IETF Logo Mail Archive

Re: [v6ops] About Req for Comments - "Transition to IPv6"

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Thu, 05 March 2020 18:12 UTC

Return-Path: <prvs=1333cdedec=jordi.palet@consulintel.es>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DD953A08FF for <v6ops@ietfa.amsl.com>; Thu, 5 Mar 2020 10:12:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0c6zoqgEcpW7 for <v6ops@ietfa.amsl.com>; Thu, 5 Mar 2020 10:12:46 -0800 (PST)
Received: from mail.consulintel.es (mail.consulintel.es [IPv6:2001:470:1f09:495::5]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 097503A08FC for <v6ops@ietf.org>; Thu, 5 Mar 2020 10:12:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1583431963; x=1584036763; i=jordi.palet@consulintel.es; q=dns/txt; h=User-Agent:Date: Subject:From:To:Message-ID:Thread-Topic:References:In-Reply-To: Mime-version:Content-type:Content-transfer-encoding; bh=IcrQb2OE lZOBuCQQVZamEajEI050rCnIx2CLmw9Dxrg=; b=D5T1c4CwGHS6rLp+80WwS04z IiRb2R47vQNyvileVvsjNn6rClJkgvTZFVudUNYfouJ7kahiv7M5KnhOTbRjgQKx 6w7cILAXM639nUCeMZqtOky/wnX1gOo1Hz5p9MVgASrAMNtjs6aa66eMvrebSA7l q6hMw8mv3KWnJh634cQ=
X-MDAV-Result: clean
X-MDAV-Processed: mail.consulintel.es, Thu, 05 Mar 2020 19:12:43 +0100
X-Spam-Processed: mail.consulintel.es, Thu, 05 Mar 2020 19:12:42 +0100
Received: from [10.192.2.52] by mail.consulintel.es (MDaemon PRO v16.5.2) with ESMTPA id md50000081506.msg for <v6ops@ietf.org>; Thu, 05 Mar 2020 19:12:42 +0100
X-MDRemoteIP: 10.8.10.6
X-MDHelo: [10.192.2.52]
X-MDArrival-Date: Thu, 05 Mar 2020 19:12:42 +0100
X-Authenticated-Sender: jordi.palet@consulintel.es
X-Return-Path: prvs=1333cdedec=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: v6ops@ietf.org
User-Agent: Microsoft-MacOutlook/10.22.0.200209
Date: Thu, 05 Mar 2020 19:12:39 +0100
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: v6ops@ietf.org
Message-ID: <D2622B27-88F4-42A7-B944-C002F40D0DB7@consulintel.es>
Thread-Topic: [v6ops] About Req for Comments - "Transition to IPv6"
References: <e8a25961-5ac9-d35e-77dd-bf86f45cd077@gmail.com> <7eb4dc25-28a6-4927-2356-846e200681d2@gmail.com> <0791D4B0-8390-48D7-AF0A-CE004EC3224C@consulintel.es> <ccc75efb-8c00-ee97-5cc7-2e061e6e5a54@gmail.com> <52b6b9a4f46a49598eccee1b35e5efc5@irs.gov> <89127c25-9c51-c4bb-97ae-3567e80a4c52@gmail.com> <43D0E5A1-E5C5-4ACA-A44D-BC2F67129174@delong.com>
In-Reply-To: <43D0E5A1-E5C5-4ACA-A44D-BC2F67129174@delong.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/uoUzG8kdnX9oJVVTmh_2nvcg4e8>
Subject: Re: [v6ops] About Req for Comments - "Transition to IPv6"
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Mar 2020 18:12:48 -0000

If you read my draft, my opinion is different:

  Definition of IPv6-only

   Consequently, considering the context described in the section above,
   if we want to be precise and avoid confusing others, we can not use
   the terminology "IPv6-only" in a generic way, and we need to define
   what part of the network we are referring to.

   From that perspective, we define the "IPv6-only" status in a given
   part(s) of a network, depending on if there is actual native
   forwarding of IPv4, so IPv4 is not configured neither managed.

So IPv4 may be not configured, or not used natively, but there is no way to prevent that "is there" by means of tunneling of translation.

*unless* you make sure that any encapsulation or translation is filtered, which is close to impossible.

Because we disagree, it seems clear that this document is needed.

So if anyone has inputs, I will consider them in a new version during the weekend.

Regards,
Jordi
@jordipalet
 
 

El 5/3/20 17:46, "v6ops en nombre de Owen DeLong" <v6ops-bounces@ietf.org en nombre de owen@delong.com> escribió:

    
    
    > On Mar 5, 2020, at 6:02 AM, Alexandre Petrescu <alexandre.petrescu@gmail.com> wrote:
    > 
    > Thank you very much for the pointer.  In it I could spot
    > the following footnote: "[4] IPv6-Only refers to network environments in
    > which use of the IPv4 protocol has been eliminated.”
    
    No.
    
    IPv6-Only refers to network environments which are not using IPv4. That could be a network where IPv4 has been eliminated (rare at this time, though Facebook is a significant example) or it could be a greenfield deployment where IPv4 was never deployed.
    
    > 
    > In my humble opinion,
    > 
    > I think, if I am not wrong, that there are no such networks in which
    > IPv4 protocol has been eliminated.  On one hand, a network is made of
    > computers, and IPv4 stacks are still present in almost all computers.
    > On another hand, there might be some ptp links (not networks, but
    > individual links) that run IPv6 only.
    
    You are wrong… There are examples at various levels of IPv6-only networks. Many mobile carriers are IPv6-only in the US, though they do provide some apparent IPv4 capability to the end user through mechanisms such as 464XLAT and/or NAT64.
    
    Another significant example is Facebook where they are essentially IPv6-only throughout their network and provide minimal IPv4 translation shim at the edge to cope with end users that lack IPv6 capability.
    
    > That is why it is hard to agree on the assumption of IPv4 being eliminated somewhere.  Worse, it makes look as if the goal of that 'IPv6-only' is to arrive at that same situation which in fact does use IPv4.
    
    As a general rule, once IPv6 is ubiquitously deployed in a network, the preservation of IPv4 in the majority of that network becomes an unnecessary cost factor and a security risk (increased attack surface, if nothing else). As such, I think you will see an increasing number of organizations follow on to the way Facebook has managed their transition and start eliminating IPv4 wherever possible and replacing it with translation shims as far out towards the border as practical.
    
    Owen
    
    
    _______________________________________________
    v6ops mailing list
    v6ops@ietf.org
    https://www.ietf.org/mailman/listinfo/v6ops
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

v2.23.0 | Report a Bug | By Email