IETF Logo Mail Archive

Re: [v6ops] Are we competitive?

Fernando Gont <fernando@gont.com.ar> Thu, 11 August 2022 08:47 UTC

Return-Path: <fernando@gont.com.ar>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 426C3C159497 for <v6ops@ietfa.amsl.com>; Thu, 11 Aug 2022 01:47:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ug9kaPqU9yBh for <v6ops@ietfa.amsl.com>; Thu, 11 Aug 2022 01:47:43 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FB4DC14792F for <v6ops@ietf.org>; Thu, 11 Aug 2022 01:47:40 -0700 (PDT)
Received: from [IPV6:2800:810:464:f13:bf63:3374:d00b:6c3b] (unknown [IPv6:2800:810:464:f13:bf63:3374:d00b:6c3b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 48F9C2800FD; Thu, 11 Aug 2022 08:47:35 +0000 (UTC)
Message-ID: <3f138b03-940a-e83a-6c6e-6039506b6e4b@gont.com.ar>
Date: Thu, 11 Aug 2022 05:47:31 -0300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1
Content-Language: en-US
To: Vasilenko Eduard <vasilenko.eduard=40huawei.com@dmarc.ietf.org>, "buraglio@es.net" <buraglio@es.net>
Cc: IPv6 Operations <v6ops@ietf.org>, Xipengxiao <xipengxiao=40huawei.com@dmarc.ietf.org>
References: <e4a35f0c-757a-aefa-c211-05b6015a4215@gmail.com> <YuJXbruluDmzF3RD@Space.Net> <ec68b29c62034d3e98adec9c5da45ff3@huawei.com> <25e4f9e4-e055-241c-7047-97dca8b09cc8@gmail.com> <3c35a91af90d4b82af724e7ce98378d3@huawei.com> <CAE=N4xcPq3CB5DDjPOk3oAqBfpJRebhXsFExSEAX_Yr3_XsSUg@mail.gmail.com> <97662d43-7daa-191c-792b-49a626fb9769@gmail.com> <CAM5+tA_w9n2=cXc=mgsr8iOx2rndAWgPhnoNBs4UQnJd3gJxNA@mail.gmail.com> <CADzU5g4mSqqVXE9ppe1U=dMM59GUPviArL_5tiQe0yxm-YZrgw@mail.gmail.com> <CAM5+tA9tOGuy8scXStxOTzWOwG_zvDHx4Hi5CwkGiYmzNLOvqw@mail.gmail.com> <9687af1f59a6492f8353ade4d920fa95@huawei.com> <CAM5+tA8UF-3ZHkE0npZ0r5sDQ+FudTSPhpWns1BsPCk=NecX+Q@mail.gmail.com> <7e4606c4534c49a593863bda870b6e63@huawei.com>
From: Fernando Gont <fernando@gont.com.ar>
In-Reply-To: <7e4606c4534c49a593863bda870b6e63@huawei.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/vc9ZBK_jgzwm8gcdWlrCNOaePDM>
Subject: Re: [v6ops] Are we competitive?
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Aug 2022 08:47:49 -0000

Hi, Eduard,

On 11/8/22 04:46, Vasilenko Eduard wrote:
> Hi Nick,
> 
> If no use case for NAT66 specifically
> 
> Then I propose never mentioning it again.
> 
> For a few NAT cases that I have in mind (like MHMP environment)
> 
> NPT is much better.

Comparing NPT with NAT66 is a bit like comparing a steak with a burger. 
  People probably don't eat burgers over stakes because they are better, 
but rather because there are other properties that seem attractive -- 
e.g. "you know what you are getting", "tastes the same everywhere", 
"you're used to it", "it's fast", "you can probably buy it nearby", or 
the like (not necessarily prioritizing the same properties that other 
people might prioritize)

In this case, any folk that can get his/her problem solved by solving it 
with what he/she already knows, with well understood properties, will 
probably do it that way.

Example: I ran into a VPN deployment (access corporate stuff) where IPv4 
connectivity was RFC1918/NAT as expected, and where the v6 part was 
ULA/NAT66.

* Did it solve the problem that it was meant to solve? - Yes

* How would we have changed such deployment if NAT66 was removed? -- 
Probably global IPv6 + a stateful (diode-like) firewall.

The setup felt familiar to the network folks, and at the end of the day 
was acceptable for the security folk (me) -- "win"-"win"... so let's 
spend our time on a problem we actually had, or things that warranted 
more attention.

Going back to the beef analogy: If you are into the meat business, you 
probably want folks to be able to pick among burgers and stakes, as 
opposed to go for, say, vegetables, because they can't get their 
quick-and-tasty burger. :-)

P.S.: Apologies for the (possibly questionable) analogies ;-)

Thanks,
-- 
Fernando Gont
e-mail: fernando@gont.com.ar
PGP Fingerprint: 7F7F 686D 8AC9 3319 EEAD C1C8 D1D5 4B94 E301 6F01

v2.23.0 | Report a Bug | By Email