>Yes, you're right. My feeling is that it could be implementation dependent, but not sure right now.
Ok! Then, let's continue the analysis I have started at beginning of this thread. Suppose the order in which a router will process a packet with PF=41 is implementation dependent (as you suggest, although I think this is more theoritical option than practical, but nevertheless it might exist and it's good to analyse it for sake of completness of our analysis).
So, let's suppose now that the first action the router will take when it gets an incoming 41-packet is to act as a 6to4 router, instead of applying proto-41 immidiately. Then, the router decapsulates the packet and looks what the IPv6 dest address is. If the prefix of the IPv6 dest address equals the 6to4 /48 router prefix, the packet is forwarded to its final destination (standard 6to4 way of processing the packets), otherwise, the I-D says it is forwarded to fixed node in the private network.
Now, my question is "Which is this node?" Observe, at this level the router already works with IPv6 packets and it cannot apply proto-41 which is exclusively defined for IPv4 packets. If such forwarding (as you describe in the document) takes plays, then it is not proto-41, it is simply IPv6 forwarding.
Sumarizing, the analysis in the whole thread shows that either you apply 6to4 or proto-41 transition mechanism but not mixing them. And this is my argument when I say if they coexist in a NAT box they should be implemented as two independent modes.
I think this should be written very clearly in the draft in order to avoid misunderstanding.
Greetings,
Mariana
-----------------------------------------------------------------------------------------------------------------
Dr. Mariana Nikolova
Philips Research Laboratories Eindhoven (IST/SwA/DS)
Prof. Holstlaan 4, 5656 AA, Eindhoven, The Netherlands
room: WDC 1.35, phone: +31-40-27-45455
e-mail: mariana.nikolova@philips.com
-----------------------------------------------------------------------------------------------------------------
I have a comment on the following paragraph in Section 5 of your draft
"6to4 and Proto-41 forwarding can coexist in the same NAT box. In that case, an IPv6 over IPv4 packet received, will be forwarded to the private LAN only if the IPv6 destination does not belong to the local 6to4 /48 prefix. Otherwise it will be decapsulated in the NAT box, following 6to4 procedures. This fact avoids the problems created by mobile users when they visit a network that uses 6to4, in the case they have some automatic proto-41 setup. "
Let's analyze how a router works when it's simultaneously supports 6to4 and proto-41 mechanisms as you proposed above.
If there is an proto-41 entity such as (source IPv4 address, target IPv4 address, ID=41) in the NAT table of the router, then the so called prerouting is done for all packets matching this entity. Note, this is the first action taken by the router before any other actions are taken. With other words, the router forwards all incoming IPv4 packets with PF=41 to the target IPv4 address before even decapsulating them and looking what the IPv6 dest address is. So, what is written above "an IPv6 over IPv4 packet received, will be forwarded to the private LAN only if the IPv6 destination does not belong to the local 6to4 /48 prefix. Otherwise it will be decapsulated in the NAT box, following 6to4 procedures." does not work in practice, because it require that the router first decapculates and looks the IPv6 dest. ad! dress.
Summing up, I do see that 6to4 and proto-41 can coexist n the same NAT box but rather as two separate modes, i.e. the router can switch between 6to4 and proto-41 depending of certain preferences as the default one is 6to4 for example. In fact, I see the applicability of proto-41 in IPv4-only NAT boxes, but if the latter are upgraded to 6to4 routers it seems to me overdone to keep proto-41 as well.
Greetings,
Mariana
-----------------------------------------------------------------------------------------------------------------
Dr. Mariana Nikolova
Philips Research Laboratories Eindhoven (IST/SwA/DS)
Prof. Holstlaan 4, 5656 AA, Eindhoven, The Netherlands
room: WDC 1.35, phone: +31-40-27-45455
e-mail: mariana.nikolova@philips.com
-----------------------------------------------------------------------------------------------------------------
**********************************
Madrid 2003 Global IPv6 Summit
Presentations and videos on line at:
http://www.ipv6-es.com
This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.