IETF Logo Mail Archive

Re: [v6ops] Implementation Status of PREF64

David Farmer <farmer@umn.edu> Mon, 11 October 2021 19:35 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 231CD3A0902 for <v6ops@ietfa.amsl.com>; Mon, 11 Oct 2021 12:35:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SLTFu5OUg57M for <v6ops@ietfa.amsl.com>; Mon, 11 Oct 2021 12:35:13 -0700 (PDT)
Received: from mta-p7.oit.umn.edu (mta-p7.oit.umn.edu [134.84.196.207]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93D603A08FA for <v6ops@ietf.org>; Mon, 11 Oct 2021 12:35:13 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mta-p7.oit.umn.edu (Postfix) with ESMTP id 4HSpsr3DsdzB52k7 for <v6ops@ietf.org>; Mon, 11 Oct 2021 19:35:12 +0000 (UTC)
X-Virus-Scanned: amavisd-new at umn.edu
Received: from mta-p7.oit.umn.edu ([127.0.0.1]) by localhost (mta-p7.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PCFu-zQIRKTR for <v6ops@ietf.org>; Mon, 11 Oct 2021 14:35:12 -0500 (CDT)
Received: from mail-yb1-f200.google.com (mail-yb1-f200.google.com [209.85.219.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p7.oit.umn.edu (Postfix) with ESMTPS id 4HSpsr0ndSzB52kG for <v6ops@ietf.org>; Mon, 11 Oct 2021 14:35:11 -0500 (CDT)
DMARC-Filter: OpenDMARC Filter v1.3.2 mta-p7.oit.umn.edu 4HSpsr0ndSzB52kG
DKIM-Filter: OpenDKIM Filter v2.11.0 mta-p7.oit.umn.edu 4HSpsr0ndSzB52kG
Received: by mail-yb1-f200.google.com with SMTP id q193-20020a252aca000000b005ba63482993so16003240ybq.0 for <v6ops@ietf.org>; Mon, 11 Oct 2021 12:35:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SENtEsx2TyY3X7CuJcCsqzOIUjbGOd8HTyL0WVNuBAk=; b=ED+azkfEUYPcWsaKuNzeSWJ8I52rosTHgNm7vkxLgUeXW496ApcvfZBQ/Cis7LFwRZ W3y2wie4u3fDAiwiX9eSZGjZ5CpxZxdFdlAvroUvWFtgbvc4bj+W9hgk08jfj6V63mPs q4fFO8T97g/7yxF64cMrkFPGPRtu+pdne6+vyDbmJw1XHkPUh5Xoh1FIn76+0vfJPfNG p8cn9fQ3hF6gwPuoTnbk3xsyjz7UPHM7mflRVxnAhsPl0Ow1EOcPbwo6UfE7ycZqCzV5 vU4JIvENS1252O9AF7cz2/uFPBfGn3+i4be+bAQlZxzvdb1mihcy0ABcbrR+SXt3QDwL foSw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SENtEsx2TyY3X7CuJcCsqzOIUjbGOd8HTyL0WVNuBAk=; b=s/9UWuZllXvYFJ5BXhP+yHH5Tc95pqIbVbUKKZEA+ivhVBlSXZQo0AnC40EZZCOsUE ZwtYxgkwzP00aGaLpfizVlHggnlN52YmT63yDc0Rwg3viWIEIw3fg4qbTSQ6135wXpM4 ymm5UsyJ06eID6b8ViNpJyMlErMw10kCxgGSQsvq7WEwqsjtYNghlcpbxuJ5Pp7YvWQq /D8dnfV4JI6dAyEc8NvMmZLEdINWUrp23dt5bfyP9EnIuvKFjuhDjALAPovHCN+918On IFINv8Lx83egciwDnyxftVfc1qZKoIvxN2vmBIvQivhT+BLgWVwgFyfOS8d0JVBW5lbN tZxg==
X-Gm-Message-State: AOAM530GgQngJOW2GXOshV8OIGemGqKBk5jTi9LnEy0ou4d9btgnWC8Q rqfVHxgHYcwbvrMYakMeedCfKeC926iVuk0wCyW8xrkVNDdb7ySaYSxEZERXO/a7+11lVSdP3sw 6WNtiJH6N7a6R5ePH2N0beenwLg==
X-Received: by 2002:a25:d258:: with SMTP id j85mr26331317ybg.398.1633980910458; Mon, 11 Oct 2021 12:35:10 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyVA5l24iXUViExfO+z2PkkBRjKvKtXsMdXDv2sDc4wsEcs62HInQvgpsd7CSz0l0o6CoZzTPO/Jf9Sa6w29wM=
X-Received: by 2002:a25:d258:: with SMTP id j85mr26331274ybg.398.1633980909995; Mon, 11 Oct 2021 12:35:09 -0700 (PDT)
MIME-Version: 1.0
References: <DDA36020-90CC-471B-83AD-3D98950F1164@delong.com> <CAKD1Yr0T-7t-UHbsJBMLpTjKhPAV5uUQkux6oby89TVUue7PyA@mail.gmail.com> <CO1PR11MB4881D400EA4681F1505040D2D8AA9@CO1PR11MB4881.namprd11.prod.outlook.com> <CAKD1Yr3TmqFxjKuZ57wS7VuPOf6rJvOwnvnQdFrRLQ=DkZ+CCw@mail.gmail.com> <CO1PR11MB4881F411A4D5BEA7A8479726D8AA9@CO1PR11MB4881.namprd11.prod.outlook.com> <D8AEA194-293B-43E4-BCAE-33CD81FB7D8C@delong.com> <CAKD1Yr2Tug-PFV7wAh0s6-gw8W3LcLG7wC1fD7Lu_hMZQYKdtw@mail.gmail.com> <08D2885E-B824-48E8-9703-DCA98771FA37@delong.com> <CAKD1Yr2EVsY3tYUf56R0Q1+KVrowtqh-HgwXj5vxzy4wd-vkTg@mail.gmail.com> <1A6ED87B-666E-439C-852F-2E5C904C0515@delong.com> <CAKD1Yr23fY2DJDvB-9eVFRsxnBnZQ0kZuZfYUfRUHYW=_D=enA@mail.gmail.com> <CAN-Dau1z0q0R61x7iY+Wg_cFRU0jmqr+fR0y=bSXxj+K-n722w@mail.gmail.com> <CAKD1Yr1T_mXfxJGHOrBfqZfexm6GTrUqnFi57710pTroKQK6uQ@mail.gmail.com> <702CB018-1A02-4B32-B9AA-7C7B31521F12@delong.com> <CAKD1Yr0jZR8Efzr_Y6FeiBvHYS8ATmDupx2ABTXXy-rSA_QjmA@mail.gmail.com> <DM6PR02MB69249D4F0A8003E77EC9F153C3B19@DM6PR02MB6924.namprd02.prod.outlook.com> <E1FED93B-674C-46DD-8C39-F6C30475C48A@delong.com> <CAKD1Yr34jv_N0jGKdg=sG76oGU7PdRjYFC_-w9Uvzs=7oGm38w@mail.gmail.com> <E6316781-AC7D-438F-B216-75B1DF9217DC@delong.com> <CAKD1Yr10OKMJ1y8bs5xpt6jS8ZWsqs66oFCXmp-QLySS5Yn4hg@mail.gmail.com> <CAN-Dau3JxPucFnbwZB-M5UD3KkSV++7u03AMQ7vOZJKqPHpJ3Q@mail.gmail.com> <403087B1-51A5-4DF4-9884-441D443DACC2@delong.com> <CAN-Dau3FBLVUSTQsFTrbDEAdy95L8evPdeD_Jg1sK34+DK0O1A@mail.gmail.com> <m1ma0KP-0000HxC@stereo.hq.phicoh.net> <DM6PR02MB69243E7BF6C65700A890BF02C3B59@DM6PR02MB6924.namprd02.prod.outlook.com>
In-Reply-To: <DM6PR02MB69243E7BF6C65700A890BF02C3B59@DM6PR02MB6924.namprd02.prod.outlook.com>
From: David Farmer <farmer@umn.edu>
Date: Mon, 11 Oct 2021 14:34:54 -0500
Message-ID: <CAN-Dau3_qKmdsgjjG+VX=wHDVeT=gxsYwZ-odu8jUN4k-quHQA@mail.gmail.com>
To: "STARK, BARBARA H" <bs7652@att.com>
Cc: Philip Homburg <pch-v6ops-10@u-1.phicoh.com>, "v6ops@ietf.org" <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b5dd6c05ce18d340"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/rsODQVg7MD4dbEcBc05zKQja0_Y>
Subject: Re: [v6ops] Implementation Status of PREF64
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Oct 2021 19:35:19 -0000

On Mon, Oct 11, 2021 at 1:58 PM STARK, BARBARA H <bs7652@att.com> wrote:

>
> > >    Yes, that is technically correct, and I expect most enterprises
> > >    don't, or at least don't want to, view Android devices as routers.
> > >    Also, I expect extending the network or "tethering" is not
> > >    acceptable behavior in a PCI or NIST-800-171 compliance contexts.
> > >    So, that is part of the challenge for this approach. and why
> > >    this may not be an acceptable replacement for IA_AN and/or IA_TA.
> >
> > I wonder what they are doing the IPv4 case. It is hard stop an IPv4
> device
> > from offering NAT to downstream devices. At least, in the case
> > where the enterprise does not have full control over the host.
>
> My experience with other smartphones suggests they only support
> router/hotspot functionality when connected to a radio access network (LTE,
> 5G). That allows the Wi-Fi to be used to supply the hotspot. I haven't seen
> the smartphone act as a Backhaul STA and an AP simultaneously. As has been
> pointed out, this discussion is primarily around Wi-Fi upstream
> connectivity.
> Barbara
>

This has been my experience as well, I haven't seen WiFi to WiFi tethering
provided as an option. But I suppose WiFi to USB or Bluetooth or possibly
other interface types is possible. I've only seen the cellular interface as
the source for tethering to date on smartphones and tablets. But, Internet
sharing on Windows and other OS is equally an issue in this respect.

More generally, by policy, we don’t allow our enterprise network to extend
by the users of the network. We do look for rogue WiFi networks and, to the
extent possible, look for other extensions to our network, this has been
done primarily with IPv4 to date. We are pretty lenient to first offenders,
but employees have been fired and students expelled for repeated offenses.

Nevertheless, explicitly allowing IA_PD could be viewed as explicitly
allowing network extension, and therefore viewed unfavorably especially in
a compliance context.

Thanks.

-- 
===============================================
David Farmer               Email:farmer@umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================

v2.23.0 | Report a Bug | By Email