Re: [v6ops] Status of CLAT implementation on iPhone? (IPv4 apps on IPv6-only PDP type)

Alexandru Petrescu <alexandru.petrescu@gmail.com> Wed, 10 June 2015 13:05 UTC

Return-Path: <alexandru.petrescu@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0ADF21A1BCC for <v6ops@ietfa.amsl.com>; Wed, 10 Jun 2015 06:05:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.084
X-Spam-Level:
X-Spam-Status: No, score=-3.084 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, HELO_EQ_FR=0.35, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_HI=-5, SPF_SOFTFAIL=0.665] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LYU-Uqs5bmbG for <v6ops@ietfa.amsl.com>; Wed, 10 Jun 2015 06:05:14 -0700 (PDT)
Received: from oxalide-out.extra.cea.fr (oxalide-out.extra.cea.fr [132.168.224.8]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58C5F1A1BD9 for <v6ops@ietf.org>; Wed, 10 Jun 2015 06:05:14 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by oxalide.extra.cea.fr (8.14.2/8.14.2/CEAnet-Internet-out-2.3) with ESMTP id t5AD5Cpc029892 for <v6ops@ietf.org>; Wed, 10 Jun 2015 15:05:12 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id A6024203698 for <v6ops@ietf.org>; Wed, 10 Jun 2015 15:07:47 +0200 (CEST)
Received: from muguet2.intra.cea.fr (muguet2.intra.cea.fr [132.166.192.7]) by pisaure.intra.cea.fr (Postfix) with ESMTP id CFF8F203696 for <v6ops@ietf.org>; Wed, 10 Jun 2015 15:07:38 +0200 (CEST)
Received: from [127.0.0.1] (is227335.intra.cea.fr [10.8.34.184]) by muguet2.intra.cea.fr (8.13.8/8.13.8/CEAnet-Intranet-out-1.2) with ESMTP id t5AD521P024327 for <v6ops@ietf.org>; Wed, 10 Jun 2015 15:05:03 +0200
Message-ID: <557835FE.1020800@gmail.com>
Date: Wed, 10 Jun 2015 15:05:02 +0200
From: Alexandru Petrescu <alexandru.petrescu@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: v6ops@ietf.org
References: <54EB1F2F.4000604@gmail.com> <CADhXe503xgpB6cGZC9aVozo+prmQEJ_8w7ELu456na=_ULSMCQ@mail.gmail.com>
In-Reply-To: <CADhXe503xgpB6cGZC9aVozo+prmQEJ_8w7ELu456na=_ULSMCQ@mail.gmail.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/peGX40OiU-Y982tLnFkeXUNPudU>
Subject: Re: [v6ops] Status of CLAT implementation on iPhone? (IPv4 apps on IPv6-only PDP type)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jun 2015 13:05:23 -0000

Resurecting an earlier discussion...

I hear Apple just announced about mandating IPv6 in each app submitted 
to store, and about a tech to offer IPv6 hotspots to app developpers on 
IPv4.

Not sure that includes a CLAT implementation on iPhone, nor about what
kind of protocol spec can realize that IPv4-IPv6 behaviour (CLAT,
64share, DS-MIP, NAT/NPT, any new?).

Alex

Le 23/02/2015 21:38, James Woodyatt a écrit :
> p1. I have no inside information from Apple's Core OS Networking
> group newer than seventeen months ago when I separated. I'm not at
> liberty to discuss confidential stuff even today. That said, I can
> dispel some myths.
>
> p2. The security architecture for networking on iOS will effectively
>  prevent any third-party efforts from delivering a CLAT for iOS.
> Andrew Yourtchenko wrote one for OS X, but it will be necessary for
> Apple Core OS engineers to deliver it on iOS. Anyone who wants to
> review the source code for the Darwin kernel in
> publicsource.apple.com <http://publicsource.apple.com> should be able
> to get a sense of the scope of this problem.
>
> p3. The Android implementation may be Apache-licensed, but— like Mr.
>  Yourtchenko's implementation— it's unsuitable for general production
> use with Apple's networking stack, which has diverged substantially
> from FreeBSD in the last several years. The Darwin kernel networking
> stack in iOS and OS X has interface scoped routes, which the Core
> Networking and Core Telephony subsystems use extensively. The IPv4
> addresses assigned to the host via the CLAT must be attached to the
> same interface as the translated IPv6 address or the interface scoped
> routing won't work properly. Again, see the Darwin kernel source code
> for details.
>
> p4. It might be comparatively easy for Apple to deliver a very
> limited CLAT, using one of several Darwin-specific tricks, e.g. a
> socket filter, that only works to enable certain 3rd-party
> applications, e.g. Skype, on IPv6-only LTE networks with a PLAT
> service available, but that will also have some interoperability
> issues that make it unsuitable for general reliability. I hope they
> don't go that way, but I don't work there anymore, and I don't think
> anyone there would listen to me anyway, if that's what they were to
> decide to do. I can kinda see why they might choose to do this.
>
> For these reasons, I would counsel any operators expecting Apple to
> deliver a CLAT in a forthcoming release of iOS to test it extensively
>  before accepting it. Especially: A) test it with Internet Sharing
> enabled, B) test it with VPN connect-on-demand, and C) test it with
> AirDrop and AirPlay in use. Whatever method they choose to implement
> a CLAT, it will be a tricky job, and I would be surprised if it
> doesn't take a lot of Radar problems to be opened and closed before
> it works acceptably.
>
> Shorter james: I don't think IETF should list having a CLAT as
> requirement for 3GPP mobile devices. It could be awkward for us while
>  the leading vendor of IPv6-capable handsets is shipping without
> one.
>
>
> On Mon, Feb 23, 2015 at 4:38 AM, Alexandru Petrescu
> <alexandru.petrescu@gmail.com <mailto:alexandru.petrescu@gmail.com>>
> wrote:
>
> Hello participants to v6ops WG,
>
> What is the status of a CLAT implementation on iPhone?  Any hint in
> that direction?
>
> I am asking because in private conversation I have noticed doubts
> about this being done.  Or, since the iPhone relies on a bsd
> derivative, it would be technically feasible to implement CLAT on it;
> it is nothing more than some iptables address translation plus a bit
> of python scripting in case.
>
> (CLAT is needed by some IPv4 apps to continue working on a
> smartphone connected solely with an IPv6-only PDP type).
>
> Alex
>
> _________________________________________________ v6ops mailing list
> v6ops@ietf.org <mailto:v6ops@ietf.org>
> https://www.ietf.org/mailman/__listinfo/v6ops
> <https://www.ietf.org/mailman/listinfo/v6ops>
>
>
>
>
> -- james woodyatt <jhw@nestlabs.com <mailto:jhw@nestlabs.com>> Nest
> Labs, Communications Engineering
>
>
> _______________________________________________ v6ops mailing list
> v6ops@ietf.org https://www.ietf.org/mailman/listinfo/v6ops
>