Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
<mohamed.boucadair@orange.com> Fri, 27 April 2018 12:03 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BACA6126BF3 for <v6ops@ietfa.amsl.com>; Fri, 27 Apr 2018 05:03:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d2TDlVDweB1x for <v6ops@ietfa.amsl.com>; Fri, 27 Apr 2018 05:03:40 -0700 (PDT)
Received: from orange.com (mta135.mail.business.static.orange.com [80.12.70.35]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 96E4B1200F1 for <v6ops@ietf.org>; Fri, 27 Apr 2018 05:03:40 -0700 (PDT)
Received: from opfednr04.francetelecom.fr (unknown [xx.xx.xx.68]) by opfednr25.francetelecom.fr (ESMTP service) with ESMTP id 0AAA11803C9; Fri, 27 Apr 2018 14:03:39 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.62]) by opfednr04.francetelecom.fr (ESMTP service) with ESMTP id E170840077; Fri, 27 Apr 2018 14:03:38 +0200 (CEST)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILM5E.corporate.adroot.infra.ftgroup ([fe80::2912:bfa5:91d3:bf63%18]) with mapi id 14.03.0389.001; Fri, 27 Apr 2018 14:03:38 +0200
From: mohamed.boucadair@orange.com
To: Richard Patterson <richard@helix.net.nz>, "v6ops@ietf.org list" <v6ops@ietf.org>
Thread-Topic: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
Thread-Index: AQHT3hsuQzcNOUZrKkejk+HQXzHgE6QUgSGg
Date: Fri, 27 Apr 2018 12:03:37 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93302DF12AC0@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <3A083AA8-41D3-4BF8-BE31-5071975B6F98@gmail.com> <CAHL_VyC1xUDDqZRz1r--u8nyuLaZRnsT0ZR7hzOw4HWUkgwPXg@mail.gmail.com> <52D64464-A1BB-4FFA-AA79-28B8953E3B93@gmail.com> <2D09D61DDFA73D4C884805CC7865E6114DD7F981@GAALPA1MSGUSRBF.ITServices.sbc.com> <ECDF4B32-1A4E-49A9-9255-091F2FEA78AF@gmail.com> <CAHL_VyBnRkmpNDcwqTTxu8DnUGFAdKgL+PB1pt9yFLQ==cM0aA@mail.gmail.com> <D8000940-273D-4C25-8B71-F75833B74462@consulintel.es> <787AE7BB302AE849A7480A190F8B93302DF126EC@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <694A1FF1-CA8C-42CC-87F3-789EA71807AE@employees.org> <787AE7BB302AE849A7480A190F8B93302DF12849@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAHL_VyA7AnhHQ6ktJ9ySTSjdrZ-JKZBpzJok8tLo+5Vhpcd4iw@mail.gmail.com>
In-Reply-To: <CAHL_VyA7AnhHQ6ktJ9ySTSjdrZ-JKZBpzJok8tLo+5Vhpcd4iw@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.2]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/hhlF-2Y6wxmqgx8kcgYhjeGIXxY>
Subject: Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Apr 2018 12:03:44 -0000
Hi Richard, Thank you for sharing this information. As you know, this a problem of UPnP IGD:1 not UPnP IGD:2 and the behavior adopted by applications, e.g., * An app calls GetSpecificPortMapping until it finds an external available port, and then calls AddPortMapping(). This one will work just fine. * An app calls AddPortMapping, after it finds the external port is not available, then it tries the same port 5 more times by calling AddPortMapping, then it returns an error. This behavior increases the chance to get a port. * An app calls GetSpecificPortMapping, after finding the external port not available, returns an error without issuing AddPortMapping. This one is broken. * An appl calls AddPortMapping, after it finds the external port is not available, then it returns an error. This one is borken * etc. I know some applications are still using IGD:1, but I hope they will move to the IGD:2. Please note that PCP addresses both the interworking with UPnP (which is one part of the problem), but also mappings that can be instantiated directly by a customer from a GUI exposed by the CPE. People running servers or want to access their CPE when outside are happy with the PCP feature. Cheers, Med > -----Message d'origine----- > De : v6ops [mailto:v6ops-bounces@ietf.org] De la part de Richard Patterson > Envoyé : vendredi 27 avril 2018 13:30 > À : v6ops@ietf.org list > Objet : Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion > > Hi Ole, apologies for the indirect reply, but Gmail appears to have > filtered your email. > > > From my perspective PCP from customers to control CGNs is not going to be > deployed. I'd be happy to hear otherwise. > > I'm in two minds about this. On one hand it may help existing applications > when used alongside the UPnP IWF, but on the other it would be at best, > intermittent. > This intermittent-ness could allow an Xbox to successfully open up port > 3074 on Monday during the day, when no other customers sharing the IPv4 > address have already taken it, but would fail on Friday night when another > customer turned their Xbox on first and already mapped the port. > Intermittent faults like this could drive more inbound calls to our call > centre, which have a tangible cost impact on the business, not to mention > arguably a worse customer experience. I'm inclined to prefer reproducible > and predictable failures so the fault can be more reliable identified. > > We did trial PCP with the RFC6970 IWF on our CPEs using NAT444, but only as > a staff trial, we never deployed it (NAT444) to production customers. > > -Rich > > On Fri, 27 Apr 2018 at 08:54, <mohamed.boucadair@orange.com> wrote: > > > Hi Ole, > > > Please see inline. > > > Cheers, > > Med > > > > -----Message d'origine----- > > > De : Ole Troan [mailto:otroan@employees.org] > > > Envoyé : vendredi 27 avril 2018 08:34 > > > À : V6 Ops List > > > Cc : JORDI PALET MARTINEZ; BOUCADAIR Mohamed IMT/OLN > > > Objet : Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion > > > > > > > > > > As you are on it, and given the IETF recommendation in RFC6888: > > > > > > > > REQ-9: A CGN MUST implement a protocol giving subscribers explicit > > > > control over NAT mappings. That protocol SHOULD be the Port > > > > Control Protocol [RFC6887]. > > > > > > > > which would apply also to the PLAT, I suggest you add an item in the > 464lat > > > section to support RFC6970. > > > > > > I think that requirement needs to be reality checked. > > > Has any of the operators of CGNs deployed PCP? > > > [Med] Yes, I confirm. PCP is a deployment reality (DS-Lite context in > particular). Please refer to the file shared by Lee about IPv6 deployments. > > > Would they allow customers to > > > control NAT mappings at all? > > > [Med] Yes. > > > Or would that just be a different subscription > > > plan? > > > [Med] This is part of the normal service: > > * a GUI is provided on the CPE to allow creating mappings > > * an UPnP IGD/PCP IWF is enabled to allow internal hosts to instantiate > mappings on the CGN. > > > > For the other IPv4aaS mechanisms it isn't even an option... > > > > > > From my perspective PCP from customers to control CGNs is not going to > be > > > deployed. > > > [Med] You lose! This is already deployed. > > > I'd be happy to hear otherwise. > > [Med] Now you are :) > > > > > > > Ole > > > > > > > > > > > Cheers, > > > > Med > > > > > > > >> -----Message d'origine----- > > > >> De : v6ops [mailto:v6ops-bounces@ietf.org] De la part de JORDI PALET > > > MARTINEZ > > > >> Envoyé : jeudi 26 avril 2018 21:41 > > > >> À : V6 Ops List > > > >> Objet : Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion > > > >> > > > >> Hi Richard, > > > >> > > > >> As I've moved sections 3 & 4 to the end of the document as annexes, > I've > > > >> added a new small section for UPnP with your text. I think this also > helps > > > to > > > >> clarify one of the issues raised by Lee. > > > >> > > > >> I'm working on all this changes with my co-authors, and if we are > good > > > with > > > >> them, we probably will submit the new version in a couple of days or > so. > > > >> > > > >> Thanks! > > > >> > > > >> Regards, > > > >> Jordi > > > >> > > > >> > > > >> -----Mensaje original----- > > > >> De: v6ops <v6ops-bounces@ietf.org> en nombre de Richard Patterson > > > >> <richard@helix.net.nz> > > > >> Fecha: miércoles, 25 de abril de 2018, 11:16 > > > >> Para: V6 Ops List <v6ops@ietf.org> > > > >> Asunto: Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion > > > >> > > > >> Section 4 only briefly touches on UPnP, I'd like to propose that > we > > > >> make a recommendation around its behaviour if it is enabled. > > > >> > > > >> UPnP MAY be enabled on the IPv6 transition CE, for stateless > > > >> mechanisms that forward unsolicited inbound packets through to > the CE. > > > >> If UPnP is enabled, the agent MUST reject any port mapping > requests > > > >> for ports outside of the range(s) allocated to the IPv6 > transition CE. > > > >> > > > >> UPnP SHOULD be disabled for stateful mechanisms that do not > forward > > > >> unsolicited inbound packets to the CE, unless implemented in > > > >> conjunction with a method to control the external port mapping, > such > > > >> as IGD-PCP IWF [RFC6970]. > > > >> > > > >> -Richard > > > >> > > > >> > > > >> On 25 April 2018 at 01:38, Fred Baker <fredbaker.ietf@gmail.com> > wrote: > > > >>> > > > >>> > > > >>>> On Apr 24, 2018, at 12:13 PM, STARK, BARBARA H <bs7652@att.com> > wrote: > > > >>>> > > > >>>> But that doesn't mean I believe the draft has exactly the right > set of > > > >> features included. My understanding of "adoption" is that it is still > > > >> possible post-adoption to discuss whether specific features / > requirements > > > do > > > >> or don't belong. If the precise set of features and requirements > must be > > > >> agreed upon prior to adoption, then I would not be in support of > adoption. > > > >> Hopefully we aren't setting the bar that high? > > > >>> > > > >>> I understand "adoption as a working group draft" to mean that the > > > >> working group has agreed to work on the draft. There are some working > > > groups > > > >> that seem to confuse "adoption as a work group draft" with > "agreement to > > > send > > > >> it to the IESG"; I don't, but expect conversation in between those > two > > > >> events. > > > >>> > > > >>> That said, I'd like to believe that the draft is pretty close, and > that > > > >> changes that need to be made to it will have text offered by the > people > > > that > > > >> want them. So - keep your cards and letters coming... > > > >>> > > > >>> _______________________________________________ > > > >>> v6ops mailing list > > > >>> v6ops@ietf.org > > > >>> https://www.ietf.org/mailman/listinfo/v6ops > > > >>> > > > >> > > > >> _______________________________________________ > > > >> v6ops mailing list > > > >> v6ops@ietf.org > > > >> https://www.ietf.org/mailman/listinfo/v6ops > > > >> > > > >> > > > >> > > > >> > > > >> ********************************************** > > > >> IPv4 is over > > > >> Are you ready for the new Internet ? > > > >> http://www.consulintel.es > > > >> The IPv6 Company > > > >> > > > >> This electronic message contains information which may be privileged > or > > > >> confidential. The information is intended to be for the exclusive > use of > > > the > > > >> individual(s) named above and further non-explicilty authorized > > > disclosure, > > > >> copying, distribution or use of the contents of this information, > even if > > > >> partially, including attached files, is strictly prohibited and will > be > > > >> considered a criminal offense. If you are not the intended recipient > be > > > aware > > > >> that any disclosure, copying, distribution or use of the contents of > this > > > >> information, even if partially, including attached files, is strictly > > > >> prohibited, will be considered a criminal offense, so you must reply > to > > > the > > > >> original sender to inform about this communication and delete it. > > > >> > > > >> > > > >> > > > >> _______________________________________________ > > > >> v6ops mailing list > > > >> v6ops@ietf.org > > > >> https://www.ietf.org/mailman/listinfo/v6ops > > > > _______________________________________________ > > > > v6ops mailing list > > > > v6ops@ietf.org > > > > https://www.ietf.org/mailman/listinfo/v6ops > > > _______________________________________________ > > v6ops mailing list > > v6ops@ietf.org > > https://www.ietf.org/mailman/listinfo/v6ops > > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops
- [v6ops] draft-palet-v6ops-transition-ipv4aas disc… Fred Baker
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Richard Patterson
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Fred Baker
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Richard Patterson
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Fred Baker
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Lee Howard
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Mikael Abrahamsson
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Fred Baker
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Ackermann, Michael
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Hans Liu
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Mikael Abrahamsson
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Sander Steffann
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Masanobu Kawashima
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Fred Baker
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … mohamed.boucadair
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Lee Howard
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … STARK, BARBARA H
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Fred Baker
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Richard Patterson
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Ole Troan
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … mohamed.boucadair
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Ole Troan
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … mohamed.boucadair
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … mohamed.boucadair
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … mohamed.boucadair
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … mohamed.boucadair
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Richard Patterson
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … mohamed.boucadair
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … mohamed.boucadair
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … mohamed.boucadair
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Richard Patterson
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … JORDI PALET MARTINEZ
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … mohamed.boucadair
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … joel jaeggli
- Re: [v6ops] draft-palet-v6ops-transition-ipv4aas … Richard Patterson