IETF Logo Mail Archive

Re: [v6ops] draft-palet-v6ops-464xlat-opt-cdn-caches **Call for Adoption**

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Wed, 15 January 2020 22:38 UTC

Return-Path: <prvs=1283c99f22=jordi.palet@consulintel.es>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF13B120639 for <v6ops@ietfa.amsl.com>; Wed, 15 Jan 2020 14:38:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FgdBPV_T-Pxw for <v6ops@ietfa.amsl.com>; Wed, 15 Jan 2020 14:38:38 -0800 (PST)
Received: from mail.consulintel.es (mail.consulintel.es [IPv6:2001:470:1f09:495::5]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78B9512010C for <v6ops@ietf.org>; Wed, 15 Jan 2020 14:38:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1579127910; x=1579732710; i=jordi.palet@consulintel.es; q=dns/txt; h=User-Agent:Date: Subject:From:To:Message-ID:Thread-Topic:References:In-Reply-To: Mime-version:Content-type; bh=qCFcs0w4WLt1cRRh5um5QqQNdnQyr3zWHj jRM/MNGnM=; b=AXBmbDM6R4sjO66mkSSO+ikwrnWDBC3deWfGTD92TSbz6zTobV XjZRjSLEMYp1h/lgQstSZDahtboXxwCcsrBIBrBdLBZCoLAtlmbgDfzbqJlKcr0g yVAwhCxEGrbUOP61+pVOTYG89YRon4upWn59b3tjH1aieTniY1BgMz8wM=
X-MDAV-Result: clean
X-MDAV-Processed: mail.consulintel.es, Wed, 15 Jan 2020 23:38:30 +0100
X-Spam-Processed: mail.consulintel.es, Wed, 15 Jan 2020 23:38:30 +0100
Received: from [10.10.10.130] by mail.consulintel.es (MDaemon PRO v16.5.2) with ESMTPA id md50000029979.msg for <v6ops@ietf.org>; Wed, 15 Jan 2020 23:38:29 +0100
X-MDRemoteIP: 2001:470:1f09:495:f04a:6e03:8241:9921
X-MDHelo: [10.10.10.130]
X-MDArrival-Date: Wed, 15 Jan 2020 23:38:29 +0100
X-Authenticated-Sender: jordi.palet@consulintel.es
X-Return-Path: prvs=1283c99f22=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: v6ops@ietf.org
User-Agent: Microsoft-MacOutlook/10.21.0.200113
Date: Wed, 15 Jan 2020 23:38:25 +0100
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: "v6ops@ietf.org" <v6ops@ietf.org>
Message-ID: <4B73F334-E0B2-4302-AF5F-8267108ECDCE@consulintel.es>
Thread-Topic: [v6ops] draft-palet-v6ops-464xlat-opt-cdn-caches **Call for Adoption**
References: <BN7PR05MB5699BA200FB1CF3F05062EDAAE5A0@BN7PR05MB5699.namprd05.prod.outlook.com> <CAKC-DJighXri3HkCAg8-91XpXLTVG6AfB44TE-wwtaUnxJJXAw@mail.gmail.com>
In-Reply-To: <CAKC-DJighXri3HkCAg8-91XpXLTVG6AfB44TE-wwtaUnxJJXAw@mail.gmail.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3661976305_1126600156"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/s8xr_rR5ibl5YGLkK-GRR1deLjs>
Subject: Re: [v6ops] draft-palet-v6ops-464xlat-opt-cdn-caches **Call for Adoption**
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jan 2020 22:38:42 -0000

Hi Erik,

 

 

El 9/1/20 21:07, "v6ops en nombre de Erik Nygren" <v6ops-bounces@ietf.org en nombre de erik+ietf@nygren.org> escribió:

 

While I'm very supportive of 464xlat as a transition technology, and while I was very optimistic about this approach 

at first (and may even have suggested some of the proposals included in the draft), on subsequent

reflections I continue to have significant concerns about the fragility of this approach.

 

CPEs have already state with IPv4, and what we are suggesting is just more of the same (as you said, thanks in part to your suggestions!).

 

Implementing this in a way that works well with a generic CDN  (ie, one not managed

by the operator) will require a significant amount of state and complexity in CPE devices.

It only will take one or two bad CPE implementations to result in CDNs being forced to switch

content to IPv4-only to address user complaints, which would undo what this 

is trying to achieve.

 

I’m for not breaking anything, of course, it could not be smart to get an RFC from something that we know that breaks things.

 

In particular, the fundamental issue is that the RR sets returned for A and AAAA records

from many CDNs are not 1:1 and also change frequently during the lifetime of connections.

 

No doubt, that I will review as many times as needed, all the possible “flows” and interactions to make sure that the text in the document is working and not breaking anything.

 

As such, I continue to have serious reservations about trying to move this forwards

as anything other than Experimental.  If we do move forward, the DNS-based approach

 

You’re right that a single CPE implementation will be bad. But, how that is different from any other RFC?

 

needs to be comfortable moving lots more state into the CPE than I recall seeing

in the last version of this that I read.   In particular, if DNS sees changes to {A,AAAA} 

pairings, it is critical to only apply those to future connections and not break existing 

connections, meaning that CPEs need to keep these rewrite rules associated

with stateful connection tracking.

 

This is what we have now in the document. I can extend the text to make sure it is clear enough and helps implementors in understanding all your points.

 

With the use-case for this being IPv4-only devices, a question may be whether

it is better to focus on trying to get those devices to implement native IPv6 support

 

I will agree on that, but when you ask for vendors of those devices if they will upgrade them to support IPv6, the response is “buy a new SmarTV”. Not everyone can buy a new SmartTV every few years … and what about devices that are still in use and the manufacturer is no longer there?

 

while handling them via a CLAT in the CPE for the time-being.  Alternately, lw4o6

addresses the "offload stateful NAT off of the CPE" in a much less fragile way.

 

The point here is that only 464XLAT is supported in mobile, and as a consequence, in many cases, and especially in operators that want to have a single mechanism for all their access networks, other transition mechanisms aren’t a solution.

 

        Erik

 

 

 

 

 

 

On Wed, Dec 11, 2019 at 2:25 PM Ron Bonica <rbonica=40juniper.net@dmarc.ietf..org> wrote:

Folks,

 

Each week between now and IETF 107, we will review and discuss one draft with an eye towards progressing it.

 

This week, please review and comment on draft-palet-v6ops-464xlat-opt-cdn-caches.

 

When reviewing this draft, please indicate whether you think that V6OPS should adopt it a s a work item.

 

                                                      Fred and Ron

 

 

Juniper Business Use Only

_______________________________________________
v6ops mailing list
v6ops@ietf.org
https://www.ietf.org/mailman/listinfo/v6ops

_______________________________________________ v6ops mailing list v6ops@ietf.org https://www.ietf.org/mailman/listinfo/v6ops 



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

v2.23.0 | Report a Bug | By Email