[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Enhanced SIIT

To: Hesham Soliman <Hesham@elevatemobile.com>
Subject: Re: Enhanced SIIT
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Date: Fri, 19 Oct 2007 13:22:01 +1300
Cc: 'Alain Durand' <alain_durand@cable.comcast.com>, 'Iljitsch van Beijnum' <iljitsch@muada.com>, 'IPv6 Operations' <v6ops@ops.ietf.org>, 'Jari Arkko' <jari.arkko@piuha.net>
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:organization:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=E1SVlOaIz+pO09DPxz+YljgJ4/zftXp/gadmWeXUefIUlEBGtDegKTj1H1myzodukNuboCQlv+6Ipso6pjqbLlojSX/y0+nJ7xrUAuCDTsZCad0T6uQzSCm4lyA644CoN++cZQpk9j/FB6b+pFb/e72XaBEjV31sZj1ALpU3o2M=
In-reply-to: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAZgswlBrljUKcZNe3mbTCm8KAAAAQAAAA47/6rvBffUCFEk0Na89u7AEAAAAA@elevatemobile.com>
Organization: University of Auckland
References: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAZgswlBrljUKcZNe3mbTCm8KAAAAQAAAA47/6rvBffUCFEk0Na89u7AEAAAAA@elevatemobile.com>
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

Hesham,

On 2007-10-18 16:35, Hesham Soliman wrote:

> >> > In my opinion we have to be very systematic about this.> The only way

 > > that we can avoid the intrinsic problems of stateless translation
 > > seems to be to have awareness at the IPv6 end that translation is
 > > happening. (The underlying problem is how to reach legacy IPv4
 > > hosts, who by definition can have no such awareness). That seems to
 > > mean getting rid of the "less" in "Stateless IP/ICMP Translation",
 > > so I think we need to go back to basics. I don't have any specific
 > > proposals in mind, but I'm pretty sure that signalling between
 > > the translator and the IPv6 host will be needed.

>> We have been studying network-triggered translation vs> end-device-triggered> translation. One thing that came out of that study is what> happen when the> translator in the middle fails. If you have a model where> mappings are> triggered by the end-devices, you are going to create a> storm of mapping

 > requests to the fall-back translator.

=> I don't know if anyone remembers this draft by Eirk and I some 7 years
ago:
http://tools.ietf.org/html/draft-ietf-ngtrans-siit-dstm-01

It did maintain the statelessness of the translator. The concern at the time
was that
allocating addresses based on external triggers (DNS lookup from some node
on the Internet)
was a serious DoS attack. But even if you remove that feature/bug, the  rest
of the draft still applies today, given a mechanism of allocating an IPv4
address to the IPv6 host. At the time we chose DSTM, but any mechanism would
work. I think it can be a good reference if the WG still wants to work with
translators.


I didn't consciously remember that draft, but DSTM+NAT4 did occur to
me the other day as a possibility. However, I don't think there's any
real need for the DSTM server and the SIIT or NAT4 box to be separate
- the main point is to define how the IPv6 end knows that it's being
forced from native IPv6 mode to translated mode, and knows what the
other end's view of the source and destination addresses is. (It sounds
a bit like shim6 at that point, with the legacy IPv4 host only being able
to handle IPv4 ULIDs.)

     Brian

References:
- RE: Enhanced SIIT
  - From: "Hesham Soliman" <Hesham@elevatemobile.com>

Prev by Date: Re: Enhanced SIIT
Next by Date: Re: Enhanced SIIT
Previous by thread: RE: Enhanced SIIT
Next by thread: Re: Enhanced SIIT
Index(es):
- Date
- Thread