<div><br></div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Aug 9, 2019 at 5:17 AM Lee Howard <<a href="mailto:lee.howard@retevia.net">lee.howard@retevia.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p><br>
</p>
<div class="m_-4135408085027876827moz-cite-prefix">On 8/2/19 1:10 PM, JORDI PALET MARTINEZ
via NANOG wrote:<br>
</div>
<blockquote type="cite">
<div class="m_-4135408085027876827WordSection1">
<p class="MsoNormal"><span style="font-size:12.0pt" lang="EN-US">The cost of sharing IPs in a static way, is
that services such as Sony Playstation Network will put
those addresses in the black list, so you need to buy more
addresses. This hasn’t been the case for 464XLAT/NAT64,
which shares the addresses dynamically.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt" lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt" lang="EN-US">Furthermore, if some users need less ports than
others, you “infra-utilize” those addresses, which again is
not the case for 464XLAT/NAT64. Each user gets automatically
as many ports as he needs at every moment.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt" lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt" lang="EN-US">So, you save money in terms of addresses, that
you can invest in a couple of servers running a redundant
NAT64 setup (</span><a href="https://www.jool.mx/en/session-synchronization.html" target="_blank"><span lang="EN-US">https://www.jool.mx/en/session-synchronization.html</span></a><span lang="EN-US">). Those servers can be actually VMs, so you
don’t need dedicated hardware, especially because when you
deploy IPv6 with 464XLAT, typically 75% (and going up) of
you traffic will be IPv6 and only 25% will go thru the
NAT64.</span></p>
</div>
</blockquote>
<p>You work on much smaller networks than I do if a "couple of
servers running Jool" can handle your load. Jool is great, and
the team that built it is great, but a couple of 10Gbps NICs on a
pizza box doesn't go very far. I've tried 100Gbps and can't get
the throughput with any normal CPU. Hoping to get back to it and
run some actual measurements.</p></div><div text="#000000" bgcolor="#FFFFFF"><p><br>
</p>
<p>Lee<br>
</p>
<blockquote type="cite">
<div class="m_-4135408085027876827WordSection1">
<p class="MsoNormal"><span lang="EN-US"><u></u><u></u></span></p>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;color:black" lang="EN-US"><u></u></span></p></div></div></blockquote></div></blockquote><div dir="auto"><br></div><div dir="auto">NAT64 / 464xlat / MAP all lend themselves well to regionalization / edge distribution. That’s how i roll 464xlat. Either with anycast of the well know prefix or dns64 or “dns view” base segmentation. </div><div dir="auto"><br></div><div dir="auto">Asking for a single box to do a 100g of nat state may be the wrong question. </div><div dir="auto"><br></div><div dir="auto">Worth noting, Yandex, a big shop, sponsored adding 464xlat CLAT to FreeBSD </div><div dir="auto"><br></div><div dir="auto"><div><a href="https://www.freebsd.org/releases/11.3R/relnotes.html#network-general">https://www.freebsd.org/releases/11.3R/relnotes.html#network-general</a></div><br></div><div dir="auto"><br></div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div text="#000000" bgcolor="#FFFFFF"><blockquote type="cite"><div class="m_-4135408085027876827WordSection1"><div><p class="MsoNormal"><span style="font-size:12.0pt;color:black" lang="EN-US"> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt;color:black" lang="EN-US">Regards,<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:12.0pt;color:black" lang="EN-US">Jordi<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:12.0pt;color:black" lang="EN-US">@jordipalet<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:12.0pt;color:black" lang="EN-US"><u></u> <u></u></span></p>
</div>
<p class="MsoNormal"><span style="font-size:12.0pt" lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt" lang="EN-US"><u></u> <u></u></span></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:35.4pt">El 2/8/19
18:24, "NANOG en nombre de Baldur Norddahl" <<a href="mailto:nanog-bounces@nanog.org" target="_blank">nanog-bounces@nanog.org</a> en
nombre de <a href="mailto:baldur.norddahl@gmail.com" target="_blank">baldur.norddahl@gmail.com</a>>
escribió:<u></u><u></u></p>
</div>
</div>
<div>
<p class="MsoNormal" style="margin-left:35.4pt"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:35.4pt">The goal is to
minimize cost. Assuming 4 bits for the MAP routing (16 users
sharing one IPv4), leaving 12 bits for customer ports (4096
ports) and a current price of USD 20 per IPv4 address, this
gives a cost of USD 1.25 per user for a fully redundant
solution. For us it is even cheaper as we can recirculate
existing address space.<u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:35.4pt"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:35.4pt">Regards,<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:35.4pt"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:35.4pt">Baldur<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:35.4pt"><u></u> <u></u></p>
</div>
</div>
<p class="MsoNormal" style="margin-left:35.4pt"><u></u> <u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:35.4pt">On Fri, Aug
2, 2019 at 5:32 PM JORDI PALET MARTINEZ <<a href="mailto:jordi.palet@consulintel.es" target="_blank">jordi.palet@consulintel.es</a>>
wrote:<u></u><u></u></p>
</div>
<blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<div>
<div>
<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:12.0pt" lang="EN-US">I understand
that, but the inconvenient is the fix allocation of
ports per client, and not all the clients use the
same number of ports. Every option has good and bad
things.</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:12.0pt" lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:12.0pt" lang="EN-US">MAP is less
efficient in terms of maximizing the “use” of the
existing IPv4 addresses.</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:12.0pt" lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:35.4pt"><a href="https://datatracker.ietf.org/doc/draft-lmhp-v6ops-transition-comparison/" target="_blank"><span lang="EN-US">https://datatracker.ietf.org/doc/draft-lmhp-v6ops-transition-comparison/</span></a><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:12.0pt" lang="EN-US"> </span><u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:12.0pt;color:black" lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:12.0pt;color:black" lang="EN-US">Regards,</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-bottom:12.0pt;margin-left:35.4pt"><span style="font-size:12.0pt;color:black" lang="EN-US">Jordi</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-bottom:12.0pt;margin-left:35.4pt"><span style="font-size:12.0pt;color:black" lang="EN-US">@jordipalet</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-bottom:12.0pt;margin-left:35.4pt"><span style="font-size:12.0pt;color:black" lang="EN-US"> </span><u></u><u></u></p>
</div>
<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:12.0pt" lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:12.0pt" lang="EN-US"> </span><u></u><u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt">El
2/8/19 17:25, "NANOG en nombre de Baldur Norddahl"
<<a href="mailto:nanog-bounces@nanog.org" target="_blank">nanog-bounces@nanog.org</a>
en nombre de <a href="mailto:baldur.norddahl@gmail.com" target="_blank">baldur.norddahl@gmail.com</a>>
escribió:<u></u><u></u></p>
</div>
</div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt">Hi
Jordi<u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:70.8pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt">My
alternative to MAP-E is plain old NAT 444 dual
stack. I am trying to avoid the expense and
operative nightmare of having to run a redundant
NAT server setup with thousands of users. MAP is
the only alternative that avoids a provider run
NAT server.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt">Regards,<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt">Baldur<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt"> <u></u><u></u></p>
</div>
</div>
<p class="MsoNormal" style="margin-left:70.8pt"> <u></u><u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt">On
Fri, Aug 2, 2019 at 3:38 PM JORDI PALET MARTINEZ
via NANOG <<a href="mailto:nanog@nanog.org" target="_blank">nanog@nanog.org</a>>
wrote:<u></u><u></u></p>
</div>
<blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0cm;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt" lang="EN-US">Ask
the vendor to support RFC8585.</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt" lang="EN-US"> </span><u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt;color:black" lang="EN-US">Also, you can do it with
OpenWRT.</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt;color:black" lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt;color:black" lang="EN-US">I think 464XLAT is a better
option and both of them are supported by
OpenWRT.</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt;color:black" lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt;color:black" lang="EN-US">You can also use OpenSource
(Jool) for the NAT64.</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt;color:black" lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt;color:black" lang="EN-US">Regards,</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-bottom:12.0pt;margin-left:70.8pt"><span style="font-size:12.0pt;color:black" lang="EN-US">Jordi</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-bottom:12.0pt;margin-left:70.8pt"><span style="font-size:12.0pt;color:black" lang="EN-US">@jordipalet</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-bottom:12.0pt;margin-left:70.8pt"><span style="font-size:12.0pt;color:black" lang="EN-US"> </span><u></u><u></u></p>
</div>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt" lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:70.8pt"><span style="font-size:12.0pt" lang="EN-US"> </span><u></u><u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt">El
2/8/19 14:20, "NANOG en nombre de Baldur
Norddahl" <<a href="mailto:nanog-bounces@nanog.org" target="_blank">nanog-bounces@nanog.org</a>
en nombre de <a href="mailto:baldur.norddahl@gmail.com" target="_blank">baldur.norddahl@gmail.com</a>>
escribió:<u></u><u></u></p>
</div>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt">Hello<u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:106.2pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt">Are
there any known public deployments of
MAP-E? What about CPE routers with
support?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt">The
pricing on IPv4 is now at USD 20/address
so I am thinking we are forced to go the
CGN route going forward. Of all the
options, MAP-E appears to be the most
elegant. Just add/remove some more headers
on a packet and route it as normal. No
need to invest in anything as our core
routers can already do that. No worries
about scale.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt">BUT
- our current CPE has zero support. We are
too small that they will make this feature
just for us, so I need to convince them
there is going to be a demand.
Alternatively I need to find a different
CPE vendor that has MAP-E support, but are
there any?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt">What
is holding MAP-E back? In my view MAP-E
could be the end game for IPv4. Customers
get full IPv6 and enough of IPv4 to be
somewhat compatible. The ISP networks are
not forced to do a lot of processing such
as CGN otherwise requires.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt">I
read some posts from Japan where users are
reporting a deployment of MAP-E. Anyone
know about that?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt">Regards,<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt">Baldur<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:106.2pt"> <u></u><u></u></p>
</div>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt;margin-left:70.8pt"><br>
**********************************************<br>
IPv4 is over<br>
Are you ready for the new Internet ?<br>
<a href="http://www.theipv6company.com" target="_blank">http://www.theipv6company.com</a><br>
The IPv6 Company<br>
<br>
This electronic message contains information
which may be privileged or confidential. The
information is intended to be for the exclusive
use of the individual(s) named above and further
non-explicilty authorized disclosure, copying,
distribution or use of the contents of this
information, even if partially, including
attached files, is strictly prohibited and will
be considered a criminal offense. If you are not
the intended recipient be aware that any
disclosure, copying, distribution or use of the
contents of this information, even if partially,
including attached files, is strictly
prohibited, will be considered a criminal
offense, so you must reply to the original
sender to inform about this communication and
delete it.<u></u><u></u></p>
</div>
</blockquote>
</div>
</div>
<p class="MsoNormal" style="margin-right:0cm;margin-bottom:12.0pt;margin-left:35.4pt"><br>
**********************************************<br>
IPv4 is over<br>
Are you ready for the new Internet ?<br>
<a href="http://www.theipv6company.com" target="_blank">http://www.theipv6company.com</a><br>
The IPv6 Company<br>
<br>
This electronic message contains information which may
be privileged or confidential. The information is
intended to be for the exclusive use of the
individual(s) named above and further non-explicilty
authorized disclosure, copying, distribution or use of
the contents of this information, even if partially,
including attached files, is strictly prohibited and
will be considered a criminal offense. If you are not
the intended recipient be aware that any disclosure,
copying, distribution or use of the contents of this
information, even if partially, including attached
files, is strictly prohibited, will be considered a
criminal offense, so you must reply to the original
sender to inform about this communication and delete it.<u></u><u></u></p>
</div>
</blockquote>
</div>
</div>
<br>
**********************************************<br>
IPv4 is over<br>
Are you ready for the new Internet ?<br>
<a class="m_-4135408085027876827moz-txt-link-freetext" href="http://www.theipv6company.com" target="_blank">http://www.theipv6company.com</a><br>
The IPv6 Company<br>
<br>
This electronic message contains information which may be
privileged or confidential. The information is intended to be for
the exclusive use of the individual(s) named above and further
non-explicilty authorized disclosure, copying, distribution or use
of the contents of this information, even if partially, including
attached files, is strictly prohibited and will be considered a
criminal offense. If you are not the intended recipient be aware
that any disclosure, copying, distribution or use of the contents
of this information, even if partially, including attached files,
is strictly prohibited, will be considered a criminal offense, so
you must reply to the original sender to inform about this
communication and delete it.<br>
<br>
</blockquote>
</div>
</blockquote></div></div>