Re: [BEHAVE] How to set the DF and the ID values for IPv4 packets (was Re: Amount of fragmentation resulting from translation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [BEHAVE] How to set the DF and the ID values for IPv4 packets (was Re: Amount of fragmentation resulting from translation

To: marcelo bagnulo braun <marcelo at it.uc3m.es>
Subject: Re: [BEHAVE] How to set the DF and the ID values for IPv4 packets (was Re: Amount of fragmentation resulting from translation
From: Iljitsch van Beijnum <iljitsch at muada.com>
Date: Fri, 30 Oct 2009 20:15:24 +0100
Cc: Stig Venaas <stig at venaas.com>, Behave WG <behave at ietf.org>, Mark Andrews <marka at isc.org>, "Ben at wand.net.nz" <Ben at wand.net.nz>
Delivered-to: behave at core3.amsl.com
In-reply-to: <4AEB343B.2040200 at it.uc3m.es>
List-archive: <http://www.ietf.org/mail-archive/web/behave>
List-help: <mailto:behave-request@ietf.org?subject=help>
List-id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-post: <mailto:behave@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
References: <C7108089.75B1%rpenno at juniper.net> <4AEB343B.2040200 at it.uc3m.es>

On 30 okt 2009, at 19:45, marcelo bagnulo braun wrote:

The draft has section 8. Application scenarios which describethe scenarios that are defined in the framework document that thenat64 apply. Not sure if more is needed.
If you think it does, please propose text so that wg can comment.

A stateful NAT64 can be deployed anywhere wwhere there is a globallyroutable IPv4 address available for use by the translator and there isan IPv6 path towards the hosts that are served by the translator.


Secondary considerations are:

- paths with at least a 1500-byte MTU to both the IPv6 hosts served bythe translator and the IPv4 internet are highly recommended

- the ability to provide the IPv6 hosts served by the translator withDNS resolver addresses that point to the DNS64 (through DHCPv6 or RFC5006)

- the ability to restrict access to the IPv6 side of the translator byfiltering addresses (i.e., if IPv6 source addresses can be spoofed thetranslator may be abused to hide attacks towards third parties)

Deployment within an ISP network or a reasonably sized enterprisenetwork will easily accommodate all of the above. Deployment in a SOHOenvironment or across the public internet is not impossible, but doesrequire compromises and/or extra complexity.

Follow-Ups:
- Re: [BEHAVE] How to set the DF and the ID values for IPv4 packets (was Re: Amount of fragmentation resulting from translation
  - From: Reinaldo Penno

References:
- Re: [BEHAVE] How to set the DF and the ID values for IPv4 packets (was Re: Amount of fragmentation resulting from translation
  - From: Reinaldo Penno
- Re: [BEHAVE] How to set the DF and the ID values for IPv4 packets (was Re: Amount of fragmentation resulting from translation
  - From: marcelo bagnulo braun

Prev by Date: Re: [BEHAVE] How to set the DF and the ID values for IPv4 packets (was Re: Amount of fragmentation resulting from translation
Next by Date: Re: [BEHAVE] Opsdir Review of draft-ietf-behave-turn-uri-03.txt
Previous by thread: Re: [BEHAVE] How to set the DF and the ID values for IPv4 packets (was Re: Amount of fragmentation resulting from translation
Next by thread: Re: [BEHAVE] How to set the DF and the ID values for IPv4 packets (was Re: Amount of fragmentation resulting from translation
Index(es):
- Date
- Thread

Re: [BEHAVE] How to set the DF and the ID values for IPv4 packets (was Re: Amount of fragmentation resulting from translation

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.