huawei.com (7.188.51.133) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Mon, 11 Mar 2024 10:45:35 +0300
Received: from mscpeml500004.china.huawei.com ([7.188.26.250]) by mscpeml500004.china.huawei.com ([7.188.26.250]) with mapi id 15.02.1258.028; Mon, 11 Mar 2024 10:45:35 +0300
From: Vasilenko Eduard <vasilenko.eduard@huawei.com>
To: Daryll Swer <contact=40daryllswer.com@dmarc.ietf.org>
CC: Ole Troan <otroan@employees.org>, Jen Linkova <furry13@gmail.com>, "v6ops@ietf.org" <v6ops@ietf.org>, Tommy Jensen <Jensen.Thomas@microsoft.com>
Thread-Topic: [v6ops] FYI: Microsoft's latest on CLAT
Thread-Index: AQHacMnFaOJLqIV7YEak9TIRapOnzbEtBCiAgAB7pgCAABeEAIAADg+AgAR3kxD//9LKgIAAPBmg
Date: Mon, 11 Mar 2024 07:45:35 +0000
Message-ID: <accf1dc8041c4b4cb0af30847c63703f@huawei.com>
References: <SJ0PR00MB1348781EB81293E8A0521F23FA202@SJ0PR00MB1348.namprd00.prod.outlook.com> <CAKD1Yr1GgOBR+Y5x4-+BCzQFp3usPwd_CM05nfwgM6pT5wef1Q@mail.gmail.com> <884F5E11-364C-4D42-B199-B8FEF33C59C4@employees.org> <CAFU7BAQn-EgpL0mukUUnsBt916UA0P9Qw8KYtC5E5vG3ZMOW7w@mail.gmail.com> <10EF7C0B-0690-4AC0-BD7D-4DAB03C23E76@employees.org> <b03cd464974b4f2cb9319ee8eff71914@huawei.com> <CACyFTPGNGJFJL0xc=J6fX0Y7fm9h6LqcA+D-3Mx5P181hYde2Q@mail.gmail.com>
In-Reply-To: <CACyFTPGNGJFJL0xc=J6fX0Y7fm9h6LqcA+D-3Mx5P181hYde2Q@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.199.56.41]
Content-Type: multipart/alternative; boundary="_000_accf1dc8041c4b4cb0af30847c63703fhuaweicom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/g1G0tv38NG_n5MMK3OBmIEQSzXw>
Subject: Re: [v6ops] FYI: Microsoft's latest on CLAT
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2024 07:45:44 -0000

Theoretically, MAP-E/T is much better but…
MAP needs a much bigger IPv4 address pool for static mapping to IPv6 (disconnected subscribers keep their Port range block), the mapping block should be big enough for any subscriber (1k+). This technology is not dynamic at all. Not many ISPs have such a luxury (of IPv4 addresses).
To kill it completely, MAP is absent on Android and iOS.

MAP calls the stateful translation device “Border Relay”. “PLAT” is a clear reference to 464XLAT.
Eduard
From: Daryll Swer <contact=40daryllswer.com@dmarc.ietf.org>
Sent: Monday, March 11, 2024 10:01
To: Vasilenko Eduard <vasilenko.eduard@huawei.com>
Cc: Ole Troan <otroan@employees.org>; Jen Linkova <furry13@gmail.com>; v6ops@ietf.org; Tommy Jensen <Jensen.Thomas@microsoft.com>
Subject: Re: [v6ops] FYI: Microsoft's latest on CLAT

[https://mailtrack.io/trace/mail/08f8535f47f2111f6f5e0357d164f745e59b0fc6.png?u=2153471]
- PLAT is 30% more expensive than NAT44 (look to any vendor for scalability numbers)
464xlat is stateful, isn't it? To my understanding, MAP-T is “mostly stateless”, but I have only heard of MAP-T in a very limited number of SPs around the world. MAP-T on end-devices will probably never happen.

DHCP absence on the most popular OS would still block IPv6 progress in the Enterprise.
If you read the past email threads on this mailing list, there was an extensive (and aggressive) debate on DHCPv6 support issues on client devices, with me included in that discussion. But alas, the SLAAC apologists still thinks DHCPv6 is anti-IPv6.

I've largely stopped pushing enterprise folks I know of, to IPv6, nobody wants to waste their resources on SLAAC hacks (which the SLAAC apologists claims is superior to DHCPv6) for logging/compliances etc. Life's so much simpler as an ISP, ia_na + static /56 or /48 ia_pd to the Customer Edge Router, RADIUS-based AAA/Logging of the prefix, problem solved. State sync is the only problem left, but, that can be solved using ISC Kea as someone pointed out before, or opt for an opinionated vendor stack, vendors have their own state sync mechanism for DHCPv6.

--
Best Regards
Daryll Swer
Website: daryllswer.com<https://mailtrack.io/l/5dcb8586407ba280cf773710505bb808535a7647?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=442d04c8d2b1a9db>


On Mon, 11 Mar 2024 at 12:19, Vasilenko Eduard <vasilenko.eduard=40huawei.com@dmarc.ietf.org<mailto:40huawei.com@dmarc.ietf.org>> wrote:
IPv6-mostly looks good because it permits to have IPv6-only and IPv4-only on the same subnet. It is a smooth transition.

But "CLAT" means that somewhere should be PLAT:
- double NAT translation for IPv4 to IPv4 traffic -> definitely more difficult to troubleshoot.
- PLAT is 30% more expensive than NAT44 (look to any vendor for scalability numbers)

IMHO: IPv6-mostly would not be enough incentive to improve Enterprise miserable IPv6 adoption.
DHCP absence on the most popular OS would still block IPv6 progress in the Enterprise.

Eduard
-----Original Message-----
From: v6ops <v6ops-bounces@ietf.org<mailto:v6ops-bounces@ietf.org>> On Behalf Of Ole Troan
Sent: Friday, March 8, 2024 16:29
To: Jen Linkova <furry13@gmail.com<mailto:furry13@gmail.com>>
Cc: v6ops@ietf.org<mailto:v6ops@ietf.org>; Tommy Jensen <Jensen.Thomas@microsoft.com<mailto:Jensen.Thomas@microsoft.com>>
Subject: Re: [v6ops] FYI: Microsoft's latest on CLAT

>> I’m also a fan of IPv6-mostly.
>> Isn’t it too early to state that it has lower operational cost than dual-stack (or IPv4 only)?
>
> It may be for people who haven't deployed it yet.

Definitely. That was my point. It “may be”. We don’t quite know yet.

>
>> What I mostly(sic) like about it, is that it provides a clearer path towards IPv6 only than dual stack.
>>
>> But I would imagine at least for the short term there are going to be quite a few operational wrinkles to sort out.
>
> When you find a new technology which doesn't have that problem, please
> let me know ;)

Of course not. It’s an interesting technology. My point was to not oversell it. It has the _potential_ to become a good option.


>
>> It’s likely harder to troubleshoot IPv4 problems too.
>
> It's not my experience. Actually troubleshooting is much easier.
> For IPv6-only devices it's just one protocol. For dual-stack devices
> nothing has changed compared to a dual-stack setup.

Cool! I would just imagine get a few issues with PMTUD discovery, traceroute not working and so on.


>
>> And I don’t think it even works on my DHCPv6 single address assigned network at all (yet to be tested).
>
> Nor would IPv6-only.

Why not?


> When you made the decision to assign a single IPv6 address per device,
> I assume you did evaluate pros and cons.
> It doesn't make the  designs which are incompatible with your choice bad ones.

IPv6 mostly in itself is not incompatible with a single IPv6 address.
That’s an implementation choice. I haven’t had time to test implementations yet.
Documentation isn’t exactly where Apple shines, but interesting to see where Microsoft lands on this one.

Best regards,
Ole


>
>>
>>> On 8 Mar 2024, at 04:52, Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org<mailto:40google.com@dmarc.ietf.org>> wrote:
>>>
>>> Great to hear! I think this means that all the major platforms will support the "IPv6-mostly" operational model that v6ops has been working on for the past few years. That's super important, because it means that any network can use this model with confidence that all their clients will work.
>>>
>>> Hopefully this will really help adoption of this model in enterprise networks. Dual-stack is expensive to operate, but if IPv6-only works, then any enterprise that wants to support IPv6 in some form can simply skip directly from IPv4-only to IPv6-mostly without having to worry about the costs of dual-stack at all.
>>>
>>> On Fri, Mar 8, 2024 at 5:05 AM Tommy Jensen <Jensen.Thomas=40microsoft.com@dmarc.ietf.org<mailto:40microsoft.com@dmarc.ietf.org>> wrote:
>>> Good day v6ops,
>>>
>>> As a general IPv6 FYI, I'll share Windows' announcement to bring
>>> CLAT to general networking interfaces which went live today:
>>> https://techcommunity.microsoft.com/t5/networking-blog/windows-11-pl
>>> ans-to-expand-clat-support/ba-p/4078173
>>>
>>> Looking forward to seeing everyone in Brisbane and talking about CLAT recommendations, the draft Jen and I are coauthoring, as Windows will be an implementor!
>>>
>>> Thanks,
>>> Tommy
>>> _______________________________________________
>>> v6ops mailing list
>>> v6ops@ietf.org<mailto:v6ops@ietf.org>
>>> https://www.ietf.org/mailman/listinfo/v6ops
>>> _______________________________________________
>>> v6ops mailing list
>>> v6ops@ietf.org<mailto:v6ops@ietf.org>
>>> https://www.ietf.org/mailman/listinfo/v6ops
>>
>>
>> _______________________________________________
>> v6ops mailing list
>> v6ops@ietf.org<mailto:v6ops@ietf.org>
>> https://www.ietf.org/mailman/listinfo/v6ops
>
>
>
> --
> Cheers, Jen Linkova



_______________________________________________
v6ops mailing list
v6ops@ietf.org<mailto:v6ops@ietf.org>
https://www.ietf.org/mailman/listinfo/v6ops
_______________________________________________
v6ops mailing list
v6ops@ietf.org<mailto:v6ops@ietf.org>
https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email