IETF Logo Mail Archive

Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xlat-prefix

Warren Kumari <warren@kumari.net> Tue, 09 May 2017 07:16 UTC

Return-Path: <warren@kumari.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 676A7127180 for <v6ops@ietfa.amsl.com>; Tue, 9 May 2017 00:16:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gImwmdfXwUHG for <v6ops@ietfa.amsl.com>; Tue, 9 May 2017 00:16:13 -0700 (PDT)
Received: from mail-ua0-x232.google.com (mail-ua0-x232.google.com [IPv6:2607:f8b0:400c:c08::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 28295126E3A for <v6ops@ietf.org>; Tue, 9 May 2017 00:16:13 -0700 (PDT)
Received: by mail-ua0-x232.google.com with SMTP id e55so65607570uaa.2 for <v6ops@ietf.org>; Tue, 09 May 2017 00:16:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=iE3tPo/KOJMmWpF6aaW5UIY97uoF/JoW+U5BMVdXe44=; b=TIZHmK4FE9dfnQDlR/uUl0QJJTbKTNQAWsfabL/i8cz5IcD1+PYOg2AOS3lS5HluDy e6WqVnvQGCU0tBS6yUH5YpME4IeSbMZynjsUX7zZNvCzYbIuqTQCCP6/SqVoSZTRU63z EpYYhWnDbeJ9SeuStlYhAte1f7draBS0yF6/7ZN7LSvweaNPuvh34Jzd62dIxbhOItYf N//OGd/JAnUChEsVM5Wc6Do5B62zmzEjYAO23KxiCIx51lhkoS5RUeRfawcBV0wX6toJ fZymzIKYDTzj0VloX/31UZn64FYXUAeNMv1nTs+9c1Zfjp1mDZb/9WTgwukuBEVjc8YU VCRw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=iE3tPo/KOJMmWpF6aaW5UIY97uoF/JoW+U5BMVdXe44=; b=ss9zn6mhTWwfdGgcdHNZPS45yxvoYEScbtsu6ZMEj+/UjK4zC6NZFBTl0Q9dze23EO kMYZ34zRmK9ZzrVXI5ctH0p4laFI3IfXHd4PKt48yvrtrhlcirzKdgMMFpZggXE+WNTP UpzG2feWBwABx++kLOaI/0+1Soit7cpMrv97EJwXVcA32+p6nU5D1Rft/BxLnNLFF5Qs rHnNevoZknx7kQw9zSSiic7ibCJPj+SUz+eZfrBy2rbNkm7L0Dmha6h96Zli8D0+A2pw YfBx5y0/ykYyIJPGSAYxrVEY+sJEQFaTkUeFnH6IRnafc1oYz4wOR0+lJNTyIypl5SO5 i6WQ==
X-Gm-Message-State: AN3rC/5VsrV0gOkLposIdkwjfHHH0dGZ7J3w6V+59J81N56xP+OlG+r6 q0JzEr7VLg7LFSfAgxV5Gmla3dM+aMo2
X-Received: by 10.159.51.232 with SMTP id y40mr28030409uab.76.1494314172103; Tue, 09 May 2017 00:16:12 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.71.83 with HTTP; Tue, 9 May 2017 00:15:31 -0700 (PDT)
In-Reply-To: <787AE7BB302AE849A7480A190F8B933009E6C4E8@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <CAHw9_i+=ewtPR9qrmXR_CrSt57y=4RrE-JgZX8Mu-2sL+2cw-Q@mail.gmail.com> <787AE7BB302AE849A7480A190F8B933009E6C4E8@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
From: Warren Kumari <warren@kumari.net>
Date: Tue, 09 May 2017 03:15:31 -0400
Message-ID: <CAHw9_iLAobv2W3dbk+CsuCA7aZzmE3vo2D514tSMMRLVmHiGTA@mail.gmail.com>
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>
Cc: IPv6 Operations <v6ops@ietf.org>, "draft-ietf-v6ops-v4v6-xlat-prefix.all@ietf.org" <draft-ietf-v6ops-v4v6-xlat-prefix.all@ietf.org>, Joe Clarke <jclarke@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/qapA-fKyzllLnQlNeMh9sIfx_QQ>
Subject: Re: [v6ops] AD review of draft-ietf-v6ops-v4v6-xlat-prefix
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 May 2017 07:16:15 -0000

On Tue, May 9, 2017 at 2:36 AM,  <mohamed.boucadair@orange.com> wrote:
> Hi Warren, all,
>
> Please see inline.
>
> Cheers,
> Med
>
>> -----Message d'origine-----
>> De : v6ops [mailto:v6ops-bounces@ietf.org] De la part de Warren Kumari
>> Envoyé : vendredi 5 mai 2017 17:06
>> À : IPv6 Operations; draft-ietf-v6ops-v4v6-xlat-prefix.all@ietf.org; Joe
>> Clarke
>> Objet : [v6ops] AD review of draft-ietf-v6ops-v4v6-xlat-prefix
>>
>> First off, thank you for a clear, well written document.
>> I have completed my AD review, and had a few comments / suggestions.
>>
>> I'd also like to thank Fred for requesting early review, and Joe Clarke
>> for
>> the helpful review. I agree with all of his comments, other than the xref
>> in the
>> abstract -- but, see below on the Updates bit.
>>
>> I've annotated my comments with [C].
>>
>> W
>>
>>
>> Abstract
>>
>>    This document reserves the IPv6 prefix 64:ff9b:1::/48 for local use
>>    within domains that enable IPv4/IPv6 translation mechanisms.  This
>>    document updates RFC6890.
>>
>> [C]: This document updates RFC6890 by ... ? A very brief summary would be
>> good.
>> Actually, I'm not really sure *why* this updates 6890, from what I can see
>> it
>> simply reserves an additional prefix in the registry. If it really
>> *does* update 6890 it should also have a section clearly explaining
>> what changes it makes (including the "new" text). It's entirely
>> possible that I've missed
>> something really obvious here...
>>
>>
>> 4.  Why 64:ff9b:1::/48?
>>
>> [C]: I suspect that there may be some feedback during IESG review that
>> this section is really long, and provides a lot of (once published)
>> unnecessary justification -- however, I found it useful and
>> interesting (and likely needed before publication) - just mentioning
>> so you are prepared.
>>
>> 5.  Deployment Considerations
>>
>>    64:ff9b:1::/48 is intended as a technology-agnostic and generic
>>    reservation.  A network operator may freely use it in combination
>>    with any kind of IPv4/IPv6 translation mechanism deployed within his
>>    network.
>>
>> [C]: If editing anyway, may want to replace "his" with "their" -
>> normally I wouldn't point this out, but apart from the gender issue,
>> network operator could be plural / networks are often owned by
>> multiple people / an org.
>>
>>
>>    64:ff9b:1::/48 or any other more-specific prefix SHOULD NOT be
>>    advertised in inter-domain routing, except by explicit agreement
>>    between all involved parties.  Such prefixes MUST NOT be advertised
>>    to the default-free zone.
>>
>> [C]: ... but you *know* that they will leak - what happens when they
>> do? Does this break anything? (probably not, *might* be worth
>> mentioning though)
>
> [Med] I wonder if a pointer to https://tools.ietf.org/html/rfc6052#section-3.2 would be sufficient here instead of having the full discussion.

Yup, works for me.

>
>>
>>
>> 6.  Checksum Neutrality
>>
>>    Use of 64:ff9b:1::/48 does not in itself guarantee checksum
>>    neutrality, as many of the IPv4/IPv6 translation algorithms it can be
>>    used with are fundamentally incompatible with checksum-neutral
>>    address translations.
>>
>> [C]: Er?! What is this checksum neutral thing of which you speak?! :-)
>> (I think you need a reference here -- I *think* that RFC6296, Section
>> 2.6 is the closest.)
>>
>
> [Med] The text already cites a pointer that is relevant for IPv4/IPv6 address translation matters:

Ok. You might want to mention RFC6052 here, but I'm fine if not
(someone new to the topic will read down to here, and then get
confused and might not read to end of section).

>
>    Section 4.1 of [RFC6052] contains further discussion about IPv4/IPv6
>    translation and checksum neutrality.
>
>>
>>    The Stateless IP/ICMP Translation algorithm [RFC7915] is one well-
>>    known algorithm that can operate in a checksum-neutral manner, when
>>    using the [RFC6052] algorithm for all of its address translations.
>>    However, in order to attain checksum neutrality is imperative that
>>    the translation prefix is chosen carefully.  Specifically, in order
>>    for a 96-bit [RFC6052] prefix to be checksum neutral, all the six
>>    16-bit words in the prefix must add up to a multiple of 0xffff.
>>
>>    The following non-exhaustive list contains examples of translation
>>    prefixes that are checksum neutral when used with the [RFC7915] and
>>    [RFC6052] algorithms:
>>
>>    o  64:ff9b:1:fffe::/96
>>
>>    o  64:ff9b:1:fffd:1::/96
>>
>>    o  64:ff9b:1:fffc:2::/96
>>
>>    o  64:ff9b:1:abcd:0:5431::/96
>>
>>    Section 4.1 of [RFC6052] contains further discussion about IPv4/IPv6
>>    translation and checksum neutrality.
>>
>> [C]: Oh! Here is the reference (I think 6296 Sec 2.6 is clearer.)
>
> [Med] Citing RFC6052 is appropriate here because it discusses IPv4/IPv6 address translation matters while RFC6269 is about IPv6 prefix translation. RFC6052 is clear about the meaning:
>
> ... one's complement checksum if both the IPv4-
>    translatable and the IPv4-converted IPv6 addresses were constructed
>    in a "checksum-neutral" manner, that is, if the IPv6 addresses would
>    have the same one's complement checksum as the embedded IPv4 address.

Ok, fine with me.

Once Tore pushes a new version (without the Updates: , and other
changes)  I can start the IETF LC.
W

>
>>
>> 7.  IANA Considerations
>>
>>    The IANA is requested to add the following entry to the IPv6 Special-
>>    Purpose Address Registry:
>>
>>               +----------------------+---------------------+
>>               | Attribute            | Value               |
>>               +----------------------+---------------------+
>>               | Address Block        | 64:ff9b:1::/48      |
>>               | Name                 | IPv4-IPv6 Translat. |
>>               | RFC                  | (TBD)               |
>>               | Allocation Date      | (TBD)               |
>>               | Termination Date     | N/A                 |
>>               | Source               | True                |
>>               | Destination          | True                |
>>               | Forwardable          | True                |
>>               | Global               | False               |
>>               | Reserved-by-Protocol | False               |
>>               +----------------------+---------------------+
>>
>>    The IANA is furthermore requested to add the following footnote to
>>    the 0000::/8 entry of the Internet Protocol Version 6 Address Space
>>    registry:
>>
>>       64:ff9b:1::/48 reserved for Local-use IPv4/IPv6 Translation [TBD]
>>
>> 8.  Security Considerations
>>
>>    The reservation of 64:ff9b:1::/48 is not known to cause any new
>>    security considerations beyond those documented in Section 5 of
>>    [RFC6052].
>>
>> 9.  References
>>
>> 9.1.  Normative References
>>
>>  [SNIP]
>>
>> [C]: IMO it would be better to have the Acknowledgments section as a
>> numbered section, not an Appendix (I'm not sure if this is actually
>> required, but is, IMO, better form).
>>
>> Appendix A.  Acknowledgments
>>
>>    The author would like to thank Fred Baker, Mohamed Boucadair, Brian E
>>    Carpenter, Pier Carlo Chiodi, David Farmer, Holger Metschulat and
>>    David Schinazi for contributing to the creation of this document.
>>
>>
>> --
>> I don't think the execution is relevant when it was obviously a bad
>> idea in the first place.
>> This is like putting rabid weasels in your pants, and later expressing
>> regret at having chosen those particular rabid weasels and that pair
>> of pants.
>>    ---maf
>>
>> _______________________________________________
>> v6ops mailing list
>> v6ops@ietf.org
>> https://www.ietf.org/mailman/listinfo/v6ops



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

v2.23.0 | Report a Bug | By Email