[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)

To: "'james woodyatt'" <jhw@apple.com>, "'Mark Smith'" <ipng@69706e6720323030352d30312d31340a.nosense.org>
Subject: RE: But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)
From: "Dan Wing" <dwing@cisco.com>
Date: Wed, 27 Aug 2008 17:12:00 -0700
Cc: "'IPv6 Operations'" <v6ops@ops.ietf.org>
In-reply-to: <CD947C45-58F7-47F1-807F-A276490B1E39@apple.com>
References: <20080824204553.08131c65.ipng@69706e6720323030352d30312d31340a.nosense.org> <48B1CCE8.1070305@gmail.com> <01af01c9065b$b4602440$c2f0200a@cisco.com> <48B23391.1090503@gmail.com> <01cd01c90672$a57c8790$c2f0200a@cisco.com> <48B31DA3.6080001@gmail.com> <07d201c906f7$50a85e30$c2f0200a@cisco.com> <48B32B43.5010103@gmail.com> <084c01c906fe$f9bf1840$c2f0200a@cisco.com> <48B33430.40704@gmail.com> <A31EB889-2BD9-4283-A408-AB6DCC1D568A@suspicious.org> <08be01c90712$d876cd40$c2f0200a@cisco.com> <20080827194713.23271bd1.ipng@69706e6720323030352d30312d31340a.nosense.org> <CD947C45-58F7-47F1-807F-A276490B1E39@apple.com>

> On Aug 27, 2008, at 03:17, Mark Smith wrote:
> > * Native IPv6 CPE security, plus IPv4 security/functionality
> > requirements to support IPv6 transition via IPv4 tunnelling
> 
> It was my understanding that this is the proper scope, not the  
> alternatives you mentioned.

If the scope includes IPv6-over-IPv4 tunnels, then there are two 
network topologies:

  1.  CPE gets a single IPv4 address and is an IPv4 NAPT, or
  2.  the residential user gets one IPv4 address for each 
      device in their home that wants to do a IPv6-over-IPv4 
      tunnel.

If (1), I don't see how unsolicited incoming packets can be
directed to the correct host behind the IPv4 NAPT.

If (2), we are outside the realm of simple residential networks -- they only
have one IPv4 address.  We can't plan for more to become common as we approach
IPv4 exhaustion.

Is there another network topology that I am missing?

-d

Follow-Ups:
- Re: But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)
  - From: james woodyatt <jhw@apple.com>

References:
- Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
- Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- RE: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: "Dan Wing" <dwing@cisco.com>
- Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- RE: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: "Dan Wing" <dwing@cisco.com>
- Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- RE: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: "Dan Wing" <dwing@cisco.com>
- Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- RE: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: "Dan Wing" <dwing@cisco.com>
- Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: Truman Boyes <truman@suspicious.org>
- RE: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
  - From: "Dan Wing" <dwing@cisco.com>
- But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
- Re: But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)
  - From: james woodyatt <jhw@apple.com>

Prev by Date: RE: Purpose of ALD (was Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)
Next by Date: Re: But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)
Previous by thread: Re: tunnel protocols (draft-ietf-v6ops-cpe-simple-security-03)
Next by thread: Re: But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)
Index(es):
- Date
- Thread