Hello Mark, I agree that if the 4rd IPv4 address is only used in such a way, that applications cannot start use the address directly (such as e.g. perform binding to the address assigned to an interface), then this issue doesn't apply.
However I'm not sure that the current draft makes clear that this is the only intended use. For example, it defines CE as "a node.. it may be a host..", instead of saying that CE is a function implemented in a host. Also, the introduction in section 1 also does not include NAPT as a required element of the solution (it says "The 4rd mechanism tunnels IPv4 over IPv6 using an algorithmic mapping.."). Some existing implementations may be assigning the address used for NAPT to an interface (and as long as the address is for the host exclusive use, an implementation is able ensure such usage doesn't cause problems) - that's what Windows ICS you mentioned actually does. With the current language, I don't think it is unlikely that implementers will be tempted to assign a 4rd IPv4 address to an interface (e.g. with intent to enable wider set of apps to work without a NAPT in the middle), and if the spirit of the draft is that the IPv4 address assigned to the node by 4rd should be only be used for CE function, performing NAPT, (or more specifically, should not be made available for applications to bind) then I think it may be useful to state it as such to guide implementers. Thank you, Dmitry -----Original Message----- From: Mark Townsley [mailto:[email protected]] Sent: Tuesday, April 12, 2011 1:04 PM To: Dmitry Anipko Cc: [email protected] Subject: Re: [Softwires] sharing restricted addresses by hosts in 4rd (draft-despres-intarea-4rd-01) Hello Dmitry, My view is that 4rd is most easily understood if and only if it connects to a CE function that is performing NAPT. The CE function may be in what is traditionally considered a host, or in what is clearly a router. More specifically, a device that is forwarding packets from one interface (virtual or otherwise) to another through a NAPT that has one interface with IPv6 configured (via DHCPv6 or otherwise) as performing 4rd (which enables dual-stack via a port-restricted IPv4 address for the NAPT using IPv6 as the transport) then you a have a 4rd CE. That could be a "host" in that it is a Windows PC with internet connection sharing for IPv4 turned on and hence forwards packets between interfaces with a NAPT due to the IPv4-enabled interface created when 4rd is configured. I would avoid anything that requires the host forwarding table to be altered to accommodate 4rd. Instead, the NAPT function that is already present in a small router or host configured to look like a router is modified to use a set of ports that it is allowed to use when 4rd is enabled. - Mark _______________________________________________ Softwires mailing list [email protected] https://www.ietf.org/mailman/listinfo/softwires
