IETF Logo Mail Archive

Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Tue, 17 April 2018 19:30 UTC

Return-Path: <prvs=1645254bf4=jordi.palet@consulintel.es>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 932671201FA for <v6ops@ietfa.amsl.com>; Tue, 17 Apr 2018 12:30:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7JSM3WHbmKG9 for <v6ops@ietfa.amsl.com>; Tue, 17 Apr 2018 12:30:07 -0700 (PDT)
Received: from mail.consulintel.es (mail.consulintel.es [IPv6:2001:470:1f09:495::5]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 66FEE12420B for <v6ops@ietf.org>; Tue, 17 Apr 2018 12:30:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1523993403; x=1524598203; i=jordi.palet@consulintel.es; q=dns/txt; h=User-Agent:Date: Subject:From:To:Message-ID:Thread-Topic:References:In-Reply-To: Mime-version:Content-type:Content-transfer-encoding; bh=bs+x1aaI lFKl2bKUlmDsVbQVw+stpt+NgFbNunb6ZoQ=; b=h4ti+kAxhLLJIc3CqbVtspWI PpjuaiumBQzIanjZO9gRAm97Vvx7466WndxXSXccPBLiM1t9DWAuFqZXK9tgTQgy zY8T4eFrKK57M/T15j24XeoU5t834d6cLTktePb2QBuu80XaQcc0nPAnNxSkG7YR F6j6LKxB+lUoh1Y41Vs=
X-MDAV-Result: clean
X-MDAV-Processed: mail.consulintel.es, Tue, 17 Apr 2018 21:30:03 +0200
X-Spam-Processed: mail.consulintel.es, Tue, 17 Apr 2018 21:30:02 +0200
Received: from [10.10.10.129] by mail.consulintel.es (MDaemon PRO v16.5.2) with ESMTPA id md50005753001.msg for <v6ops@ietf.org>; Tue, 17 Apr 2018 21:30:02 +0200
X-MDRemoteIP: 2001:470:1f09:495:2052:a03d:454d:1b1
X-MDHelo: [10.10.10.129]
X-MDArrival-Date: Tue, 17 Apr 2018 21:30:02 +0200
X-Authenticated-Sender: jordi.palet@consulintel.es
X-Return-Path: prvs=1645254bf4=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: v6ops@ietf.org
User-Agent: Microsoft-MacOutlook/10.c.0.180410
Date: Tue, 17 Apr 2018 21:29:57 +0200
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: Richard Patterson <richard@helix.net.nz>, V6 Ops List <v6ops@ietf.org>
Message-ID: <C0E1C2A2-BC51-48FC-BFE6-A553B948EE8E@consulintel.es>
Thread-Topic: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
References: <3A083AA8-41D3-4BF8-BE31-5071975B6F98@gmail.com> <CAHL_VyC1xUDDqZRz1r--u8nyuLaZRnsT0ZR7hzOw4HWUkgwPXg@mail.gmail.com>
In-Reply-To: <CAHL_VyC1xUDDqZRz1r--u8nyuLaZRnsT0ZR7hzOw4HWUkgwPXg@mail.gmail.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/pOh-u6z8DHnqMF8zcn4kbJT_SGs>
Subject: Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Apr 2018 19:30:10 -0000

Hi Richard,

Thanks for the input!

Regarding your comment on the NAT44 iptables/netfilter ... Do you think this is something that can be mention/sorted out by some specific text in my ID ?

I'm guessing it will apply to both MAP-T and MAP-E, not sure if in the same way, but we can have some text to at least make sure implementors sort it out, without the need to update the relevant RFCs. Or do you think they should be updated (which open a another can of worms maybe ...).

Regards,
Jordi
 
 

-----Mensaje original-----
De: v6ops <v6ops-bounces@ietf.org> en nombre de Richard Patterson <richard@helix.net.nz>
Fecha: martes, 17 de abril de 2018, 21:21
Para: V6 Ops List <v6ops@ietf.org>
Asunto: Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion

    Hi Fred, et al.
    
    Speaking as an Operator who is currently validating MAP-T as a
    solution, I'm in favour of making sure it itself is included in future
    versions of this draft.
    
    There are multiple vendors offering MAP-T Border Relays, and we've
    been testing both OpenWRT-based CPEs as well as a custom CPE based on
    the Broadcom BCM63138 SoC.
    The Broadcom reference SDK comes with the CERNET kernel module and
    userland tool, and supports hardware acceleration of MAP-T translated
    flows with Broadcom's Runner fastpath.
    
    I was also quite impressed with OpenWRT's implementation; aside from
    initially needing internet connectivity to install the map-t module
    after a fresh install, no further configuration is required to have
    the CPE dynamically configure itself with MAP-T, given the appropriate
    DHCPv6 options.  Kudos to the OpenWRT/LEDE devs on their support.
    
    Re: the draft's §5.3.4.  It's succinct enough, whilst still directing
    implementors to the relevant RFCs, however I'm still mulling over the
    NAT44 and iptables/netfilter concerns that I raised in softwires a few
    months back.[1]   The address-sharing mode's algorithm for port
    allocations, isn't easily implementable with the current
    iptables/netfilter behaviour.  OpenWRT's approach creates rule
    shadowing and port ranges that never get utilised.
    
    -Richard
    
    
    [1] https://www.ietf.org/mail-archive/web/softwires/current/msg06832.html
    
    On 15 April 2018 at 06:00, Fred Baker <fredbaker.ietf@gmail.com> wrote:
    > At IETF 101, Jordi Palet Martinez presented draft-palet-v6ops-transition-ipv4aas. The draft is at https://tools.ietf.org/html/draft-palet-v6ops-transition-ipv4aas, and his presentation deck is at https://datatracker.ietf.org/meeting/101/materials/slides-101-v6ops-transition-requirements-for-ipv6-ce-routers-to-support-ipv4-as-a-service-00.
    >
    > I would like to invite discussion.
    >
    > In particular, this draft derives from draft-ietf-v6ops-rfc7084-bis, and the chairs wonder if it should be reposted as the next version of draft-ietf-v6ops-rfc7084-bis. That should happen if an only if the working group thinks it should be published as an RFC (now or at some point) adding considerations for implementors of RFC 7084 and also implementing transition services.
    >
    > A key comment at IETF 101 was that there remain far too many transition mechanisms listed. It would be helpful, if you hold that opinion, if you could give that advice, identify the mechanism or mechanisms you think should be listed, and indicate the reasoning behind your viewpoint. For example, if you think MAP-T should be listed, it would be helpful to know what operators are implementing MAP-T and are looking for CE Routers that support it. The same comment applies to any such mechanism or service.
    >
    >
    >
    > _______________________________________________
    > v6ops mailing list
    > v6ops@ietf.org
    > https://www.ietf.org/mailman/listinfo/v6ops
    >
    
    _______________________________________________
    v6ops mailing list
    v6ops@ietf.org
    https://www.ietf.org/mailman/listinfo/v6ops
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

v2.23.0 | Report a Bug | By Email