Ready to compromise? was RE: V6 still not supported

Dear all

Following advice from thus list, I updated the YADA I-Draft (latest is Yet Another Double Address and Translation Technique, more to come soon if feedback is heard) and proposed it to the v6ops WG at the IETF.

For memory, the main goal here is to find a compromise as opposed to yet another transition solution, though it can be used as a side effect to move along the ladder. The compromise does not change IPv4 or IPv6, tries not to take side for one or the other, and add features to both sides which, if implemented, reduce the chasm that leads to dual stack and CG-NATs.

There's value for the movers, lots more public address space for the IPv4-only stack/networks and free prefixes per node and new deployment opportunities for the IPv6-only ones.

One major update from the original text accounts for Dave's comment in this list on BCP 38 enforcement, I believe it's solved now. I also added format layouts to Abe Chen's question, and text on the naïve version vs. all the elasticity that exists there and in IP in general to allow real world deployments.

Comments welcome, here and/or at v6ops for those who participate there.

Many thanks in advance;

Pascal

Dear Pascal:

1) I had a quick look at the below updated draft. I presume Figure 2 is intended to address my request. Since each IPv4 address has 4 bytes, what are the 12 bytes allocated for IPv4 header fields (outer) and (inner), each? Aren't they the standard first 12 bytes of packet identifier in an IPv4 header? If so, why not show it straightforward as defined by RFC791?

2) If my above assumption is correct, you are essentially prefixing the packet identifying portion (inner) of an IPv4 header with another one (the "outer"), without making use of the existing Options words like my EzIP proposal. How could any existing routers handle a packet with this new header format, without any design related upgrade? If you do expect upgrade, it would appear to me as too much to ask. Am I missing something?

Regards,

Abe (2022-04-14 18:46)

Dear Abe:

Yes, this is plain IP in IP. For a router does not know about YADA, this looks like the most basic form of tunnel you can get. Which is where the inner/outer terminology comes from. All very classical. We could do an over-UDP variation if people want it.

I used a condensed format to focus the reader on the addresses that get swapped; also the visualization clarifies that there cannot be options between the outer header and the inner headers.

The only routers that need to understand the fact that this is more than a plain tunnel are the routers that connect the realm to the shaft, because they have to check that the realm address is correct and do the address swap between inner and outer.

The first version of the draft impacted routers for BCP 38 procedures, this is now changed. The routers inside a realm can keep operating unmodified, and there's no need to deploy new policies for ingress filtering.

Keep safe;

Pascal

Dear Pascal:

0) Thanks for your clarification. It enabled me to study your draft a little closer and came up with the following observations to share.

1) "Yes, this is plain IP in IP. For a router does not know about YADA, this looks like the most basic form of tunnel you can get.":

 Not really\. I believe that any networking stack conforming to the Options mechanism in RC791 can achieve the same, thus more concise and less involved\. Please see Figure 4 of EzIP Draft\.

2) " 1. <Yet Another Double Address and Translation Technique>Introduction and Motivation <Yet Another Double Address and Translation Technique> The proposed benefit is a thousandfold increase of the IPv4-addressable domain by building parallel realms each potentially the size of the current Internet.

"2.2. <Yet Another Double Address and Translation Technique>New Terms <Yet Another Double Address and Translation Technique>

         This document often uses the following new terms:

  # IPv4 realm:

  # A full IPv4 network like the current Internet. YADA does not affect
    the traditional IPv4 operations within a realm.":

These are the critical statements that led to one of my two initial questions. That is, are you proposing to have N (>250 as an example cited in your draft) realms that each has the full IPv4 address pool capacity (after deducted for certain special functions)? This will be fine if each realm was occupying one floor of a stand-alone skyscraper. I can not visualize this architecture when it is expanded to cover the whole earth, since each of them can operate with all the IPv4 addresses. Not only physically impossible to build such a skyscraper, but also how can we form 250 independent overlays on top of the entire IPv4 based Internet? Is there any mechanism that can isolate the respective transmission media of the 250 realms from one another?

3) " 1. <Yet Another Double Address and Translation Technique>Introduction and Motivation <Yet Another Double Address and Translation Technique> .... Connectivity between an IPv4-only node and an IPv6-only node, or between an IPv4-only node and a YADA node in different realm, still requires a CG-NATs as of today, .... ":

Since eliminating the CG-NAT practice is one of the general motivations for address expansion efforts, I am puzzled by why are you still keeping it, and for how long? In contrast, upon the initial RAN (Regional Area Network) deployment, the CG-NAT will be retired from EzIP environment.

4) "Figure 2 <Yet Another Double Address and Translation Technique>: YADA format in the source realm <Yet Another Double Address and Translation Technique> YADA also requires a change for the routers that serve the shaft.":

 Are you saying that an IoT in a realm wishing to communicate with another in a separate realm does not need to know about this format nor something equivalent to convey such inter\-realm address information?

5) "Figure 4 <Yet Another Double Address and Translation Technique>: YADA format inside the shaft <Yet Another Double Address and Translation Technique> ":

This particular format closely resembles that of EzIP (see EzIP Draft Figure 4 mentioned above), where "outer IPv4 header" part of five words carrying the two realms' address information are conveyed by words 4 & 5 of a standard IPv4 header, while the IoT (inner) addresses are transported by three Options words. The EzIP format enables the EzIP implementation to stay within the RFC791 specifications, no need to go beyond.

6) Below is my quick digest and comparison of our two projects by partially paraphrasing YADA terminology:

A. Since there is no way to build a 250 floor skyscraper covering the entire globe for physical isolation between floors (realms), it is difficult to visualize how could the same IP address be used by 250 separate parties as proposed by YADA without the fundamental address conflict issue. How to provide a medium that has 250 fully isolated layers, each capable of transporting the full set of IPv4 addresses, seems to be the challenge.

B. The function of YADA format probably can be achieved by making use of the Options mechanism under RFC791, so that IP header can stay basic.

C. The EzIP scheme is less capable than YADA, but much more concise and well-defined:

a. Instead of multiple realms, each capable of full IPv4 addresses, EzIP works within only one set of IPv4 address pool.

b. EzIP starts from only realm 1 which occupies a subset of IPv4 addresses (the full IPv4 pool minus 240/4 netblock).

c. Realm 2 thru realm N are called RAN (Regional Area Network), each reusing a full IPv4 subset of the 240/4 netblock. They are physically isolated from one another by restricted use within respective geographical boundaries.

d. Instead of a big elevator shaft threading trough all N floors of the realms, Each RAN is individually tethered as a kite from realm 1 (the current Internet core) via just one (or more if needed) IPv4 address.

e. After enough RANs are deployed, their boundaries begin to touch one another. So that, direct paths between the RANS may be established. Thus, an overlay of new networks is formed covering the entire globe for becoming a parallel cyberspace to the current Internet core (realm 1). The two can operate independently and interact only at arm's length via the umbilical cords, when needed.

D. Unlike YADA & YATT, EzIP has not specifically considered its application to IPv6. Although, the feasibility of expanding a finite sized address pool such as IPv4, demonstrates that EzIP is equally capable of expanding the IPv6 that still has a lot of unassigned addresses.

Please comment.

Regards,

Abe (2022-04-21 17:37 EDT)

Dear Pascal:

Have not heard your follow-up thoughts and comments.

It would be much appreciated if we can carry this dialog forward.

Regards,

Abe (2022-05-05 11:23 EDT)