IETF Logo Mail Archive

Re: [v6tc] Re: Tunneling and Transition Drafts

Fred Baker <fred@cisco.com> Tue, 12 April 2005 18:46 UTC

Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA24397; Tue, 12 Apr 2005 14:46:21 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DLQYf-0001qv-5g; Tue, 12 Apr 2005 14:56:21 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DLQNm-0003pv-AX; Tue, 12 Apr 2005 14:45:06 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DLQNk-0003pk-SA for v6tc@megatron.ietf.org; Tue, 12 Apr 2005 14:45:04 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA24280 for <v6tc@ietf.org>; Tue, 12 Apr 2005 14:45:03 -0400 (EDT)
Received: from sj-iport-3-in.cisco.com ([171.71.176.72] helo=sj-iport-3.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DLQXO-0001ok-0i for v6tc@ietf.org; Tue, 12 Apr 2005 14:55:02 -0400
Received: from sj-core-5.cisco.com (171.71.177.238) by sj-iport-3.cisco.com with ESMTP; 12 Apr 2005 11:44:55 -0700
X-IronPort-AV: i="3.92,96,1112598000"; d="scan'208,217"; a="248530776:sNHT33473232"
Received: from imail.cisco.com (imail.cisco.com [128.107.200.91]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id j3CIiqJd013970; Tue, 12 Apr 2005 11:44:53 -0700 (PDT)
Received: from [210.72.28.195] (tky-vpn-client-230-23.cisco.com [10.70.230.23]) by imail.cisco.com (8.12.11/8.12.10) with ESMTP id j3CIaLcg030091; Tue, 12 Apr 2005 11:36:22 -0700
Mime-Version: 1.0 (Apple Message framework v619.2)
In-Reply-To: <20050412143053.GQ22380@login.ecs.soton.ac.uk>
References: <BE78FA5D.F1CA3%jordi.palet@consulintel.es> <425395F8.50501@renater.fr> <Pine.LNX.4.61.0504061057570.11494@netcore.fi> <4253EBCF.8030800@renater.fr> <20050412143053.GQ22380@login.ecs.soton.ac.uk>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Message-Id: <23ec6165fdb2ab7b2f3946e45caef796@cisco.com>
Content-Transfer-Encoding: 7bit
From: Fred Baker <fred@cisco.com>
Subject: Re: [v6tc] Re: Tunneling and Transition Drafts
Date: Wed, 13 Apr 2005 02:44:49 +0800
To: v6tc@ietf.org, "'v6ops@ops.ietf.org '" <v6ops@ops.ietf.org>
X-Mailer: Apple Mail (2.619.2)
IIM-SIG: v:"1.1"; h:"imail.cisco.com"; d:"cisco.com"; z:"home"; m:"krs"; t:"1113330983.753699"; x:"432200"; a:"rsa-sha1"; b:"nofws:3280"; e:"Iw=="; n:"sQYarK2E51MdcTiUqeif3F7cWdxIfoCiXhdfb9vD5ee/j0jXL15gbFxF2p" "XIweAblu0N6XAgK7k+wrbr7bQDJaCDqOmzqpRUBjIRQAXQ7NzadpmR3pUL6wxaRUtW+c43sl9jC" "50Qg1sXHpPjt8Y+Y16ioyQAQAdSunM4YhevURc="; s:"IIqjPMRHdivuSf634/tvxxaP6vTzu+rzPZNkkhN6bUpPpvlkeXPJjcT1R5VTDAEtojYTuOor" "bB3AzUPuTYunIHjM44Vc9N5GyixZFKYINbqMYL1RKiFnO25PePfNW29M8fomaPaE7xJC8NGX5bj" "BVr65YAUGt0WS8yU+KkvM9Dk="; c:"From: Fred Baker <fred@cisco.com>"; c:"Subject: Re: [v6tc] Re: Tunneling and Transition Drafts"; c:"Date: Wed, 13 Apr 2005 02:44:49 +0800"
IIM-VERIFY: s:"y"; v:"y"; r:"60"; h:"imail.cisco.com"; c:"message from imail.cisco.com verified; "
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 92df29fa99cf13e554b84c8374345c17
Content-Transfer-Encoding: 7bit
X-BeenThere: v6tc@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: v6tc.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/v6tc>, <mailto:v6tc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/v6tc>
List-Post: <mailto:v6tc@ietf.org>
List-Help: <mailto:v6tc-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/v6tc>, <mailto:v6tc-request@ietf.org?subject=subscribe>
Sender: v6tc-bounces@ietf.org
Errors-To: v6tc-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 00e94c813bef7832af255170dca19e36
Content-Transfer-Encoding: 7bit

On Apr 12, 2005, at 10:30 PM, Tim Chown wrote:
> (Hinden) Have a zillion tunnel protocols and I don't see advantage of 
> new generic one.  I vote for limited scope.   Concerned that we are 
> reinventing deployed solutions? (broker?)
> (Durand) (hat off) Schizophrenia or IETF - requirements analysis vs 
> desire to be generic... ball going back and forth.   Chances of 
> success higher if we stay focused on IPv6.

<head uncovered>

My sense is that this sort of hits the point, but in fact misses it 
pretty widely.

The issues with IPv4/IPv6 transition and coexistence boil down, I 
think, to the questions of rendezvous and how/when to use a tunnel vs a 
translation mechanism. The discussion of "do we need 
yet-another-GRE-format" is beside the point - we *don't* need another 
GRE, but we need to know how and when to use the one we have, and in 
that case which one to use, and when the only option is to translate 
(NAT-PT or whatever).

The key question is how one enables two systems to talk with each 
other. This is trivial if we have a parallel implementation - dual 
stacks in both hosts and the entire network. In that case, pick one and 
go with it, and those systems that have not yet turned on IPv6 use 
IPv4. That is already a pretty strong recommendation.

But it also misses something basic - the value that IPv6 brings to the 
party is mostly related to increasing the address pool. If that is not 
true, if we have enough IPv4 addresses that we can build parallel 
networks everywhere, then we don't need a new protocol in the first 
place. If it is true (and it is) then you have to assume that there 
will be edge networks and service networks that are IPv6-only or 
IPv6-dominant pretty early - pick your reason. Once you have an 
IPv6-only/dominant service network, you have the question of IPv4 hosts 
having to use it to communicate over it, IPv6-only/dominant hosts 
needing to communicate over IPv4-only/dominant networks, and IPv6-only 
hosts needing to communicate with IPv4-only hosts.

At that point we have to solve a rendezvous problem. When two of one 
kind of host need to communicate over a network of the other kind, we 
obviously want to tunnel. We can do this using static tunnels, but that 
is a lot of manual configuration. What we really want is some kind of 
auto-tunneling, which means some kind of automated tunnel-endpoint 
location. We could do it by routing, which some proposals suggest: 
inject one type of routes into the other type of network using an 
interesting addressing scheme and make it all automagic. We could do it 
by naming - have what amount do DNS translators and tunnel brokers that 
insert the local-form-addresses of gateways into networks, and as a 
result both communicate to systems of one type of the address of the 
translator/tunnel endpoint and communicate to systems of the other type 
who to route a tunnel to. There are probably other approaches. But if 
we do this in multiple ways, we create a new layer of problems - how 
does a Teredo gateway talk to a Silkroad gateway talk to a DSTM gateway 
talk to a ...? We really need, I think, to pick *one*. and make it work 
well for 90+% of the cases. Note I don't say "cover every case". I'd 
like to, but I also wonder at what point doing so slows down getting 
the protocol out or slows down the transition itself.

I'm perfectly happy to standardize on existing types of tunnels - 
IPsec, GRE, IPv4/IPv6, IPv4/IPv4, IPv6/IPv4, IPv6/IPv6, L2TP, or 
whatever. If we don't solve the rendezvous problem (and btw communicate 
to the peer what kind of tunnel a given gateway is willing to support) 
we have not *touched* the transition problem.

And what I would like to see happen is for someone, somewhere - and 
note that I am very willing to do this in v6ops if people want and also 
willing to send it to v6tc or wherever else - to solve that rendezvous 
problem. As a result, I would like to see the various competing 
transition strategies all rendered OBE and get everyone to converge on 
a single transition approach.

_______________________________________________
v6tc mailing list
v6tc@ietf.org
https://www1.ietf.org/mailman/listinfo/v6tc

v2.23.0 | Report a Bug | By Email