[v6ops] Re: 464XLAT-only networks

Lorenzo Colitti <lorenzo@google.com> Sun, 27 October 2024 02:34 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 132B3C14F6F0 for <v6ops@ietfa.amsl.com>; Sat, 26 Oct 2024 19:34:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.61
X-Spam-Level:
X-Spam-Status: No, score=-17.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DcqIumYFU7Km for <v6ops@ietfa.amsl.com>; Sat, 26 Oct 2024 19:34:53 -0700 (PDT)
Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0352C14F694 for <v6ops@ietf.org>; Sat, 26 Oct 2024 19:34:53 -0700 (PDT)
Received: by mail-pg1-x52b.google.com with SMTP id 41be03b00d2f7-7ea9739647bso2226120a12.0 for <v6ops@ietf.org>; Sat, 26 Oct 2024 19:34:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1729996493; x=1730601293; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=M45Nf1JNnMLmrnffAevrEIyfJ2w9ku99U7jE2ydrMzQ=; b=XTFsh778md8XPkLlmE1wm2RmwRSNPH0H2qK9wThye7sQfrcPsiOyC6zSh2DX9yB37c +qTb5NHUY4dVn8HIxn8OvPVnmy3mV6/SoAmiK6vkNOYAo7RAfhwiDpbKdecWRVhA18zR uXu3GRdKpsqooSo9fuHnOxg6kVe83uuozv9keFGqvTd+b5E5K01hg/b56IMhcLlw4/dP baCVmN5qpNHVvmnX7sRrdXj94hYLXD2GhEpwpj77vyNklaqJCKjA15oEd/uLkPt3Knhv mIoAfIm7w4bdEenOXLvELgBRT8FfX5gBOqnTIH0SWVjvduLo1DIeNDb7n+2+wMA8rvYH /oNA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729996493; x=1730601293; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=M45Nf1JNnMLmrnffAevrEIyfJ2w9ku99U7jE2ydrMzQ=; b=f/sBVn8K6MX7mTJkvQ/3Ry6/RXoBUYmdXNV4unpPcxc7oIEDXk7SgQ5m702YkAU4Bm i+hdm+1nE6wo64rX7zjyn2AsO/Eoi4KcsuaWV1tkQVExWNSmgNjhJLj4+jHWShGV8Oh/ 5Lm6AXltm9Ipg9r6cIrZQMfwHBpqfHH5Qveo5EXk3TKIwhST+wSR0i/Z032a7vmqUf+u DcI0Hdi6PIPZwT8JgdrmALPEgyk2/42+2o9kHN5FQRNzbNeJZuaFeDUUaWBiAYmLwSdG swmgXrwIa4GD4szbSdo5H+jGUQ1cMlVUVAYlvmQ18mRwqtHM+HAfanHywXx6MjylL6e/ Ph+w==
X-Gm-Message-State: AOJu0YxJtcvdqnkfXJKlSDP4QfFy0Z+2xSdnsIBK5OQrq5l7s+sJ2Ow1 yWijLv/L8Ggr3lGA6us/ANMyWhBlY9iw1GCe3UD4BXcTnI5vMNVNzNLoA5QbzZk2DVlvNNVW0Xc Kdc/b8i4ewzopUrl0Iny1GuSm9W6WVjBY6HV1fB1gfoXh1QKaKw==
X-Google-Smtp-Source: AGHT+IEYFolOn9hqTL5oY4eWbo+o6e9DW3IQJ+1/HTCeB4DGOCPjjEkW3udjN3/i5hZLsv1u9Ahm4gv0RlXXyyF825Q=
X-Received: by 2002:a05:6a21:a247:b0:1d8:f679:ee03 with SMTP id adf61e73a8af0-1d9a8409fe3mr5622052637.27.1729996492228; Sat, 26 Oct 2024 19:34:52 -0700 (PDT)
MIME-Version: 1.0
References: <CA+-cKyPQR8k=PnG+X+Sj1XXwHmioUQQej3Wmx7jzMGFc=NtXLA@mail.gmail.com> <CAKD1Yr2x5e2OeYzHRiAtDa0-UxkZN6ZHOFZfM7KqMRMx5fdysw@mail.gmail.com> <e87f69e6-1536-4a2b-b69d-0798a1dde779@gmail.com> <CAKD1Yr33S3vtn+Y9V0ybS8Qo8T2zRjjb87GWwXemzuSaJ7pQMQ@mail.gmail.com> <458dbb9f-8ae4-4108-b622-9e2baf81f232@gmail.com> <CAKD1Yr2b5YvCWmQduHahrvAkx_dc8mL1qS871Qc68DB7stViFg@mail.gmail.com> <7b91dbb3-42cf-47c2-aa14-00cdf2196d34@gmail.com> <CAKD1Yr07xrcx-JiqA+13sRbffywE9ypte+JoQLb+Qk4srHH9fQ@mail.gmail.com> <250d23c1-2836-44ca-83c4-c454f4789a29@gmail.com>
In-Reply-To: <250d23c1-2836-44ca-83c4-c454f4789a29@gmail.com>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Sun, 27 Oct 2024 11:34:36 +0900
Message-ID: <CAKD1Yr1KAaU202t3iTHPxBdgsoiNYaYN=qAX_F+NfaUwVtk3gA@mail.gmail.com>
To: "Soni \"It/Its\" L." <fakedme+ietf@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000628f4a06256c32a3"
Message-ID-Hash: OZ7E4KIRIAYFVL76QSLVXKXDRZWKJJJI
X-Message-ID-Hash: OZ7E4KIRIAYFVL76QSLVXKXDRZWKJJJI
X-MailFrom: lorenzo@google.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-v6ops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IPv6 Operations <v6ops@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [v6ops] Re: 464XLAT-only networks
List-Id: v6ops discussion list <v6ops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/iSVO8aDwsE93mt0cqGWrHW-ldDE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Owner: <mailto:v6ops-owner@ietf.org>
List-Post: <mailto:v6ops@ietf.org>
List-Subscribe: <mailto:v6ops-join@ietf.org>
List-Unsubscribe: <mailto:v6ops-leave@ietf.org>

On Sat, 26 Oct 2024, 20:24 Soni "It/Its" L., <fakedme+ietf@gmail.com> wrote:

> I appreciate the "what can we do to drive adoption" sentiment, but I think
> deploying IPv6 without global connectivity is generally*worse* than staying
> IPv4-only. This is because it requires apps to code workarounds such as NAT
> traversal that are not needed on the vast majority of IPv6 networks. It's
> better to deploy IPv4 only and let those hacks die with IPv4.
>
>
> "NAT traversal" is usually used to describe firewall hole punching, which
> is very much still needed in IPv6.
>

It's not the same. NAT traversal requires that apps be able to deal with
the IPv6 assigned to the device not being the same as the address seen by
the server. With IPv6 end-to-end connectivity, this doesn't happen.

it's also nearly entirely irrelevant on a server. so aside from the
> hypothetical DNS lookup latency issue when suffering from packet loss, this
> is a very good way of running IPv6-only software on an IPv4-only network.
>

What IPv6-only software? Who write software that doesn't work on more than
half of the Internet?

Oh, and don't forget the latency penalty incurred on outgoing connections
as the stack tries IPv6 and falls back to IPv4.

any reason why we shouldn't make our customers use a SIIT-DC on their
> IPv4-only networks?
>

It's more complicated and less reliable than IPv4 NAT, more difficult to
operate, imposes latency penalties, and requires that apps deal with
partial reachability. And it provides no advantages over IPv4 NAT. Could
you make it work? Probably. But why would you want to?

>