One can still do DS-lite when the provider only offers NAT64. A
B4 can connect to a AFTR which can be anywhere that is reachable
via IPv6. I can see small ISPs and those that can't get IPv4
addresses for themselves out sourcing the DS-lite service.
--
Mark Andrews, ISC
1 Seymour St., Dundas Va
On 1/9/2011 9:51 PM, Owen DeLong wrote:
On Jan 8, 2011, at 10:46 PM, Matthew Kaufman wrote:
On 1/8/2011 3:16 AM, Leen Besselink wrote:
Hello Mr. Kaufman,
In the upcoming years, we will have no IPv6 in some places and badly
performing IPv4 (CGN, etc.) with working IPv6 in others.
Right. So we
On 1/9/2011 6:42 AM, Cameron Byrne wrote:
1. The companies that have selected NAT64 as a tool for rolling out
IPv6 to address the IPv4 exhaustion business risk are aware of the
various application trade offs. They select NAT64 because it makes
business sense to aggressively go after IPv6 as th
> We have offered on numerous occasions to peer with both of the
> providers that are currently segmented from our ASN (6939), going
> even so far as baking a cake for Cogent (AS174).
Are some parties refusing to use transit, trying to bake in
a de-facto "tier-1" ness?
brandon
On Jan 9, 2011, at 4:57 PM, Leen Besselink wrote:
> On 01/09/2011 07:46 AM, Matthew Kaufman wrote:
>> On 1/8/2011 3:16 AM, Leen Besselink wrote:
>>>
>>> Hello Mr. Kaufman,
>>>
>>> In the upcoming years, we will have no IPv6 in some places and badly
>>> performing IPv4 (CGN, etc.) with working I
On Jan 8, 2011, at 10:46 PM, Matthew Kaufman wrote:
> On 1/8/2011 3:16 AM, Leen Besselink wrote:
>>
>> Hello Mr. Kaufman,
>>
>> In the upcoming years, we will have no IPv6 in some places and badly
>> performing IPv4 (CGN, etc.) with working IPv6 in others.
> Right. So we're discussing just how
On 01/09/2011 07:46 AM, Matthew Kaufman wrote:
> On 1/8/2011 3:16 AM, Leen Besselink wrote:
>>
>> Hello Mr. Kaufman,
>>
>> In the upcoming years, we will have no IPv6 in some places and badly
>> performing IPv4 (CGN, etc.) with working IPv6 in others.
> Right. So we're discussing just how "badly pe
nce v4 over time?
>
> Frank
>
> -Original Message-
> From: Matthew Kaufman [mailto:matt...@matthew.at]
> Sent: Thursday, January 06, 2011 8:57 PM
> To: Joel Jaeggli
> Cc: Nanog Operators' Group
> Subject: Re: Problems with removing NAT from a network
>
> O
On Sat, Jan 8, 2011 at 10:55 PM, Matthew Kaufman wrote:
> On 1/8/2011 3:22 PM, Frank Bulk wrote:
>>
>> Relay nodes are always protecting themselves by rate-limiting, aren't
>> they?
>
> Yes.
>>
>> And isn't most media traffic relayed?
>
> No, not at all. Almost all media traffic goes directly end-
On 1/8/2011 3:22 PM, Frank Bulk wrote:
Relay nodes are always protecting themselves by rate-limiting, aren't they?
Yes.
And isn't most media traffic relayed?
No, not at all. Almost all media traffic goes directly end-to-end by
using really good NAT traversal.
I'm not seeing how the NAT64 sc
On 1/8/2011 3:16 AM, Leen Besselink wrote:
Hello Mr. Kaufman,
In the upcoming years, we will have no IPv6 in some places and badly
performing IPv4 (CGN, etc.) with working IPv6 in others.
Right. So we're discussing just how "badly performing" the IPv4 can be
and still be acceptable as "access
On 1/8/2011 5:20 PM, Jima wrote:
On 1/7/2011 12:39 AM, Matthew Kaufman wrote:
If one end is behind a NAT64 and there is no mechanism for discovering
the NAT64's IPv6 interface prefix and mapping algorithm (and at present
there is not), there is no way to send IPv6 IP packets from the
IPv6-only h
On 1/7/2011 12:39 AM, Matthew Kaufman wrote:
If one end is behind a NAT64 and there is no mechanism for discovering
the NAT64's IPv6 interface prefix and mapping algorithm (and at present
there is not), there is no way to send IPv6 IP packets from the
IPv6-only host to IPv4 literal addresses (tha
capabilities of v6, and
slowly de-preference v4 over time?
Frank
-Original Message-
From: Matthew Kaufman [mailto:matt...@matthew.at]
Sent: Thursday, January 06, 2011 8:57 PM
To: Joel Jaeggli
Cc: Nanog Operators' Group
Subject: Re: Problems with removing NAT from a network
On 1/6/2011 6:
Message-
From: Matthew Kaufman [mailto:matt...@matthew.at]
Sent: Thursday, January 06, 2011 8:55 PM
To: Owen DeLong
Cc: Nanog Operators' Group
Subject: Re: Problems with removing NAT from a network
On 1/6/2011 5:48 PM, Owen DeLong wrote:
> Doesn't all of this become moot if Skype
On 01/07/2011 03:57 AM, Matthew Kaufman wrote:
> On 1/6/2011 6:34 PM, Joel Jaeggli wrote:
>> On 1/6/11 5:48 PM, Owen DeLong wrote:
>>> Doesn't all of this become moot if Skype just develops a dual-stack
>>> capable client
>>> and servers?
>> Really, only some fraction of the supernodes and the logi
On 1/7/2011 1:47 PM, Owen DeLong wrote:
Compatibility addresses don't work on the wire. They're not supposed to. It's a
huge problem if they do.
Sounds like someone should have developed more than 1 compatibility
addressing then.
Jack
On Jan 7, 2011, at 6:32 AM, Jack Bates wrote:
>
>
> On 1/7/2011 4:44 AM, Dobbins, Roland wrote:
>> Yes, it has. There're lots of issues with embedding IP addresses
>> directly into apps and so forth which have nothing to do with NAT.
>
> Embedding into apps isn't the same as embedding into pr
On Jan 7, 2011, at 5:44 AM, Dobbins, Roland wrote:
>
> On Jan 7, 2011, at 4:02 PM, Owen DeLong wrote:
>
>> No, it hasn't always been a Bad Idea.
>
> Yes, it has. There're lots of issues with embedding IP addresses directly
> into apps and so forth which have nothing to do with NAT.
Let me
> On 1/6/2011 9:28 PM, Dan Wing wrote:
> >> -Original Message-
> >> From: Matthew Kaufman [mailto:matt...@matthew.at]
> >> Not really. Imagine the case where you're on IPv6 and you can only
> >> reach
> >> IPv4 via a NAT64, and there's no progress made on the detection
> >> problem.
> >> An
On 1/7/2011 4:44 AM, Dobbins, Roland wrote:
Yes, it has. There're lots of issues with embedding IP addresses
directly into apps and so forth which have nothing to do with NAT.
Embedding into apps isn't the same as embedding into protocol packets.
While NAT and stateful firewalls do tend to
On Jan 7, 2011, at 4:02 PM, Owen DeLong wrote:
> No, it hasn't always been a Bad Idea.
Yes, it has. There're lots of issues with embedding IP addresses directly into
apps and so forth which have nothing to do with NAT.
On Jan 6, 2011, at 11:49 PM, Benson Schliesser wrote:
>
> On Jan 7, 2011, at 12:39 AM, Matthew Kaufman wrote:
>
>> On 1/6/2011 9:28 PM, Dan Wing wrote:
>>>
>>> Skype could make it work with direct UDP packets in about 92% of
>>> cases, per Google's published direct-to-direct statistic at
>>> h
On Jan 7, 2011, at 12:39 AM, Matthew Kaufman wrote:
> On 1/6/2011 9:28 PM, Dan Wing wrote:
>>
>> Skype could make it work with direct UDP packets in about 92% of
>> cases, per Google's published direct-to-direct statistic at
>> http://code.google.com/apis/talk/libjingle/important_concepts.html
>
On Thu, 6 Jan 2011, Matthew Kaufman wrote:
If one end is behind a NAT64 and there is no mechanism for discovering
the NAT64's IPv6 interface prefix and mapping algorithm (and at present
there is not), there is no way to send IPv6 IP packets from the
IPv6-only host to IPv4 literal addresses (th
On 1/6/2011 9:28 PM, Dan Wing wrote:
-Original Message-
From: Matthew Kaufman [mailto:matt...@matthew.at]
Not really. Imagine the case where you're on IPv6 and you can only
reach
IPv4 via a NAT64, and there's no progress made on the detection
problem.
And your family member is on a Skype-
> -Original Message-
> From: Matthew Kaufman [mailto:matt...@matthew.at]
> Sent: Thursday, January 06, 2011 6:55 PM
> To: Owen DeLong
> Cc: Nanog Operators' Group
> Subject: Re: Problems with removing NAT from a network
>
> On 1/6/2011 5:48 PM, Owen DeLong w
On 1/6/2011 6:34 PM, Joel Jaeggli wrote:
On 1/6/11 5:48 PM, Owen DeLong wrote:
Doesn't all of this become moot if Skype just develops a dual-stack capable
client
and servers?
Really, only some fraction of the supernodes and the login servers need
to be dual stack.
Without revealing too much a
On 1/6/2011 5:48 PM, Owen DeLong wrote:
Doesn't all of this become moot if Skype just develops a dual-stack capable
client
and servers?
Not really. Imagine the case where you're on IPv6 and you can only reach
IPv4 via a NAT64, and there's no progress made on the detection problem.
And your fa
On 1/6/11 5:48 PM, Owen DeLong wrote:
> Doesn't all of this become moot if Skype just develops a dual-stack capable
> client
> and servers?
Really, only some fraction of the supernodes and the login servers need
to be dual stack.
> Owen
>
> On Jan 6, 2011, at 1:32 PM, Matthew Kaufman wrote:
>
On Jan 6, 2011, at 8:48 12PM, Owen DeLong wrote:
> Doesn't all of this become moot if Skype just develops a dual-stack capable
> client
> and servers?
Skype is an interesting case because of its peer-to-peer nature. Given the
state of v6 deployment and operational experience[1], and especially
Doesn't all of this become moot if Skype just develops a dual-stack capable
client
and servers?
Owen
On Jan 6, 2011, at 1:32 PM, Matthew Kaufman wrote:
> On 1/6/2011 10:07 AM, Cameron Byrne wrote:
>>
>> Skype is not defined in an IETF RFC, so saying you need an RFC to move
>> forward is bit co
On 1/6/2011 10:07 AM, Cameron Byrne wrote:
Skype is not defined in an IETF RFC, so saying you need an RFC to move
forward is bit confusing.
I don't see a disconnect at all. Skype also uses TCP and UDP, which are
both subjects of RFCs.
That said, it doesn't need to be an RFC... just *a reliabl
On Thu, Jan 6, 2011 at 9:18 AM, Matthew Kaufman wrote:
> On 1/5/2011 9:39 PM, Cameron Byrne wrote:
>>
>> I understand my users pretty well, they only go to a few web pages ...
>> its the nature of the net. I assure you, i am not taking any undue
>> risk with regards to web. Try our friendly user
On 1/5/2011 9:39 PM, Cameron Byrne wrote:
I understand my users pretty well, they only go to a few web pages ...
its the nature of the net. I assure you, i am not taking any undue
risk with regards to web. Try our friendly user trial and give me
your feedback, thats why i am running it.
I'm no
In message , Came
ron Byrne writes:
> On Wed, Jan 5, 2011 at 9:55 PM, Mark Andrews wrote:
> >
> > In message l.com>, Came
> > ron Byrne writes:
> >> As long as dual-stack is around, the app vendors don't have to move
> >> and network guys have to dream up hacks to support these legacy apps
> >>
On Wed, Jan 5, 2011 at 9:55 PM, Mark Andrews wrote:
>
> In message ,
> Came
> ron Byrne writes:
>> As long as dual-stack is around, the app vendors don't have to move
>> and network guys have to dream up hacks to support these legacy apps
>> (CGN ).
>
> NAT64 is CGN expecially when it is bein
In message , Came
ron Byrne writes:
> As long as dual-stack is around, the app vendors don't have to move
> and network guys have to dream up hacks to support these legacy apps
> (CGN ).
NAT64 is CGN expecially when it is being implemented by the cellular
carriers.
> Cameron
>
> >
> > Matth
On Wed, Jan 5, 2011 at 9:10 PM, Matthew Kaufman wrote:
> On 1/5/2011 8:47 PM, Cameron Byrne wrote:
>>
>> And, you will notice that the list at
>> http://groups.google.com/group/ipv4literals shows only a few web site,
>> because there are only a few that have this design flaws.
>
> And the list loo
In message , Came
ron Byrne writes:
> On Wed, Jan 5, 2011 at 8:31 PM, Mark Andrews wrote:
> >
> > In message m>, Came
> > ron Byrne writes:
> >> On Wed, Jan 5, 2011 at 6:42 PM, Dobbins, Roland wro=
> te:
> >> >
> >> > On Jan 6, 2011, at 9:38 AM, ML wrote:
> >> >
> >> >> At least not without som
On Jan 5, 2011, at 10:31 PM, Mark Andrews wrote:
>
> Which is one of the reasons why DS-lite is a better solution for
> providing legacy access to the IPv4 Internet than NAT64/DNS64.
> DS-lite only breaks what NAT44 breaks. DS-lite doesn't break new
> things.
>
Or just run a dual-stack network
On 1/5/2011 8:47 PM, Cameron Byrne wrote:
And, you will notice that the list at
http://groups.google.com/group/ipv4literals shows only a few web site,
because there are only a few that have this design flaws.
And the list looks like it does because the list only shows a *few* web
sites. Other s
On Wed, Jan 5, 2011 at 8:31 PM, Mark Andrews wrote:
>
> In message ,
> Came
> ron Byrne writes:
>> On Wed, Jan 5, 2011 at 6:42 PM, Dobbins, Roland wrote:
>> >
>> > On Jan 6, 2011, at 9:38 AM, ML wrote:
>> >
>> >> At least not without some painful rebuilds of criticals systems which ha=
>> ve the
In message , Came
ron Byrne writes:
> On Wed, Jan 5, 2011 at 6:42 PM, Dobbins, Roland wrote:
> >
> > On Jan 6, 2011, at 9:38 AM, ML wrote:
> >
> >> At least not without some painful rebuilds of criticals systems which ha=
> ve these IPs deeply embedded in their configs.
> >
> > They shouldn't be
On Wed, Jan 5, 2011 at 6:42 PM, Dobbins, Roland wrote:
>
> On Jan 6, 2011, at 9:38 AM, ML wrote:
>
>> At least not without some painful rebuilds of criticals systems which have
>> these IPs deeply embedded in their configs.
>
> They shouldn't be using IP addresses in configs, they should be using
You didn't mention, but are you introducing a second border router? Is
the new upstream circuit from a new provider, or is it a second,
redundant circuit to the same provider in a different POP? Does your
customer have their own portable address space, or are they using
provider address space?
I'l
The devil's in the details (obviously), and someone that reads into the
scenario better than me might have a more direct suggestion, but...
I'd start by moving the NAT at least one hop into the AS so that routing
symmetry can be enforced there. This allows for multi-homing (asymmetric
routing at
On Jan 6, 2011, at 9:38 AM, ML wrote:
> At least not without some painful rebuilds of criticals systems which have
> these IPs deeply embedded in their configs.
They shouldn't be using IP addresses in configs, they should be using DNS
names. Time to bite the bullet and get this fixed prior to
48 matches
Mail list logo
