Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion

[JORDI PALET MARTINEZ <jordi.palet@consulintel.es>]

Responding to myself ... The alternative maybe to not say anything about RFC6887, so the SHOULD in RFC7084 is in effect and add a SHOULD for RFC6970.

Regards,
Jordi
 
 
-----Mensaje original-----
De: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
Fecha: viernes, 27 de abril de 2018, 10:27
Para: V6 Ops List <v6ops@ietf.org>
Asunto: Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion

    The difference is in RFC7084 is a SHOULD for RFC6887, while here I'm suggesting a MUST when DS-LITE or 464XLAT are implemented.
    
    Asking a MUST for RFC6970, and not having a MUST in RFC6887 seems weird ...
    
    Regards,
    Jordi
     
     
    -----Mensaje original-----
    De: <mohamed.boucadair@orange.com>
    Fecha: viernes, 27 de abril de 2018, 9:45
    Para: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>, V6 Ops List <v6ops@ietf.org>
    Asunto: RE: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
    
        Re-,
        
        Please see inline. 
        
        Cheers,
        Med
        
        > -----Message d'origine-----
        > De : v6ops [mailto:v6ops-bounces@ietf.org] De la part de JORDI PALET MARTINEZ
        > Envoyé : vendredi 27 avril 2018 08:27
        > À : V6 Ops List
        > Objet : Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
        > 
        > Hi Med,
        > 
        > In the document I'm editing right now, I've it already support for RFC6887
        > (464XLAT-2):
        
        [Med] You don't need to add an item for 6887 since this is already covered in 7084:
        
           W-6:  The WAN interface of the CE router SHOULD support a Port
                 Control Protocol (PCP) client as specified in [RFC6887] for use
                 by applications on the CE router.  The PCP client SHOULD follow
                 the procedure specified in Section 8.1 of [RFC6887] to discover
                 its PCP server.  This document takes no position on whether
                 such functionality is enabled by default or mechanisms by which
                 users would configure the functionality.  Handling PCP requests
                 from PCP clients in the LAN side of the CE router is out of
                 scope.
        
        My comment is about the IWF which is needed to allow an UPnP Control Point to interact with a PCP server.
        
        > 
        >    464XLAT requirements:
        > 
        >    464XLAT-1:  The CE Router MUST perform IPv4 Network Address
        >                Translation (NAT) on IPv4 traffic translated using the
        >                CLAT, unless a dedicated /64 prefix has been acquired
        >                using DHCPv6-PD [RFC3633] (IPv6 Prefix Options for
        >                DHCPv6).
        > 
        >    464XLAT-2:  The CE Router MUST support PCP [RFC6887] (Port Control
        >                Protocol), for explicit control over NAT64 mappings.
        
        [Med] This one should be removed since it overlaps with W-6 in 7084.
        
        > 
        >    464XLAT-3:  The CE Router MUST implement [RFC7050] (Discovery of the
        >                IPv6 Prefix Used for IPv6 Address Synthesis) in order to
        >                discover the PLAT-side translation IPv4 and IPv6
        >                prefix(es)/suffix(es).  The CE Router MUST follow
        >                [RFC7225] (Discovering NAT64 IPv6 Prefixes Using the
        >                PCP), in order to learn the PLAT-side translation IPv4
        >                and IPv6 prefix(es)/suffix(es) used by an upstream PCP-
        >                controlled NAT64 device.
        > 
        > 
        > But I now realice that it should be added as well to the DS-Lite section, as
        > it was not present in RFC7084. This is what I've right now:
        > 
        >   DS-Lite requirements:
        > 
        >    DSLITE-1:  The IPv6 CE router MUST support configuration of DS-Lite
        >               via the DS-Lite DHCPv6 option [RFC6334] (DHCPv6 Option for
        >               Dual-Stack Lite).  The IPv6 CE router MAY use other
        >               mechanisms to configure DS-Lite parameters.  Such
        >               mechanisms are outside the scope of this document.
        > 
        >    DSLITE-2:  The IPv6 CE router MUST NOT perform IPv4 Network Address
        >               Translation (NAT) on IPv4 traffic encapsulated using DS-
        >               Lite.
        > 
        > 
        > So just to make sure, you mean to add also to both, 464LAT and DS-LITE also a
        > MUST for RFC6970 ?
        
        [Med] Yes, I'd like to add an item for the IWF, not the PCP Client functionality.  
        
        > 
        > We have a new section with this text suggested by Richard:
        > 
        > 5.  UPnP IGD-PCP IWF Support
        > 
        >    UPnP MAY be enabled on the CE Router for stateless mechanisms that
        >    forward unsolicited inbound packets through to the CE.  If UPnP is
        >    enabled, the agent MUST reject any port mapping requests for ports
        >    outside of the range(s) allocated to the CE Router.
        > 
        >    UPnP SHOULD be disabled for stateful mechanisms that do not forward
        >    unsolicited inbound packets to the CE Router, unless implemented in
        >    conjunction with a method to control the external port mapping, such
        >    as IGD-PCP IWF [RFC6970] (UPnP Internet Gateway Device - Port Control
        >    Protocol Interworking Function).
        > 
        
        [Med] this text does not recommend implementing the IWF. 
        
        > 
        > Regards,
        > Jordi
        > 
        > 
        > -----Mensaje original-----
        > De: <mohamed.boucadair@orange.com>
        > Fecha: viernes, 27 de abril de 2018, 7:26
        > Para: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>, V6 Ops List
        > <v6ops@ietf.org>
        > Asunto: RE: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
        > 
        >     Hi Jordi,
        > 
        >     As you are on it, and given the IETF recommendation in RFC6888:
        > 
        >        REQ-9:  A CGN MUST implement a protocol giving subscribers explicit
        >           control over NAT mappings.  That protocol SHOULD be the Port
        >           Control Protocol [RFC6887].
        > 
        >     which would apply also to the PLAT, I suggest you add an item in the
        > 464lat section to support RFC6970.
        > 
        >     Cheers,
        >     Med
        > 
        >     > -----Message d'origine-----
        >     > De : v6ops [mailto:v6ops-bounces@ietf.org] De la part de JORDI PALET
        > MARTINEZ
        >     > Envoyé : jeudi 26 avril 2018 21:41
        >     > À : V6 Ops List
        >     > Objet : Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
        >     >
        >     > Hi Richard,
        >     >
        >     > As I've moved sections 3 & 4 to the end of the document as annexes,
        > I've
        >     > added a new small section for UPnP with your text. I think this also
        > helps to
        >     > clarify one of the issues raised by Lee.
        >     >
        >     > I'm working on all this changes with my co-authors, and if we are good
        > with
        >     > them, we probably will submit the new version in a couple of days or
        > so.
        >     >
        >     > Thanks!
        >     >
        >     > Regards,
        >     > Jordi
        >     >
        >     >
        >     > -----Mensaje original-----
        >     > De: v6ops <v6ops-bounces@ietf.org> en nombre de Richard Patterson
        >     > <richard@helix.net.nz>
        >     > Fecha: miércoles, 25 de abril de 2018, 11:16
        >     > Para: V6 Ops List <v6ops@ietf.org>
        >     > Asunto: Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
        >     >
        >     >     Section 4 only briefly touches on UPnP, I'd like to propose that we
        >     >     make a recommendation around its behaviour if it is enabled.
        >     >
        >     >     UPnP MAY be enabled on the IPv6 transition CE, for stateless
        >     >     mechanisms that forward unsolicited inbound packets through to the
        > CE.
        >     >     If UPnP is enabled, the agent MUST reject any port mapping requests
        >     >     for ports outside of the range(s) allocated to the IPv6 transition
        > CE.
        >     >
        >     >     UPnP SHOULD be disabled for stateful mechanisms that do not forward
        >     >     unsolicited inbound packets to the CE, unless implemented in
        >     >     conjunction with a method to control the external port mapping,
        > such
        >     >     as IGD-PCP IWF [RFC6970].
        >     >
        >     >     -Richard
        >     >
        >     >
        >     >     On 25 April 2018 at 01:38, Fred Baker <fredbaker.ietf@gmail.com>
        > wrote:
        >     >     >
        >     >     >
        >     >     >> On Apr 24, 2018, at 12:13 PM, STARK, BARBARA H <bs7652@att.com>
        > wrote:
        >     >     >>
        >     >     >> But that doesn't mean I believe the draft has exactly the right
        > set of
        >     > features included. My understanding of "adoption" is that it is still
        >     > possible post-adoption to discuss whether specific features /
        > requirements do
        >     > or don't belong. If the precise set of features and requirements must
        > be
        >     > agreed upon prior to adoption, then I would not be in support of
        > adoption.
        >     > Hopefully we aren't setting the bar that high?
        >     >     >
        >     >     > I understand "adoption as a working group draft" to mean that the
        >     > working group has agreed to work on the draft. There are some working
        > groups
        >     > that seem to confuse "adoption as a work group draft" with "agreement
        > to send
        >     > it to the IESG"; I don't, but expect conversation in between those two
        >     > events.
        >     >     >
        >     >     > That said, I'd like to believe that the draft is pretty close,
        > and that
        >     > changes that need to be made to it will have text offered by the people
        > that
        >     > want them. So - keep your cards and letters coming...
        >     >     >
        >     >     > _______________________________________________
        >     >     > v6ops mailing list
        >     >     > v6ops@ietf.org
        >     >     > https://www.ietf.org/mailman/listinfo/v6ops
        >     >     >
        >     >
        >     >     _______________________________________________
        >     >     v6ops mailing list
        >     >     v6ops@ietf.org
        >     >     https://www.ietf.org/mailman/listinfo/v6ops
        >     >
        >     >
        >     >
        >     >
        >     > **********************************************
        >     > IPv4 is over
        >     > Are you ready for the new Internet ?
        >     > http://www.consulintel.es
        >     > The IPv6 Company
        >     >
        >     > This electronic message contains information which may be privileged or
        >     > confidential. The information is intended to be for the exclusive use
        > of the
        >     > individual(s) named above and further non-explicilty authorized
        > disclosure,
        >     > copying, distribution or use of the contents of this information, even
        > if
        >     > partially, including attached files, is strictly prohibited and will be
        >     > considered a criminal offense. If you are not the intended recipient be
        > aware
        >     > that any disclosure, copying, distribution or use of the contents of
        > this
        >     > information, even if partially, including attached files, is strictly
        >     > prohibited, will be considered a criminal offense, so you must reply to
        > the
        >     > original sender to inform about this communication and delete it.
        >     >
        >     >
        >     >
        >     > _______________________________________________
        >     > v6ops mailing list
        >     > v6ops@ietf.org
        >     > https://www.ietf.org/mailman/listinfo/v6ops
        > 
        > 
        > 
        > 
        > **********************************************
        > IPv4 is over
        > Are you ready for the new Internet ?
        > http://www.consulintel.es
        > The IPv6 Company
        > 
        > This electronic message contains information which may be privileged or
        > confidential. The information is intended to be for the exclusive use of the
        > individual(s) named above and further non-explicilty authorized disclosure,
        > copying, distribution or use of the contents of this information, even if
        > partially, including attached files, is strictly prohibited and will be
        > considered a criminal offense. If you are not the intended recipient be aware
        > that any disclosure, copying, distribution or use of the contents of this
        > information, even if partially, including attached files, is strictly
        > prohibited, will be considered a criminal offense, so you must reply to the
        > original sender to inform about this communication and delete it.
        > 
        > 
        > 
        > _______________________________________________
        > v6ops mailing list
        > v6ops@ietf.org
        > https://www.ietf.org/mailman/listinfo/v6ops
        
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.