BEHAVE Interim meeting minutes, May 20, 2009, 7am-9:20am PDT. Minutes v2.0. attendance was via WebEx screen sharing and PSTN voice chairs: Dan Wing, dwing@cisco.com, Dave Thaler, dthaler@microsoft.com WebEx recording streamed: https://cisco.webex.com/ciscosales/lsr.php?AT=pb&SP=MC&rID=39666022&rKey=1CC1F9B34F22CFE3 WebEx recordng download: https://cisco.webex.com/ciscosales/lsr.php?AT=dw&SP=MC&rID=39666022&rKey=EBB970469D6A24A8 ---------- "DNS ALG" terminology: Marcelo: DNS64, DNS46 are good names, want different names for the two functions. Philip and Remi agreed. Resolution: use DNS64 (for AAAA synthesis) and DNS46 (for A synthesis), confirm on list. ---------- "NAT64" term: Dan: stateful vs stateless - good to differentiate Thaler: suggests using NAPT64 (instead of NAT64) Cullen/phil - NAT in v4 is already overloaded between stateless/stateful, and "NAT" implies "NAPT". Resolution: take discussion to the list ---------- milestones: Dan presented milestones for the 6/4 translation work, most of which are September 2009. Overall feeling that milestones are aggressive and cannot be met. Several people mentioned fragmentation, ICMP handling are not getting consensus or followup. Prefix discussion is happening off the mailing list. discussed how to best move forward: use problem tracker, set up calls amongst interested parties to move issues forward. Marcelo and Iljitsch are going to propose text for prefix; if no consensus on the list, Dave Thaler will set up a conference call to resolve among the principals. ---------- document organization: marcelo - stateless address mapping block missing from slide cullen - smaller chunks progress faster Dan edited the document organization slide to add "Prefix Swapping", based on comments from Marcelo Bagnulo and Dave Thaler Xing Li is going to provide chairs with a pointer to Prefix Swapping that is in a current document. ---------- 6/4 translation in a host (Dave Thaler): DaveT document 6-4 translation: at least 4 different cases; talking translation between IPvX application and other end DaveT: slide 3, four scenarios, network / application Iljitsch: can't IPv6 application by definition talk IPv4 DaveT: 3493 is widely deployed; 2767, 3338, don't know how much deployment DaveT: slide 5, AF_INET6 sockets, pass in IPv6 syntax, stateless translation layer (DNS etc), transport layer, IPv4; uses WKP ::ffff:0.0/96; name resolution synthesizes only if no AAAA DaveT: works both inbound and outbound. Philip: thought you said application was designed to be version-agnostic; you show IPv4 stack, are you talking to IPv4 server? DaveT: if it gets back only IPv4, it tries to connect to generated IPv6, SYN goes out IPv4 Philip: all this is there today? DaveT: this is the model people usually write for, not recommended to have application deal with two stacks; this is deployed in Vista, not XP DaveT: slide 6, legacy IPv4 application, stateful translation, same as NAT-PT, tighter coupling, use 1918 prefix, host tells DNS to ask for v4 and v6, DNS synthesizes if only v6 address, when SYN goes out, v6 address is substituted FredT: what matters is external behavior? DaveT: this in informational, external behavior is what matters DaveT: slide 7, using "well-known" prefix 0.0.0/24, same properties DaveT: slide 8, conclusions, v4v6 common in hosts already, application not aware whether translation is in host or network, therefore any documents on any other generic issues should encompass both translations Philip: what about implementations of [2767,3338] DaveT: know it's not in Windows, don't know other; things I covered are in translation, not proxy: example: listening legacy v4 application, proxy on host listens for incoming IPv6, connects to IPv4 loopback, implemented in both Windows and Unix, reference is RFC 3142 ---------- translation (Xing Li): fragmentation: SIIT says FragHdr -> DF=0 no FragHdr -> DF=1 iljitsch proposes <=1280 -> DF=0 >1280 -> DF=1 v4 to v6 direction: if DF=1, if networks block icmp then sending unreach (I didn't follow all of this) iljitsch: to publish a comparison draft phil: chairs should call a teleconf among people intersted dan: would be ok with email or draft, whatever iljitsch would like to do checksum neutral issue: thaler - prefix swapping and mapping table docs should probably mention this issue too, though may be able to just cross-reference common place in translation doc? translator sending icmp: text discussed on mailing list and same as nat44 recommendations phil: another open issue about translating icmp extensions question about what happened with (some other?) document that's inconsistent with phil's email ---------- DNS64 (Marcelo): Marcelo: have consensus on DNSSEC, move into spec part, all other RR should not change Marcello: two workthrough, authoritative vs synthesizing Marcello: change NAT64 terminology -- more agnostic Marcello: allow synthesized AAAA when real AAAA, but recommend against it phil: some open issues in doc about edns0 etc marcelo: not an open issue, EDNS0 should be completely removed phil: section 4 says "here's some open issues that require further discussion" marcelo: will fix ---------- FTP ALG (Iljitsch): Iljitsch: summarized draft-van-beijnum-behave-ftp64-03 Iljitsch: two questions: is this right way forward; should we just document in Info doc, or try to update FTP spec Suresh: what about sequence number translation for active ftp? iljitsch: EPRT is active ftp, do specify briefly but not much detail, but enough to do it senthil: changing size of strings means have to track changes to tcp sequence numbers iljitsch: proxy TCP not translate it cullen: ones he's seen are translating not proxying TCP Iljitsch to write up TCP sequence fixup and send to list meeting ended