ietf
[Top] [All Lists]

Re: IPv4 outage at next IETF in Chicago

2017-01-24 21:31:54
Frank,

What I’m proposing will not involve installing the “client” part in the devices 
connecting to the IETF network.

The idea is the following:

Upstream provider – IETF router – NAT64/DNS64 – CLAT (can be a virtual machine) 
– IETF default SSID
                                                 
|------------------------------ other IETF SSIDs

So I’m saying the IETF default SSID will behave as a “residential” LAN of the 
CLAT enabled “CPE”.

Regards,
Jordi


-----Mensaje original-----
De: ietf <ietf-bounces(_at_)ietf(_dot_)org> en nombre de Franck Martin 
<franck(_at_)peachymango(_dot_)org>
Responder a: <franck(_at_)peachymango(_dot_)org>
Fecha: martes, 24 de enero de 2017, 21:24
Para: Brian E Carpenter <brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com>
CC: IETF <ietf(_at_)ietf(_dot_)org>
Asunto: Re: IPv4 outage at next IETF in Chicago

    Brian,
    
    This is hardly to prove a point.
    
    It is to have an operational experience so that stuff gets fixed and 
standards get written to fix stuff.
    
    An IPv4 outage is radical, granted, may be it should be done during hackday 
on the weekend before IETF. May be it should not be done at all and instead the 
default network SSID:IETF to be NAT64, with an SSID:IETF-IPv4-only.
    
    May be NAT64 is not the right one, may be it is XLAT464? (NAT64/DNS64 does 
not require much client participation, XLAT464 does).
    
    May be it is way too short to have it in Chicago? Likely.
    
    May be it should be better planned. Certainly.
    
    We need a transition to IPv6-only, this go via dual stack, sure, but do we 
have to wait for the whole world to be IPv6 before we can deprecate IPv4? No, 
we need something that allows to have IPv6-only networks (enterprise, guest, 
customers,...) capable of talking to the legacy Internet. We also realize that 
the bottom line is: "dual stack=dual costs" and "dual stack=dual security 
issues". As the world progress, the need for NAT64 will go away...
    
    So, this is a very interesting discussion, as long we move towards some 
solution(s).
    
    What do you propose?
    
    ----- Original Message -----
    From: "Brian E Carpenter" 
<brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com>
    To: "Franck Martin" <franck(_at_)peachymango(_dot_)org>
    Cc: "IETF" <ietf(_at_)ietf(_dot_)org>
    Sent: Tuesday, January 24, 2017 5:21:23 PM
    Subject: Re: IPv4 outage at next IETF in Chicago
    
    Franck, I try not to be religious about NAT, and I use NAT44 every day
    like most people. Also like most people, I experience occasional
    unexplained failures of web-based transactions. Whether they are due
    to a NAT garbage-collect or a load-balancer failure, I don't know,
    of course. But actually I am not deeply concerned about NAT64, although
    any failures that it generates would be very hard to identify. I am
    more concerned about IETF participants whose devices are not set up
    as dual stack nodes at all. They would be completely blocked. Yes,
    I know, such people should not exist, should be deeply ashamed, etc.
    But I don't see why we would cut them off to prove a point.
    
    Regards
       Brian
    
    On 25/01/2017 14:05, Franck Martin wrote:
    > 
    > ----- Original Message -----
    >> From: "Brian E Carpenter" 
<brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com>
    >> To: "Franck Martin" <franck(_at_)peachymango(_dot_)org>, "IETF" 
<ietf(_at_)ietf(_dot_)org>
    >> Sent: Tuesday, January 24, 2017 4:33:22 PM
    >> Subject: Re: IPv4 outage at next IETF in Chicago
    > 
    >> On 25/01/2017 12:11, Franck Martin wrote:
    >>> I think it is time to move to the next level of IPv6 deployment.
    >>>
    >>> Ideally the IETF WiFi network should now only provide the following 2 
networks:
    >>> 1)IPv6-only
    >>> 2)IPv6-only with NAT64
    >>>
    >>> The later should be the default network.
    >>>
    >>> However you would say, well some stuff will break, some non technical 
people
    >>> will use the IETF network and may have a bad experience, etc...
    >>>
    >>> So to be conservative but at the same time futurist and like it was 
done a few
    >>> years back, why not create again an IPv4 outage of a few hours where 
the above
    >>> 2 networks would be the only networks available?
    >>
    >> That would be a good way of damaging IETF productivity for a few hours.
    > 
    > Do you have evidence of applications not running in a NAT64 environment? 
I'm interested to know them.
    > 
    >>
    >> And for what? Moving away from the mainstream coexistence mechanism (dual
    >> stack),
    >> to a mechanism known to be intrinsically defective (NAT). I don't see 
the point.
    >>
    > 
    > I fail to see how NAT is intrinsically defective, since it is used 
successfully by everyone...
    > 
    > Nevertheless, the goal here is to get the Internet designers (IETF) to 
have operational experience on what needs to be fixed.
    > 
    > When the IPv4 outage happened a few years back, it gave a serious impetus 
in getting IPv6 totally mainstream on many platforms.
    > 
    > IAB encourages IPv6: https://www.iab.org/2016/11/07/iab-statement-on-ipv6/
    > 
    > However going IPv6-only can only be done in walled gardens. There still 
will be many environments with IPv4 only. A solution here is to move networks 
to NAT64, so you only need to support IPv4 at the edges...
    > 
    > Yes creating an outage for the sake of an outage is pointless, experience 
on what works and not work needs to be recorded.
    > 
    > May be the first step instead of doing an outage is to have as default a 
NAT64 network at IETF meetings and a dual stack network for the people that 
experience issues.
    > 
    >  
    >
    
    
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the use of the 
individual(s) named above. If you are not the intended recipient be aware that 
any disclosure, copying, distribution or use of the contents of this 
information, including attached files, is prohibited.