Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion

[JORDI PALET MARTINEZ <jordi.palet@consulintel.es>]

Hi Med,

In the document I'm editing right now, I've it already support for RFC6887 (464XLAT-2):

   464XLAT requirements:

   464XLAT-1:  The CE Router MUST perform IPv4 Network Address
               Translation (NAT) on IPv4 traffic translated using the
               CLAT, unless a dedicated /64 prefix has been acquired
               using DHCPv6-PD [RFC3633] (IPv6 Prefix Options for
               DHCPv6).

   464XLAT-2:  The CE Router MUST support PCP [RFC6887] (Port Control
               Protocol), for explicit control over NAT64 mappings.

   464XLAT-3:  The CE Router MUST implement [RFC7050] (Discovery of the
               IPv6 Prefix Used for IPv6 Address Synthesis) in order to
               discover the PLAT-side translation IPv4 and IPv6
               prefix(es)/suffix(es).  The CE Router MUST follow
               [RFC7225] (Discovering NAT64 IPv6 Prefixes Using the
               PCP), in order to learn the PLAT-side translation IPv4
               and IPv6 prefix(es)/suffix(es) used by an upstream PCP-
               controlled NAT64 device.


But I now realice that it should be added as well to the DS-Lite section, as it was not present in RFC7084. This is what I've right now:

  DS-Lite requirements:

   DSLITE-1:  The IPv6 CE router MUST support configuration of DS-Lite
              via the DS-Lite DHCPv6 option [RFC6334] (DHCPv6 Option for
              Dual-Stack Lite).  The IPv6 CE router MAY use other
              mechanisms to configure DS-Lite parameters.  Such
              mechanisms are outside the scope of this document.

   DSLITE-2:  The IPv6 CE router MUST NOT perform IPv4 Network Address
              Translation (NAT) on IPv4 traffic encapsulated using DS-
              Lite.


So just to make sure, you mean to add also to both, 464LAT and DS-LITE also a MUST for RFC6970 ?

We have a new section with this text suggested by Richard:

5.  UPnP IGD-PCP IWF Support

   UPnP MAY be enabled on the CE Router for stateless mechanisms that
   forward unsolicited inbound packets through to the CE.  If UPnP is
   enabled, the agent MUST reject any port mapping requests for ports
   outside of the range(s) allocated to the CE Router.

   UPnP SHOULD be disabled for stateful mechanisms that do not forward
   unsolicited inbound packets to the CE Router, unless implemented in
   conjunction with a method to control the external port mapping, such
   as IGD-PCP IWF [RFC6970] (UPnP Internet Gateway Device - Port Control
   Protocol Interworking Function).


Regards,
Jordi
 
 
-----Mensaje original-----
De: <mohamed.boucadair@orange.com>
Fecha: viernes, 27 de abril de 2018, 7:26
Para: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>, V6 Ops List <v6ops@ietf.org>
Asunto: RE: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion

    Hi Jordi, 
    
    As you are on it, and given the IETF recommendation in RFC6888:
    
       REQ-9:  A CGN MUST implement a protocol giving subscribers explicit
          control over NAT mappings.  That protocol SHOULD be the Port
          Control Protocol [RFC6887].
    
    which would apply also to the PLAT, I suggest you add an item in the 464lat section to support RFC6970. 
    
    Cheers,
    Med
    
    > -----Message d'origine-----
    > De : v6ops [mailto:v6ops-bounces@ietf.org] De la part de JORDI PALET MARTINEZ
    > Envoyé : jeudi 26 avril 2018 21:41
    > À : V6 Ops List
    > Objet : Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
    > 
    > Hi Richard,
    > 
    > As I've moved sections 3 & 4 to the end of the document as annexes, I've
    > added a new small section for UPnP with your text. I think this also helps to
    > clarify one of the issues raised by Lee.
    > 
    > I'm working on all this changes with my co-authors, and if we are good with
    > them, we probably will submit the new version in a couple of days or so.
    > 
    > Thanks!
    > 
    > Regards,
    > Jordi
    > 
    > 
    > -----Mensaje original-----
    > De: v6ops <v6ops-bounces@ietf.org> en nombre de Richard Patterson
    > <richard@helix.net.nz>
    > Fecha: miércoles, 25 de abril de 2018, 11:16
    > Para: V6 Ops List <v6ops@ietf.org>
    > Asunto: Re: [v6ops] draft-palet-v6ops-transition-ipv4aas discussion
    > 
    >     Section 4 only briefly touches on UPnP, I'd like to propose that we
    >     make a recommendation around its behaviour if it is enabled.
    > 
    >     UPnP MAY be enabled on the IPv6 transition CE, for stateless
    >     mechanisms that forward unsolicited inbound packets through to the CE.
    >     If UPnP is enabled, the agent MUST reject any port mapping requests
    >     for ports outside of the range(s) allocated to the IPv6 transition CE.
    > 
    >     UPnP SHOULD be disabled for stateful mechanisms that do not forward
    >     unsolicited inbound packets to the CE, unless implemented in
    >     conjunction with a method to control the external port mapping, such
    >     as IGD-PCP IWF [RFC6970].
    > 
    >     -Richard
    > 
    > 
    >     On 25 April 2018 at 01:38, Fred Baker <fredbaker.ietf@gmail.com> wrote:
    >     >
    >     >
    >     >> On Apr 24, 2018, at 12:13 PM, STARK, BARBARA H <bs7652@att.com> wrote:
    >     >>
    >     >> But that doesn't mean I believe the draft has exactly the right set of
    > features included. My understanding of "adoption" is that it is still
    > possible post-adoption to discuss whether specific features / requirements do
    > or don't belong. If the precise set of features and requirements must be
    > agreed upon prior to adoption, then I would not be in support of adoption.
    > Hopefully we aren't setting the bar that high?
    >     >
    >     > I understand "adoption as a working group draft" to mean that the
    > working group has agreed to work on the draft. There are some working groups
    > that seem to confuse "adoption as a work group draft" with "agreement to send
    > it to the IESG"; I don't, but expect conversation in between those two
    > events.
    >     >
    >     > That said, I'd like to believe that the draft is pretty close, and that
    > changes that need to be made to it will have text offered by the people that
    > want them. So - keep your cards and letters coming...
    >     >
    >     > _______________________________________________
    >     > v6ops mailing list
    >     > v6ops@ietf.org
    >     > https://www.ietf.org/mailman/listinfo/v6ops
    >     >
    > 
    >     _______________________________________________
    >     v6ops mailing list
    >     v6ops@ietf.org
    >     https://www.ietf.org/mailman/listinfo/v6ops
    > 
    > 
    > 
    > 
    > **********************************************
    > IPv4 is over
    > Are you ready for the new Internet ?
    > http://www.consulintel.es
    > The IPv6 Company
    > 
    > This electronic message contains information which may be privileged or
    > confidential. The information is intended to be for the exclusive use of the
    > individual(s) named above and further non-explicilty authorized disclosure,
    > copying, distribution or use of the contents of this information, even if
    > partially, including attached files, is strictly prohibited and will be
    > considered a criminal offense. If you are not the intended recipient be aware
    > that any disclosure, copying, distribution or use of the contents of this
    > information, even if partially, including attached files, is strictly
    > prohibited, will be considered a criminal offense, so you must reply to the
    > original sender to inform about this communication and delete it.
    > 
    > 
    > 
    > _______________________________________________
    > v6ops mailing list
    > v6ops@ietf.org
    > https://www.ietf.org/mailman/listinfo/v6ops
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.