IETF Logo Mail Archive

Re: [v6ops] draft-palet-v6ops-464xlat-opt-cdn-caches **Call for Adoption**

Ole Troan <otroan@employees.org> Thu, 09 January 2020 19:22 UTC

Return-Path: <otroan@employees.org>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 729AD12011F for <v6ops@ietfa.amsl.com>; Thu, 9 Jan 2020 11:22:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YC1IfhPx2BWN for <v6ops@ietfa.amsl.com>; Thu, 9 Jan 2020 11:22:32 -0800 (PST)
Received: from clarinet.employees.org (clarinet.employees.org [198.137.202.74]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6DF23120123 for <v6ops@ietf.org>; Thu, 9 Jan 2020 11:22:32 -0800 (PST)
Received: from [IPv6:2a01:79d:53aa:d30:d858:cb2e:9abb:2485] (unknown [IPv6:2a01:79d:53aa:d30:d858:cb2e:9abb:2485]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by clarinet.employees.org (Postfix) with ESMTPSA id 4E5784E12701; Thu, 9 Jan 2020 19:22:31 +0000 (UTC)
Content-Type: multipart/alternative; boundary="Apple-Mail-D2799B3F-812F-4DB9-96E2-0987AAFFA1FB"
Content-Transfer-Encoding: 7bit
From: Ole Troan <otroan@employees.org>
Mime-Version: 1.0 (1.0)
Date: Thu, 09 Jan 2020 20:22:29 +0100
Message-Id: <D54B8E3E-3F17-4B60-9338-F92E0329F3FA@employees.org>
References: <CAD6AjGRL72mq11sgdCpH5YL5LkRqECuUdk3NXPhcjzULZ_ZssQ@mail.gmail.com>
Cc: Lencse Gábor <lencse@hit.bme.hu>, v6ops@ietf.org
In-Reply-To: <CAD6AjGRL72mq11sgdCpH5YL5LkRqECuUdk3NXPhcjzULZ_ZssQ@mail.gmail.com>
To: Ca By <cb.list6@gmail.com>
X-Mailer: iPhone Mail (17D5026c)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/tDk5D_jck6AiUx7aHlH_AMfaSrk>
Subject: Re: [v6ops] draft-palet-v6ops-464xlat-opt-cdn-caches **Call for Adoption**
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jan 2020 19:22:34 -0000


> On 9 Jan 2020, at 20:04, Ca By <cb.list6@gmail.com> wrote:
> 
> 
> 
> 
>> On Thu, Jan 9, 2020 at 9:41 AM <otroan@employees.org> wrote:
>> >    Stateful technologies, 464XLAT and DS-Lite (and also NAT444) can
>> >    therefore be much more efficient in terms of port allocation and thus
>> >    public IP address saving.  The price is the stateful operation in the
>> >    service provider network, which allegedly does not scale up well.  It
>> >    should be noticed that in many cases, all those factors may depend on
>> >    how it is actually implemented.
>> > 
>> 
>> Not allegedly.
>> The two mechanism-types do have different scaling properties.
>> The CGN type are pets (scale with sharding + HA mechanisms), the stateless mechanisms behave like cattle. I.e. you just add more instances.
>> 
>> Cheers,
>> Ole
> 
> eh, i don’t believe there is a meaningful scaling function difference.  I don’t know the details of how MAP works, the domains and dhcp dependencies always seemed like a Rube Goldberg machine,  but for 464xlat, if you think of DNS64 being an anycast and / or PREF64 as anycast... you just add more to scale horizontally.  Yes, each NAT64 needs a unique ipv4 pool, but it’s not an artisanal craft. 
> 
> A stateful NAT44 / NAT64 can also scale beyond 65k sessions / ports per ipv4 using a full 5-tuple... so if we are talking about pushing ipv4 efficiency, this cannot be beat. 

All solutions have stateful NATs. It’s just a question if you have one, two or three (in this case one is stateless though).  In a MAP solution the CPE NAT can also operate in endpoint dependent mode. 

It will not be able to utilize the IPv4 as efficiently as the CGN solutions. 

Where the CGN solutions are hard to scale has to do with robustness. Avoiding a single point of failure requires HA solutions (session synchronization) and sharding of the state space. Whatever you think, that’s a lot harder to do than a stateless solution. I have written code for both. 

Cheers 
Ole



> 
> 
>> 
>> _______________________________________________
>> v6ops mailing list
>> v6ops@ietf.org
>> https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email