IETF Logo Mail Archive

Re: [v6ops] FYI: Microsoft's latest on CLAT

Daryll Swer <contact@daryllswer.com> Mon, 11 March 2024 07:01 UTC

Return-Path: <contact@daryllswer.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E1E0C14F6B1 for <v6ops@ietfa.amsl.com>; Mon, 11 Mar 2024 00:01:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=daryllswer.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jv3LWQx4dgit for <v6ops@ietfa.amsl.com>; Mon, 11 Mar 2024 00:01:07 -0700 (PDT)
Received: from mail-pf1-x429.google.com (mail-pf1-x429.google.com [IPv6:2607:f8b0:4864:20::429]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A568C14F6A8 for <v6ops@ietf.org>; Mon, 11 Mar 2024 00:01:06 -0700 (PDT)
Received: by mail-pf1-x429.google.com with SMTP id d2e1a72fcca58-6e5d7f1f25fso1594607b3a.0 for <v6ops@ietf.org>; Mon, 11 Mar 2024 00:01:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=daryllswer.com; s=google; t=1710140465; x=1710745265; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=v8hQwJLcidiC52nPBt2EdXsjyPwG7NQ/7ipnuu5Uav8=; b=cPxz0DwXOmcwUzpnNE3YNHpRP00iqHo+UDG+UYBzFpGvloWryZOKbc37lPbrwjImxh mfVIWW9xiFDkMEVbRPuqMiiwQaUdjx285S8P3HC4lkcqbkCl08TEeRzyR+BtXHS2NNMs 6gYfKQAH9WNUomTjEHBfVNCjSYr6Zz6V5KOTyVZBsvf0+oLUNLwrjLpI2M7WyNKAnOqE BW5VR7DxgDLOVgqqBSregkpqsPHSemDaq/L44mzbYhFs/lEooR2thl5MZ2uxYk8CvvS6 RHdSPXzcQo28vVJZw21xI1z0Z3o/VoD3+QtWsj4r+XU3dzmuF9TB9FnfS5xLPqQpS6G5 leMA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710140465; x=1710745265; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=v8hQwJLcidiC52nPBt2EdXsjyPwG7NQ/7ipnuu5Uav8=; b=r8ojmSoaojLyeLWT+1da32iirYJL3oRHioxrmyBEZMqP9FYsYZ7dgha2ubrShg7KYf i9cwkz3UD1g7KNd5q/V+ZnKb5by8iD0TgU8RJx4TBDKW8ygO2cWZlg0R6fbUuAZqr8Cy oTLAOuMhba+iiCFCJgeSV77jH98cg9WNJhnas7Qmj1OXKub3KOIPTjLR6oFA7L+N7LPr h0ZMNu8JfB14Wsqb35+q5sKZvNz43dS+11znu1Dek+6kwvWTPorIpyJRX15P7nq5DyiW 8a/glVdt0QL8B4ZSYawy12pZBoOHcv8Y0bocdI3/kjbyu+EP1GG9auEv06zZRybqYrTs L9xw==
X-Forwarded-Encrypted: i=1; AJvYcCVLy4Nb7yoae5Gk4SG0RQS3L8j0XbNORfdVW+AP6T4cpEiTDUdbe3XIC67WaIOr4bFjuqXttwUwp8+q3chWyA==
X-Gm-Message-State: AOJu0YxVLccKBlRGDWNjxf2RGtuDLN7uEp57oabNv39b/ercxjlW1Vbc DmBDZ+HybkjOziPv0kHE3xiaeZLSbtaj5QV96NI68AtfSomUItFEYWfygazFDfo7C+RwE/thqfh YinYlLg==
X-Google-Smtp-Source: AGHT+IFsNnWOSdVgpm34cN/6QR3riDFCr4CZUFU7R9UZ4enrRQZbEXt0rSAbtqAc8kXmxYDJLCuILw==
X-Received: by 2002:a05:6a20:734d:b0:1a1:8c69:ade0 with SMTP id v13-20020a056a20734d00b001a18c69ade0mr3513861pzc.29.1710140465421; Mon, 11 Mar 2024 00:01:05 -0700 (PDT)
Received: from mail-pj1-f41.google.com (mail-pj1-f41.google.com. [209.85.216.41]) by smtp.gmail.com with ESMTPSA id i13-20020a056a00004d00b006e50c083b90sm3627486pfk.212.2024.03.11.00.01.04 for <v6ops@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 11 Mar 2024 00:01:04 -0700 (PDT)
Received: by mail-pj1-f41.google.com with SMTP id 98e67ed59e1d1-29c168f7f38so113696a91.0 for <v6ops@ietf.org>; Mon, 11 Mar 2024 00:01:04 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCVGxdKPPCnu5d3DqPqUJ+8nMfkyLnX8Y2cJeVNo1BjIhI+V6hwPKM/QCAip1QWc1I6F3k4XdfIOD7Exc28BFg==
X-Received: by 2002:a17:90a:3f86:b0:29b:4d0b:66ab with SMTP id m6-20020a17090a3f8600b0029b4d0b66abmr3031346pjc.33.1710140464603; Mon, 11 Mar 2024 00:01:04 -0700 (PDT)
MIME-Version: 1.0
References: <SJ0PR00MB1348781EB81293E8A0521F23FA202@SJ0PR00MB1348.namprd00.prod.outlook.com> <CAKD1Yr1GgOBR+Y5x4-+BCzQFp3usPwd_CM05nfwgM6pT5wef1Q@mail.gmail.com> <884F5E11-364C-4D42-B199-B8FEF33C59C4@employees.org> <CAFU7BAQn-EgpL0mukUUnsBt916UA0P9Qw8KYtC5E5vG3ZMOW7w@mail.gmail.com> <10EF7C0B-0690-4AC0-BD7D-4DAB03C23E76@employees.org> <b03cd464974b4f2cb9319ee8eff71914@huawei.com>
In-Reply-To: <b03cd464974b4f2cb9319ee8eff71914@huawei.com>
From: Daryll Swer <contact@daryllswer.com>
Date: Mon, 11 Mar 2024 12:30:31 +0530
X-Gmail-Original-Message-ID: <CACyFTPGNGJFJL0xc=J6fX0Y7fm9h6LqcA+D-3Mx5P181hYde2Q@mail.gmail.com>
Message-ID: <CACyFTPGNGJFJL0xc=J6fX0Y7fm9h6LqcA+D-3Mx5P181hYde2Q@mail.gmail.com>
To: Vasilenko Eduard <vasilenko.eduard=40huawei.com@dmarc.ietf.org>
Cc: Ole Troan <otroan=40employees.org@dmarc.ietf.org>, Jen Linkova <furry13@gmail.com>, "v6ops@ietf.org" <v6ops@ietf.org>, Tommy Jensen <Jensen.Thomas@microsoft.com>
Content-Type: multipart/alternative; boundary="000000000000e8b36706135d1a93"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/mmXII07rLhOr952Rrr2JyZLrY-4>
Subject: Re: [v6ops] FYI: Microsoft's latest on CLAT
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2024 07:01:11 -0000

>
> - PLAT is 30% more expensive than NAT44 (look to any vendor for
> scalability numbers)

464xlat is stateful, isn't it? To my understanding, MAP-T is “mostly
stateless”, but I have only heard of MAP-T in a very limited number of SPs
around the world. MAP-T on end-devices will probably never happen.

DHCP absence on the most popular OS would still block IPv6 progress in the
> Enterprise.
>
If you read the past email threads on this mailing list, there was an
extensive (and aggressive) debate on DHCPv6 support issues on client
devices, with me included in that discussion. But alas, the SLAAC
apologists still thinks DHCPv6 is anti-IPv6.

I've largely stopped pushing enterprise folks I know of, to IPv6, nobody
wants to waste their resources on SLAAC hacks (which the SLAAC apologists
claims is superior to DHCPv6) for logging/compliances etc. Life's so much
simpler as an ISP, ia_na + static /56 or /48 ia_pd to the Customer Edge
Router, RADIUS-based AAA/Logging of the prefix, problem solved. State sync
is the only problem left, but, that can be solved using ISC Kea as someone
pointed out before, or opt for an opinionated vendor stack, vendors have
their own state sync mechanism for DHCPv6.

*--*
Best Regards
Daryll Swer
Website: daryllswer.com
<https://mailtrack.io/l/5dcb8586407ba280cf773710505bb808535a7647?url=https%3A%2F%2Fwww.daryllswer.com&u=2153471&signature=442d04c8d2b1a9db>


On Mon, 11 Mar 2024 at 12:19, Vasilenko Eduard <vasilenko.eduard=
40huawei.com@dmarc.ietf.org> wrote:

> IPv6-mostly looks good because it permits to have IPv6-only and IPv4-only
> on the same subnet. It is a smooth transition.
>
> But "CLAT" means that somewhere should be PLAT:
> - double NAT translation for IPv4 to IPv4 traffic -> definitely more
> difficult to troubleshoot.
> - PLAT is 30% more expensive than NAT44 (look to any vendor for
> scalability numbers)
>
> IMHO: IPv6-mostly would not be enough incentive to improve Enterprise
> miserable IPv6 adoption.
> DHCP absence on the most popular OS would still block IPv6 progress in the
> Enterprise.
>
> Eduard
> -----Original Message-----
> From: v6ops <v6ops-bounces@ietf.org> On Behalf Of Ole Troan
> Sent: Friday, March 8, 2024 16:29
> To: Jen Linkova <furry13@gmail.com>
> Cc: v6ops@ietf.org; Tommy Jensen <Jensen.Thomas@microsoft.com>
> Subject: Re: [v6ops] FYI: Microsoft's latest on CLAT
>
> >> I’m also a fan of IPv6-mostly.
> >> Isn’t it too early to state that it has lower operational cost than
> dual-stack (or IPv4 only)?
> >
> > It may be for people who haven't deployed it yet.
>
> Definitely. That was my point. It “may be”. We don’t quite know yet.
>
> >
> >> What I mostly(sic) like about it, is that it provides a clearer path
> towards IPv6 only than dual stack.
> >>
> >> But I would imagine at least for the short term there are going to be
> quite a few operational wrinkles to sort out.
> >
> > When you find a new technology which doesn't have that problem, please
> > let me know ;)
>
> Of course not. It’s an interesting technology. My point was to not
> oversell it. It has the _potential_ to become a good option.
>
>
> >
> >> It’s likely harder to troubleshoot IPv4 problems too.
> >
> > It's not my experience. Actually troubleshooting is much easier.
> > For IPv6-only devices it's just one protocol. For dual-stack devices
> > nothing has changed compared to a dual-stack setup.
>
> Cool! I would just imagine get a few issues with PMTUD discovery,
> traceroute not working and so on.
>
>
> >
> >> And I don’t think it even works on my DHCPv6 single address assigned
> network at all (yet to be tested).
> >
> > Nor would IPv6-only.
>
> Why not?
>
>
> > When you made the decision to assign a single IPv6 address per device,
> > I assume you did evaluate pros and cons.
> > It doesn't make the  designs which are incompatible with your choice bad
> ones.
>
> IPv6 mostly in itself is not incompatible with a single IPv6 address.
> That’s an implementation choice. I haven’t had time to test
> implementations yet.
> Documentation isn’t exactly where Apple shines, but interesting to see
> where Microsoft lands on this one.
>
> Best regards,
> Ole
>
>
> >
> >>
> >>> On 8 Mar 2024, at 04:52, Lorenzo Colitti <lorenzo=
> 40google.com@dmarc.ietf.org> wrote:
> >>>
> >>> Great to hear! I think this means that all the major platforms will
> support the "IPv6-mostly" operational model that v6ops has been working on
> for the past few years. That's super important, because it means that any
> network can use this model with confidence that all their clients will work.
> >>>
> >>> Hopefully this will really help adoption of this model in enterprise
> networks. Dual-stack is expensive to operate, but if IPv6-only works, then
> any enterprise that wants to support IPv6 in some form can simply skip
> directly from IPv4-only to IPv6-mostly without having to worry about the
> costs of dual-stack at all.
> >>>
> >>> On Fri, Mar 8, 2024 at 5:05 AM Tommy Jensen <Jensen.Thomas=
> 40microsoft.com@dmarc.ietf.org> wrote:
> >>> Good day v6ops,
> >>>
> >>> As a general IPv6 FYI, I'll share Windows' announcement to bring
> >>> CLAT to general networking interfaces which went live today:
> >>> https://techcommunity.microsoft.com/t5/networking-blog/windows-11-pl
> >>> ans-to-expand-clat-support/ba-p/4078173
> >>>
> >>> Looking forward to seeing everyone in Brisbane and talking about CLAT
> recommendations, the draft Jen and I are coauthoring, as Windows will be an
> implementor!
> >>>
> >>> Thanks,
> >>> Tommy
> >>> _______________________________________________
> >>> v6ops mailing list
> >>> v6ops@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/v6ops
> >>> _______________________________________________
> >>> v6ops mailing list
> >>> v6ops@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/v6ops
> >>
> >>
> >> _______________________________________________
> >> v6ops mailing list
> >> v6ops@ietf.org
> >> https://www.ietf.org/mailman/listinfo/v6ops
> >
> >
> >
> > --
> > Cheers, Jen Linkova
>
>
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>

v2.23.0 | Report a Bug | By Email