[v6ops] Re: The V6OPS WG has placed draft-link-v6ops-claton in state "Call For Adoption By WG Issued"

Jeremy Duncan <jduncan@tachyondynamics.com> Fri, 07 June 2024 03:22 UTC

Return-Path: <jduncan@tachyondynamics.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D6BFC14F682; Thu, 6 Jun 2024 20:22:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tachyondynamics.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JWfHE9_fPJ9W; Thu, 6 Jun 2024 20:22:33 -0700 (PDT)
Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2111.outbound.protection.outlook.com [40.107.95.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2328FC14F61A; Thu, 6 Jun 2024 20:22:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=k2fpCI3i88gJNB0UJKdenXrqxv+apkf9OqLmVA3y2tXdyU+hT83Aw61z6rZo6Scz7vXrnToJSObYFyMLz+JNlZDJ6utMp+9f1csTrwiWSpWz/FRKj/Zsu4GPr708zRj/dNjG9lDPx+NcObL71VBMa9MBY/1V6SmU6jz7ajWfyw4se67SAR09Px2Hy1QzuwNSnaBHlNEVYSlMF29EGkz15WArq1pi+JTUxd/5J+vlfCBXfBTdBTJ6j/+eukUrVpyXQfc4GYP75tmu9c04xNMFKahtGY59Rkbndx/cOjCzC0A3eKq88/i4v0hAcsjDCLAXcQMGCZYvgpJjiM1TwIPsRw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ovrFDW34YVKNyuVpJhVaWc+rRVnuO3ukEJBDC81CCpM=; b=OmxIkf53SQRAcHcwwdlssvZvQ2aYtQWXi7rxA8EQx5S2Ol+QrA3cpDnDtSMXq/hr4sO1II3++VJhITPVt9D7YVN8X/YDPi9WLr2x62rakry/cAcKqT0Cvrmam44tfBUcO7R6CO82wPf05ovSCdmqMkdzsND/DtnFDwXts4fB+HJy65beLG9SR1V3kHp0rYXImtoDqAma90xH31phhSNyrV9B/1Sjxg0wUcQL21LJNGnTebxqeIVQQv4KdUUgVUW+rjdAckc4jmJKISLbJntKnCAoXlQS1AbxfttEf7tqU2POuaUI1roh/2hjgdijTy4Ldo46hJ9HtLW2nlDOgMkBwQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=tachyondynamics.com; dmarc=pass action=none header.from=tachyondynamics.com; dkim=pass header.d=tachyondynamics.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tachyondynamics.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ovrFDW34YVKNyuVpJhVaWc+rRVnuO3ukEJBDC81CCpM=; b=kbE9BxXeVhNS4ZH48WN6iiit/FHj6lHR+aVd9GVye7qpBKE9DEWaGGc+kYFa69t1/Hz62Mzpok2w8c7qWSJYJQFmS/QUwzTlimhdlTed8k/HJAq4bymePTefAVAVxAlc4urWc07s6OaBOBMqp9aJSnY5ClLlESZuOs+pVh6u50c=
Received: from BL1PR18MB4277.namprd18.prod.outlook.com (2603:10b6:208:308::11) by SJ0PR18MB3898.namprd18.prod.outlook.com (2603:10b6:a03:2e8::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7633.33; Fri, 7 Jun 2024 03:22:31 +0000
Received: from BL1PR18MB4277.namprd18.prod.outlook.com ([fe80::e357:79f4:f41a:c329]) by BL1PR18MB4277.namprd18.prod.outlook.com ([fe80::e357:79f4:f41a:c329%5]) with mapi id 15.20.7611.016; Fri, 7 Jun 2024 03:22:31 +0000
From: Jeremy Duncan <jduncan@tachyondynamics.com>
To: Jen Linkova <furry13@gmail.com>, Ed Horley <ed@hexabuild.io>
Thread-Topic: [v6ops] Re: The V6OPS WG has placed draft-link-v6ops-claton in state "Call For Adoption By WG Issued"
Thread-Index: AQHasqNcpx7qhORkJEeGEoeVklR0SrG7qwSAgAADGYA=
Date: Fri, 07 Jun 2024 03:22:31 +0000
Message-ID: <BL1PR18MB4277C82E691F70CD9AD955B9ACFB2@BL1PR18MB4277.namprd18.prod.outlook.com>
References: <171690957965.11067.11831597982527870211@ietfa.amsl.com> <BL1PR18MB42777EB42DB48CE0CD596C5AACF12@BL1PR18MB4277.namprd18.prod.outlook.com> <CAE=N4xcn-pYn4N9PnGpD-WNkHOYa7-1Lc-0oWuqAiOmE1pNROw@mail.gmail.com> <CAFU7BASPWOk9c2jZF=k7gKmVTTTtKhfixsYf=hBvOmteH3iJ8A@mail.gmail.com>
In-Reply-To: <CAFU7BASPWOk9c2jZF=k7gKmVTTTtKhfixsYf=hBvOmteH3iJ8A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=tachyondynamics.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BL1PR18MB4277:EE_|SJ0PR18MB3898:EE_
x-ms-office365-filtering-correlation-id: 2b4ef1c2-86fb-4ee5-1b9e-08dc86a110ed
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230031|1800799015|366007|376005|38070700009;
x-microsoft-antispam-message-info: 04/46j2VxOdkoG13x3Ij8EmuGM37UqmZs/8jZa+Ja8RWw7mh6n00rx8A4bM70NhveEIKkR2XcKG7UecFhCuYymlEC5jA51xH/fxL2yjhOAVqoo/mGSnBJGEc/zyLzrnIDfjENVHQZqOzKqKgME8VopTbKlLGotPI9wrQ0zs59zsNZCRZ1gPKGZA0dwDOEs6lMxdXk/57z95VA4N9NsoCz/X31gV5ydvSHqUdlax1evkXwEVyZQ7f+7lIghg6hWqOTE0adg/A80UlmG4zKprdL4JeIjtJHOWzb1p7/Zsr9YwjJW7E9DXFuijIz96oA3Yg/3DUeq1mja3Y9rodz5Ih2PYJM7iTBF6MP/270iSlm15YOCr6BI1u81cd7ZfY8hLo64tifRXGd2wtCaIsXxyRP6wRrhyzDWT+jhHZH14n97yZ8NIWBdODcAMgLzxdRb/4/cyg4i2lvgClx9Hjk1/GghXXj70PMvADTQT+MCakmM+9UfHAi4oJ/KgDd/SsG5rYopcDyFYzk0pZCsrgpPeCxQqggaonOmrW0ZD6ThBnTQSd7jsZcN/40tnfbYhnAmH3HLQyWG3WMFQ4OBB4qyW5N3/K2cpQJCE+msvJHDBbjr9RDC1Nl49ruPp/eLq8B6/raIXhwcU8dA8eg0PlCG4nKLSB2NUINxhYUZDS+NkqVTPHcWwXI6DrES8c3blsskUCD9B25Ww9uRUp2VwR3gIuYB5GiU8q98Yco03WIWmraJJ+qo3rozQ1YqCUPHI5Cf/JlPr4S3eUPzxmh9ncdIquMzMQ1/GK5Ow/D8oBnqigSkO1VQ5K6Ya3ooEaZFURT2Ji8iSHWbjIqaE/gLQQzjjQGuSuxLsxutwrP2lgUgOlsVnUiWXOSF1gOB7doR25y9Fxw2U0jKsFoWeSrvSWYScHGKgwef2SdZZJF47gznPEW5CI6/3/tsW5goDNyq1JtCIVOPd4X8zjsY4Q5/6u4pwP/ck8506YxEKjOwgoFf7ywnlFwVmlLA0PrU71MVOP5KGyvU6EfStSglCUHGCzDbSbA3uzB9USwn1OETkrCapCDCZlMjNWVG5djFdQuvLxaCcI3qV+x6dG4WIeX41DzxAuRkDehoCse654nuus1db4l8FvAFIUuAZzMRK6JMPCRtLOwUp8owa1xZb5kAoXuBolqFH/m4qzLgm7J4S1KggMVXK8xT/uV3BovjTrIhqShINfzCuu24kA8VyfvSncaGx+GxRKQjYg5SengzMo965mpI1AWROnm5lUIoQ2LpnJHzVuJAxfoPSp1lG7ysMMGrimmVZihP101sYyERkl0vJc3s0KqV2wy1s5vA5Z5jasp8/7
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL1PR18MB4277.namprd18.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(1800799015)(366007)(376005)(38070700009);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: rVZk1i8Si77BJ5z7V6jONXlR48Pz/WQZHExx8a0YouXTj6U1UYQm1CCUOzOXF7KjaQAWGPv2MhCeakihrVKU2h7JreNIKSP5TPnkwdA3cywYPlhsNe7LUKAOGTt6UmO2h8hej5i6vh67nRT1HmyjSdeugYPXNIpWt2/Vps103ILydtYiVu+lTpAa2nBGClDNK8to+nS0dILiaGKzoL1KgT9juCvVfBlmAzII7q0yEjRLlDypqEbHd5ljuv5DcuDGhWC7gZE86QzA6hj1hAE2BHk4Ji0VsvkE8066pcxBBF6RCirYwWYNAV/oJy9oDJoMh4OB3ZjbIfbteTzSxxVs9VPFQAakuYdTkwWOTclPqDdFPBolxeXMQ6gUWiuOClHr63LczM/QyBpC1ceaOJz3zP2AbJ9ez6H5zuZIHxwXjbI3HqTicoERVD6p8/kSkw3AY19K7melJ3QOhOwKWvK8vyuO4K0qNu69M0fiBJspVVxyIkNoTfMVQR/+MP3m2xbPp+FV5BnzutmarYoaVQB+gjq3t5WkTu6E4LRvrVy7w6aw1L0WCJPCuHi8uqTl+k1YmYp+JL3PZaxkFpXIknj3T3tYdTSh/hYnZVrFSKMJr2mOSYZz/+1e5DU91Xpr2N8MM/CYSGWk5PCWal6DitDV0utHQ/nhdguDAvkGnCnGf8w+t9VvF/NYfH8yikSWaRkd+R1IJa9Cc75C2j0qe6ogAWENa0tF3ixC81a2D72zcpOow+CjiPLjYU1iih18VmGrXn1+crFT9WUV8RMGlkUy9i2fT8BcBdcVkb7uGy50jRENsO6EW2Hpv2GQ3BpzpSHPEnsrwiCIx8j7ZXAuMB1bY4xkkKRC0rRbIO2j84+A99t92kQbw3lOX4h+HolHQurA5xL328mWrIU4gsyBDpm4qJTzfppWKU7v4CaIlj34TVwKMwL6QsDM5A0w2qxJz8dXD76LR4FbD3P+l7gIaZAzp5qGo9sG52bHiaT104uVVFMTsDzo38leWCENo9q65KchGV9U14lNJUABHCwJ8ldag5S0ThrMsPbvD4qLhi44xz1SVGaDAf/mOwdzT6ThU49Kn20l1eQoUy+9zYworl68FnyNBzi8e8X4IDzyncJSJmgzgpI2tM6OcbuWxQ4vmz9foM8On9Jo5IlSZl4QI61a6gnU5Lb1NRTFo5gQ2Cc9SBC5UXtt32BZYU+32+3XiMjhpC24QOgMNkBW76heVhK+YuIte+08ZTdiWVcd/RIJCq+IxaF45H9iVupoRp1ARvyN3hriI6+j8s3+sSyk3swmqYbdPTHkBnUX3k1505k5W2UZe0dfgKqsyeC0mOsDXJyFXny8HZ5hshqgTdT+dQWSWEZofEwPj5KThto1cH/9s6Zsp0h6U4+Iafqt2ekmePIBEsnomXSdfnuaM/osbBrCtkdad2G++aPpBmR4XDLpOP1AuroK6a8IGLF0LTAp705mfwThU+RaZQsV1iiAjwUjen+e1o4Fd+JUIyAP6v2fQR1DbvW6usb/6A6N8WCavVIzBp2KMipATcA9P9E3EwVAdDu+ejVKJVpO33kyPy4zCLLT0peumZqfMjgZ3nX1W9PdAo1t4O9va0A9eCJrPkld1fbfOK7Z2xOSzMv8AZWncYS0zOygW6rgxVD57bo1p9humIhVfBAEDrWXKLWRirGF9Q==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: tachyondynamics.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BL1PR18MB4277.namprd18.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2b4ef1c2-86fb-4ee5-1b9e-08dc86a110ed
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jun 2024 03:22:31.1081 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 306ea27d-bb9d-47c1-a6ca-c70495fc7695
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 6AgvVxC+kuQ0CkDwyWrJpN9v8al2qSok2QL5sj454ieC258vNbAWzhXcsQXN3w9za+D+bF4r4a6fBswUHGL1cjZEvcxGbxn+Hyn9VkpGYb0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR18MB3898
Message-ID-Hash: RSVMKDNSGCBEFE5T6UWONLNXNU7GPLFF
X-Message-ID-Hash: RSVMKDNSGCBEFE5T6UWONLNXNU7GPLFF
X-MailFrom: jduncan@tachyondynamics.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-v6ops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF Secretariat <ietf-secretariat-reply@ietf.org>, "draft-link-v6ops-claton@ietf.org" <draft-link-v6ops-claton@ietf.org>, "v6ops-chairs@ietf.org" <v6ops-chairs@ietf.org>, "v6ops@ietf.org" <v6ops@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [v6ops] Re: The V6OPS WG has placed draft-link-v6ops-claton in state "Call For Adoption By WG Issued"
List-Id: v6ops discussion list <v6ops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/qZDYNDmCkRTrfub03WdJabHBsaQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Owner: <mailto:v6ops-owner@ietf.org>
List-Post: <mailto:v6ops@ietf.org>
List-Subscribe: <mailto:v6ops-join@ietf.org>
List-Unsubscribe: <mailto:v6ops-leave@ietf.org>

Thanks Jen, what about the part about changes these:

"For performance and security reasons CLAT SHOULD NOT be enabled if
the node has IPv4 connectivity over the given interface."

To

 "For performance and security reasons CLAT MUST NOT be enabled if
the node has IPv4 connectivity over the given interface."

And

"From a performance perspective, native IPv4 connectivity is
preferrable over 464XLAT, so CLAT SHOULD NOT be enabled if the node
has IPv4 connectivity over the given interface."

To

"From a performance perspective, native IPv4 connectivity is
preferrable over 464XLAT, so CLAT MUST NOT be enabled if the node
has IPv4 connectivity over the given interface."


-Jeremy

-----Original Message-----
From: Jen Linkova <furry13@gmail.com> 
Sent: Thursday, June 6, 2024 11:10 PM
To: Ed Horley <ed@hexabuild.io>
Cc: Jeremy Duncan <jduncan@tachyondynamics.com>; IETF Secretariat <ietf-secretariat-reply@ietf.org>; draft-link-v6ops-claton@ietf.org; v6ops-chairs@ietf.org; v6ops@ietf.org
Subject: Re: [v6ops] Re: The V6OPS WG has placed draft-link-v6ops-claton in state "Call For Adoption By WG Issued"

CAUTION: This email originated from outside the organization. Do not click links or open attachments unless you validate the sender and know the content is safe. Please forward this email to suspicious@tachyondynamics.com if you believe this email is suspicious.

First of all, sorry for the radio silence, I was on vacation.

On Fri, May 31, 2024 at 1:09 AM Ed Horley <ed@hexabuild.io> wrote:
> Jeremy,
> While I am okay with changing these to a MUST, I do wonder about the situation with APIPA addresses and if that might potentially impact a given node that might have self provisioned an IPv4 address to a given interface. Is an APIPA address considered valid IPv4 connectivity (perhaps the node is doing mDNS and has discovered a resource it needs?) There might need to be an exception to account for this?

The draft currently exclude link-local addresses from SHOULD NOT, as the second paragraph of 'Disabling CLAT' section clarifies:

"The node SHOULD disable CLAT immediately upon obtaining an IPv4 address via DHCP or a non-link-local ([RFC3927]) IPv4 address through manual or automated fallback configuration."

IMHO the presence of link-local IPv4 addresses shouldn't impact CLAT, as the security considerations do not apply in that case.

We'll make the changes to clarify that "IPv4 connectivity" doesn't include IPv4 link-local addresses.

> On Tue, May 28, 2024 at 8:39 AM Jeremy Duncan <jduncan=40tachyondynamics.com@dmarc.ietf.org> wrote:
>>
>> I support adoption and request making these changes:
>>
>> "For performance and security reasons CLAT SHOULD NOT be enabled if
>>    the node has IPv4 connectivity over the given interface."
>>
>> To
>>
>> "For performance and security reasons CLAT MUST NOT be enabled if
>>    the node has IPv4 connectivity over the given interface."
>>
>> And
>>
>> "From a performance perspective, native IPv4 connectivity is
>>    preferrable over 464XLAT, so CLAT SHOULD NOT be enabled if the node
>>    has IPv4 connectivity over the given interface."
>>
>> To
>>
>> "From a performance perspective, native IPv4 connectivity is
>>    preferrable over 464XLAT, so CLAT MUST NOT be enabled if the node
>>    has IPv4 connectivity over the given interface."
>>
>>
>> The discussion points and arguments made for security and performance reasons are laid out well as I think could make the case that this be a MUST NOT instead of a SHOULD NOT.
>>
>>
>> -Jeremy
>>
>>
>> -----Original Message-----
>> From: IETF Secretariat <ietf-secretariat-reply@ietf.org>
>> Sent: Tuesday, May 28, 2024 11:20 AM
>> To: draft-link-v6ops-claton@ietf.org; v6ops-chairs@ietf.org; 
>> v6ops@ietf.org
>> Subject: [v6ops] The V6OPS WG has placed draft-link-v6ops-claton in state "Call For Adoption By WG Issued"
>>
>> CAUTION: This email originated from outside the organization. Do not click links or open attachments unless you validate the sender and know the content is safe. Please forward this email to suspicious@tachyondynamics.com if you believe this email is suspicious.
>>
>> The V6OPS WG has placed draft-link-v6ops-claton in state Call For 
>> Adoption By WG Issued (entered by Nick Buraglio)
>>
>> The document is available at
>> https://datatracker.ietf.org/doc/draft-link-v6ops-claton/
>>
>> Comment:
>> This email starts an adoption call for the following document:
>>
>> Title : 464 Customer-side Translator (CLAT): Node Recommendations 
>> Authors : J. Linkova, T. Jensen Pages : 14 Date : 28-May-2024
>>
>> https://datatracker.ietf.org/doc/draft-link-v6ops-claton/
>>
>> This draft details how CLAT shall operate on endpoints.
>>
>> _______________________________________________
>> v6ops mailing list -- v6ops@ietf.org
>> To unsubscribe send an email to v6ops-leave@ietf.org 
>> _______________________________________________
>> v6ops mailing list -- v6ops@ietf.org
>> To unsubscribe send an email to v6ops-leave@ietf.org
>
>
>
> --
> Ed Horley
> ed@hexabuild.io | (925) 876-6604
> Advancing Cloud, IoT, and Security with IPv6 https://hexabuild.io And 
> check out the IPv6 Buzz Podcast at 
> https://packetpushers.net/series/ipv6-buzz/



--
Cheers, Jen Linkova