Re: [v6ops] Status of CLAT implementation on iPhone? (IPv4 apps on IPv6-only PDP type)

Alexandru Petrescu <> Wed, 10 June 2015 13:05 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 0ADF21A1BCC for <>; Wed, 10 Jun 2015 06:05:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.084
X-Spam-Status: No, score=-3.084 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, HELO_EQ_FR=0.35, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_HI=-5, SPF_SOFTFAIL=0.665] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id LYU-Uqs5bmbG for <>; Wed, 10 Jun 2015 06:05:14 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 58C5F1A1BD9 for <>; Wed, 10 Jun 2015 06:05:14 -0700 (PDT)
Received: from ( []) by (8.14.2/8.14.2/CEAnet-Internet-out-2.3) with ESMTP id t5AD5Cpc029892 for <>; Wed, 10 Jun 2015 15:05:12 +0200
Received: from (localhost []) by localhost (Postfix) with SMTP id A6024203698 for <>; Wed, 10 Jun 2015 15:07:47 +0200 (CEST)
Received: from ( []) by (Postfix) with ESMTP id CFF8F203696 for <>; Wed, 10 Jun 2015 15:07:38 +0200 (CEST)
Received: from [] ( []) by (8.13.8/8.13.8/CEAnet-Intranet-out-1.2) with ESMTP id t5AD521P024327 for <>; Wed, 10 Jun 2015 15:05:03 +0200
Message-ID: <>
Date: Wed, 10 Jun 2015 15:05:02 +0200
From: Alexandru Petrescu <>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [v6ops] Status of CLAT implementation on iPhone? (IPv4 apps on IPv6-only PDP type)
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 10 Jun 2015 13:05:23 -0000

Resurecting an earlier discussion...

I hear Apple just announced about mandating IPv6 in each app submitted 
to store, and about a tech to offer IPv6 hotspots to app developpers on 

Not sure that includes a CLAT implementation on iPhone, nor about what
kind of protocol spec can realize that IPv4-IPv6 behaviour (CLAT,
64share, DS-MIP, NAT/NPT, any new?).


Le 23/02/2015 21:38, James Woodyatt a écrit :
> p1. I have no inside information from Apple's Core OS Networking
> group newer than seventeen months ago when I separated. I'm not at
> liberty to discuss confidential stuff even today. That said, I can
> dispel some myths.
> p2. The security architecture for networking on iOS will effectively
>  prevent any third-party efforts from delivering a CLAT for iOS.
> Andrew Yourtchenko wrote one for OS X, but it will be necessary for
> Apple Core OS engineers to deliver it on iOS. Anyone who wants to
> review the source code for the Darwin kernel in
> <> should be able
> to get a sense of the scope of this problem.
> p3. The Android implementation may be Apache-licensed, but— like Mr.
>  Yourtchenko's implementation— it's unsuitable for general production
> use with Apple's networking stack, which has diverged substantially
> from FreeBSD in the last several years. The Darwin kernel networking
> stack in iOS and OS X has interface scoped routes, which the Core
> Networking and Core Telephony subsystems use extensively. The IPv4
> addresses assigned to the host via the CLAT must be attached to the
> same interface as the translated IPv6 address or the interface scoped
> routing won't work properly. Again, see the Darwin kernel source code
> for details.
> p4. It might be comparatively easy for Apple to deliver a very
> limited CLAT, using one of several Darwin-specific tricks, e.g. a
> socket filter, that only works to enable certain 3rd-party
> applications, e.g. Skype, on IPv6-only LTE networks with a PLAT
> service available, but that will also have some interoperability
> issues that make it unsuitable for general reliability. I hope they
> don't go that way, but I don't work there anymore, and I don't think
> anyone there would listen to me anyway, if that's what they were to
> decide to do. I can kinda see why they might choose to do this.
> For these reasons, I would counsel any operators expecting Apple to
> deliver a CLAT in a forthcoming release of iOS to test it extensively
>  before accepting it. Especially: A) test it with Internet Sharing
> enabled, B) test it with VPN connect-on-demand, and C) test it with
> AirDrop and AirPlay in use. Whatever method they choose to implement
> a CLAT, it will be a tricky job, and I would be surprised if it
> doesn't take a lot of Radar problems to be opened and closed before
> it works acceptably.
> Shorter james: I don't think IETF should list having a CLAT as
> requirement for 3GPP mobile devices. It could be awkward for us while
>  the leading vendor of IPv6-capable handsets is shipping without
> one.
> On Mon, Feb 23, 2015 at 4:38 AM, Alexandru Petrescu
> < <>>
> wrote:
> Hello participants to v6ops WG,
> What is the status of a CLAT implementation on iPhone?  Any hint in
> that direction?
> I am asking because in private conversation I have noticed doubts
> about this being done.  Or, since the iPhone relies on a bsd
> derivative, it would be technically feasible to implement CLAT on it;
> it is nothing more than some iptables address translation plus a bit
> of python scripting in case.
> (CLAT is needed by some IPv4 apps to continue working on a
> smartphone connected solely with an IPv6-only PDP type).
> Alex
> _________________________________________________ v6ops mailing list
> <>
> <>
> -- james woodyatt < <>> Nest
> Labs, Communications Engineering
> _______________________________________________ v6ops mailing list