SlideShare a Scribd company logo

Deploy IPv6-mostly access networks with NAT64 and CLAT

RIPE NCC
RIPE NCC

Presentation by Ondřej Caletka at the UK IPv6 Council Enterprise & IPv6 Workshop in London, England on 24 April 2023

Technology
1 of 21
Download to read offline
IPv6-only and dual stack in one network Deploying IPv6-mostly access networks Ondřej Caletka | 24 April 2023 | UK IPv6 Council
Ondřej Caletka | UK IPv6 Council | 24 April 2023 The best transition mechanism • IPv4-only and IPv6-only resources directly accessible • IPv6 preferred for dual-stack resources • Problems with IPv6 masked by Happy Eyeballs algorithm • But it does not address IPv4 scarcity 2 Dual Stack IPv6 IPv4
Ondřej Caletka | UK IPv6 Council | 24 April 2023 NAT64 allows IPv6-only networks • IPv6 accessible natively • IPv4 is translated into part of IPv6 address space • Together with DNS64, everything seems to be accessible over IPv6 • But sometimes you run into… - IPv4 literals - Legacy software opening IPv4-only sockets - Dual-stack servers with broken IPv6 3 IPv6 Internet NAT64 Box IPv4 Internet DNS64 IPv6-only
Ondřej Caletka | UK IPv6 Council | 24 April 2023 Mobiles are ready • Apple forces all iOS apps to work well on IPv6-only networks with NAT64 • There is Happy Eyeballs 2.0 for IPv4 literals or broken IPv6 on dual stack servers • Finally CLAT is used for tethering to a computer • Android uses just CLAT (464XLAT) - so IPv4 is accessible via two translations 4 IPv6 Internet NAT64 Box IPv4 Internet DNS64 IPv6-only CLAT
Ondřej Caletka | UK IPv6 Council | 24 April 2023 Desktops suffer on IPv6-only • No Happy Eyeballs 2.0 implementation outside Apple - and even on Apple, only high-level APIs support it (eg. Safari, not Firefox) - Chrome got recently “Use NAT64 translation for IPv4 literals” feature • No CLAT in Windows, Linux or ChromeOS • Well known small problems: - Legacy applications using IPv4-only sockets - IPv4 literals do not work (except Chrome) - Dual-stack servers where IPv6 is broken do not work - Legacy Happy Eyeballs doesn’t help since there's no IPv4 to fall back to - Most corporate VPNs do not work (often just a configuration issue) 5
Can we do IPv6-only? At least for some devices…
Ondřej Caletka | UK IPv6 Council | 24 April 2023 IPv6-only Preferred option of DHCP 7 DHCP CLIENT DHCP SERVER DISCOVER Parameters requested: GW, DNS, …, 108 OFFER IPv4, netmask, GW, DNS, … REQUEST IPv4, netmask, GW, DNS, … ACK Option 108 is ignored by the DHCP server DHCP client is willing to run IPv6-only (RFC 8925)
Ondřej Caletka | UK IPv6 Council | 24 April 2023 Using DHCP to turn IPv4 off 8 DHCP CLIENT DHCP SERVER DISCOVER Parameters requested: GW, DNS, …, 108 OFFER IPv4, netmask, GW, DNS, …, 108: 30 minutes DHCP client aborts the transaction and waits 30 minutes DHCP server is con fi gured to prefer IPv6-only operation (RFC 8925)
Ondřej Caletka | UK IPv6 Council | 24 April 2023 Is DHCP option 108 already deployed? 9 Devices are ready, networks are lagging behind. You bet! Option 108 is requested by recent: 26% 74% Requesting Option 108 Not requesting Unique MAC addresses measured during RIPE 85 Android iOS macOS
Ondřej Caletka | UK IPv6 Council | 24 April 2023 But what about macOS? • It allows you to run any software including those using legacy IPv4- only APIs • It turned out there is CLAT in macOS too! - On macOS 12, it gets activated by DHCP Option 108 together with RA Option PREF64 - Since macOS 13, it gets activated without any special requirements - At the same time, pure IPv6-only networks (without NAT64) are not supported anymore 10
Ondřej Caletka | UK IPv6 Council | 24 April 2023 PREF64 RA Option • A Router Advertisement option carrying NAT64 prefix • Needed for CLAT configuration, local DNS64 or Happy Eyeballs 2.0 (dealing with IPv4 literals) • Shares fate with other configuration parameters - can be trusted a bit more than DNS64 • Supported by recent Android, iOS and macOS 11 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Scaled Lifetime | PLC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | Highest 96 bits of the Prefix | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Running IPv6-mostly
Ondřej Caletka | UK IPv6 Council | 24 April 2023 DHCP option 108 is easy • Native support in the latest Kea • Most DHCP servers support defining custom options - for instance: dnsmasq -O 108,0:0:1:2c - the option value represents duration for which the IPv4 stack should be disabled • No special processing on the DHCP server side is required • But there have to be free addresses in the IPv4 address pool - Otherwise the DHCP server will not respond 13
Ondřej Caletka | UK IPv6 Council | 24 April 2023 PREF64 RA option is harder • No custom RA option support in routers - We already had this issue with Recursive DNS Server option, now we have it again - Router vendors should really implement custom options similar to DHCP • Adoption is slowly increasing: - radvd (merged but unreleased) - FRR (pull request pending) - odhcpd (pull request pending) - rad (part of OpenBSD) - MikroTik RouterOS v7.8 beta2 14
Ondřej Caletka | UK IPv6 Council | 24 April 2023 Surprises on macOS If there are multiple network prefixes, CLAT picks up a single address from a random one, without considering ULA or deprecated prefixes 15
Ondřej Caletka | UK IPv6 Council | 24 April 2023 Surprises on macOS If user sets up a custom IPv4 DNS server address, DNS will not work, despite commands like host working normally 16
Summary
Ondřej Caletka | UK IPv6 Council | 24 April 2023 Pros • Only one network to join • No waste of IPv4 addresses for every single device - Cool if you don't use NAT • Even for dual-stack clients, the usage of IPv4 is minimal - DNS64 will force all IPv6-capable applications to use NAT64 instead of native IPv4 18 • Most complex network setup • IPv4 still has to be deployed • NAT64 is needed • Problematic interoperability between dual-stack and IPv6- only hosts within the network - Setting up a Chromecast from an Android phone is impossible Cons
Ondřej Caletka | UK IPv6 Council | 24 April 2023 When to consider IPv6-mostly • You don't use NAT and your DHCP pool is filling up • You do use NAT but are running out of private addresses • There are mostly mobile or Apple devices in your network • You already have NAT64 in place and want to gradually undeploy IPv4 19
Ondřej Caletka | UK IPv6 Council | 24 April 2023 RIPE 85 Meeting network experience • Three networks deployed on the venue: - Main: IPv6-mostly - NAT64: IPv6-only - Legacy: dual-stack • 74 % of devices in the main network were running IPv6-only • Biggest issue: custom DNS servers or disabled IPv6 on a Mac • Some Apple users rather connected to the legacy network • Only observed issues with Cisco AnyConnect / OpenConnect VPN • Networked printer (Lexmark CS510de) printed without issues 20
Questions ? Ondrej.Caletka@ripe.net @ripencc

Recommended

Deploying IPv6-mostly access networks
Deploying IPv6-mostly access networksDeploying IPv6-mostly access networks
Deploying IPv6-mostly access networksRIPE NCC
 
Deploying IPv6-mostly access networks
Deploying IPv6-mostly access networksDeploying IPv6-mostly access networks
Deploying IPv6-mostly access networksRIPE NCC
 
IPv6 in Cellular Networks
IPv6 in Cellular NetworksIPv6 in Cellular Networks
IPv6 in Cellular NetworksAPNIC
 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletРегистар националног Интернет домена Србије - РНИДС
 
Enabling IPv6 Services Transparently
Enabling IPv6 Services TransparentlyEnabling IPv6 Services Transparently
Enabling IPv6 Services TransparentlyCarlos Martinez Cagnazzo
 
Tutorial: IPv6-only transition with demo
Tutorial: IPv6-only transition with demoTutorial: IPv6-only transition with demo
Tutorial: IPv6-only transition with demoAPNIC
 
IPv4aaS tutorial and hands-on
IPv4aaS tutorial and hands-onIPv4aaS tutorial and hands-on
IPv4aaS tutorial and hands-onAPNIC
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 

Recommended

Deploying IPv6-mostly access networks
Deploying IPv6-mostly access networksDeploying IPv6-mostly access networks
Deploying IPv6-mostly access networksRIPE NCC
 
Deploying IPv6-mostly access networks
Deploying IPv6-mostly access networksDeploying IPv6-mostly access networks
Deploying IPv6-mostly access networksRIPE NCC
 
IPv6 in Cellular Networks
IPv6 in Cellular NetworksIPv6 in Cellular Networks
IPv6 in Cellular NetworksAPNIC
 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletРегистар националног Интернет домена Србије - РНИДС
 
Enabling IPv6 Services Transparently
Enabling IPv6 Services TransparentlyEnabling IPv6 Services Transparently
Enabling IPv6 Services TransparentlyCarlos Martinez Cagnazzo
 
Tutorial: IPv6-only transition with demo
Tutorial: IPv6-only transition with demoTutorial: IPv6-only transition with demo
Tutorial: IPv6-only transition with demoAPNIC
 
IPv4aaS tutorial and hands-on
IPv4aaS tutorial and hands-onIPv4aaS tutorial and hands-on
IPv4aaS tutorial and hands-onAPNIC
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringCAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringChristian Elsen
 
IPv6 on the Interop Network
IPv6 on the Interop NetworkIPv6 on the Interop Network
IPv6 on the Interop NetworkNetwork Utility Force
 
Microsoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppMicrosoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppOliver Müller
 
Apnic IPv6 Deployment
Apnic IPv6 DeploymentApnic IPv6 Deployment
Apnic IPv6 DeploymentAPNIC
 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletРегистар националног Интернет домена Србије - РНИДС
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 
APNIC Update
APNIC Update APNIC Update
APNIC Update APNIC
 
Day 20.i pv6 lab
Day 20.i pv6 labDay 20.i pv6 lab
Day 20.i pv6 labCYBERINTELLIGENTS
 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandAPNIC
 
Roadmap to Next Generation IP Networks: A Review of the Fundamentals
Roadmap to Next Generation IP Networks: A Review of the FundamentalsRoadmap to Next Generation IP Networks: A Review of the Fundamentals
Roadmap to Next Generation IP Networks: A Review of the FundamentalsNetwork Utility Force
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methodsAhmad Hijazi
 
IPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToIPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToGary Wilhelm
 
Ceph Day Amsterdam 2015 - Ceph over IPv6
Ceph Day Amsterdam 2015 - Ceph over IPv6 Ceph Day Amsterdam 2015 - Ceph over IPv6
Ceph Day Amsterdam 2015 - Ceph over IPv6 Ceph Community
 
Getting The World IPv6 Enabled
Getting The World IPv6 EnabledGetting The World IPv6 Enabled
Getting The World IPv6 EnabledIPv6 Forum Singapore
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3Shane Duffy
 
IPv6 Transition Considerations for ISPs
IPv6 Transition Considerations for ISPsIPv6 Transition Considerations for ISPs
IPv6 Transition Considerations for ISPsCarlos Martinez Cagnazzo
 
Ipv6
Ipv6Ipv6
Ipv6Yan Drugalya
 
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistanceRobert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistancePROIDEA
 
TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6Olle E Johansson
 
Routed Provider Networks on OpenStack
Routed Provider Networks on OpenStack Routed Provider Networks on OpenStack
Routed Provider Networks on OpenStack Romana Project
 
Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryRIPE NCC
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionRIPE NCC
 

More Related Content

Similar to Deploy IPv6-mostly access networks with NAT64 and CLAT

CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringCAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringChristian Elsen
 
Microsoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppMicrosoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppOliver Müller
 
Apnic IPv6 Deployment
Apnic IPv6 DeploymentApnic IPv6 Deployment
Apnic IPv6 DeploymentAPNIC
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 
APNIC Update
APNIC Update APNIC Update
APNIC Update APNIC
 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandAPNIC
 
Roadmap to Next Generation IP Networks: A Review of the Fundamentals
Roadmap to Next Generation IP Networks: A Review of the FundamentalsRoadmap to Next Generation IP Networks: A Review of the Fundamentals
Roadmap to Next Generation IP Networks: A Review of the FundamentalsNetwork Utility Force
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methodsAhmad Hijazi
 
IPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToIPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToGary Wilhelm
 
Ceph Day Amsterdam 2015 - Ceph over IPv6
Ceph Day Amsterdam 2015 - Ceph over IPv6 Ceph Day Amsterdam 2015 - Ceph over IPv6
Ceph Day Amsterdam 2015 - Ceph over IPv6 Ceph Community
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3Shane Duffy
 
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistanceRobert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistancePROIDEA
 
TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6Olle E Johansson
 
Routed Provider Networks on OpenStack
Routed Provider Networks on OpenStack Routed Provider Networks on OpenStack
Routed Provider Networks on OpenStack Romana Project
 

Similar to Deploy IPv6-mostly access networks with NAT64 and CLAT (20)

CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringCAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
 
IPv6 on the Interop Network
IPv6 on the Interop NetworkIPv6 on the Interop Network
IPv6 on the Interop Network
 
Microsoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppMicrosoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer App
 
Apnic IPv6 Deployment
Apnic IPv6 DeploymentApnic IPv6 Deployment
Apnic IPv6 Deployment
 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi Palet
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP Networks
 
APNIC Update
APNIC Update APNIC Update
APNIC Update
 
Day 20.i pv6 lab
Day 20.i pv6 labDay 20.i pv6 lab
Day 20.i pv6 lab
 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
 
Roadmap to Next Generation IP Networks: A Review of the Fundamentals
Roadmap to Next Generation IP Networks: A Review of the FundamentalsRoadmap to Next Generation IP Networks: A Review of the Fundamentals
Roadmap to Next Generation IP Networks: A Review of the Fundamentals
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methods
 
IPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToIPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have To
 
Ceph Day Amsterdam 2015 - Ceph over IPv6
Ceph Day Amsterdam 2015 - Ceph over IPv6 Ceph Day Amsterdam 2015 - Ceph over IPv6
Ceph Day Amsterdam 2015 - Ceph over IPv6
 
Getting The World IPv6 Enabled
Getting The World IPv6 EnabledGetting The World IPv6 Enabled
Getting The World IPv6 Enabled
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3
 
IPv6 Transition Considerations for ISPs
IPv6 Transition Considerations for ISPsIPv6 Transition Considerations for ISPs
IPv6 Transition Considerations for ISPs
 
Ipv6
Ipv6Ipv6
Ipv6
 
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistanceRobert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
 
TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6
 
Routed Provider Networks on OpenStack
Routed Provider Networks on OpenStack Routed Provider Networks on OpenStack
Routed Provider Networks on OpenStack
 

More from RIPE NCC

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryRIPE NCC
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionRIPE NCC
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in TechRIPE NCC
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfRIPE NCC
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISRIPE NCC
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopRIPE NCC
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfRIPE NCC
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfRIPE NCC
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsRIPE NCC
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing SecurityRIPE NCC
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfRIPE NCC
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasRIPE NCC
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasRIPE NCC
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet InfrastructureRIPE NCC
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenRIPE NCC
 

More from RIPE NCC (20)

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet Registry
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate Action
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in Tech
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement Tools
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the Baltics
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing Security
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE Atlas
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement Services
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in Sweden
 

Recently uploaded

Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Recently uploaded (20)

Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

Deploy IPv6-mostly access networks with NAT64 and CLAT

  • 1. IPv6-only and dual stack in one network Deploying IPv6-mostly access networks Ondřej Caletka | 24 April 2023 | UK IPv6 Council
  • 2. Ondřej Caletka | UK IPv6 Council | 24 April 2023 The best transition mechanism • IPv4-only and IPv6-only resources directly accessible • IPv6 preferred for dual-stack resources • Problems with IPv6 masked by Happy Eyeballs algorithm • But it does not address IPv4 scarcity 2 Dual Stack IPv6 IPv4
  • 3. Ondřej Caletka | UK IPv6 Council | 24 April 2023 NAT64 allows IPv6-only networks • IPv6 accessible natively • IPv4 is translated into part of IPv6 address space • Together with DNS64, everything seems to be accessible over IPv6 • But sometimes you run into… - IPv4 literals - Legacy software opening IPv4-only sockets - Dual-stack servers with broken IPv6 3 IPv6 Internet NAT64 Box IPv4 Internet DNS64 IPv6-only
  • 4. Ondřej Caletka | UK IPv6 Council | 24 April 2023 Mobiles are ready • Apple forces all iOS apps to work well on IPv6-only networks with NAT64 • There is Happy Eyeballs 2.0 for IPv4 literals or broken IPv6 on dual stack servers • Finally CLAT is used for tethering to a computer • Android uses just CLAT (464XLAT) - so IPv4 is accessible via two translations 4 IPv6 Internet NAT64 Box IPv4 Internet DNS64 IPv6-only CLAT
  • 5. Ondřej Caletka | UK IPv6 Council | 24 April 2023 Desktops suffer on IPv6-only • No Happy Eyeballs 2.0 implementation outside Apple - and even on Apple, only high-level APIs support it (eg. Safari, not Firefox) - Chrome got recently “Use NAT64 translation for IPv4 literals” feature • No CLAT in Windows, Linux or ChromeOS • Well known small problems: - Legacy applications using IPv4-only sockets - IPv4 literals do not work (except Chrome) - Dual-stack servers where IPv6 is broken do not work - Legacy Happy Eyeballs doesn’t help since there's no IPv4 to fall back to - Most corporate VPNs do not work (often just a configuration issue) 5
  • 6. Can we do IPv6-only? At least for some devices…
  • 7. Ondřej Caletka | UK IPv6 Council | 24 April 2023 IPv6-only Preferred option of DHCP 7 DHCP CLIENT DHCP SERVER DISCOVER Parameters requested: GW, DNS, …, 108 OFFER IPv4, netmask, GW, DNS, … REQUEST IPv4, netmask, GW, DNS, … ACK Option 108 is ignored by the DHCP server DHCP client is willing to run IPv6-only (RFC 8925)
  • 8. Ondřej Caletka | UK IPv6 Council | 24 April 2023 Using DHCP to turn IPv4 off 8 DHCP CLIENT DHCP SERVER DISCOVER Parameters requested: GW, DNS, …, 108 OFFER IPv4, netmask, GW, DNS, …, 108: 30 minutes DHCP client aborts the transaction and waits 30 minutes DHCP server is con fi gured to prefer IPv6-only operation (RFC 8925)
  • 9. Ondřej Caletka | UK IPv6 Council | 24 April 2023 Is DHCP option 108 already deployed? 9 Devices are ready, networks are lagging behind. You bet! Option 108 is requested by recent: 26% 74% Requesting Option 108 Not requesting Unique MAC addresses measured during RIPE 85 Android iOS macOS
  • 10. Ondřej Caletka | UK IPv6 Council | 24 April 2023 But what about macOS? • It allows you to run any software including those using legacy IPv4- only APIs • It turned out there is CLAT in macOS too! - On macOS 12, it gets activated by DHCP Option 108 together with RA Option PREF64 - Since macOS 13, it gets activated without any special requirements - At the same time, pure IPv6-only networks (without NAT64) are not supported anymore 10
  • 11. Ondřej Caletka | UK IPv6 Council | 24 April 2023 PREF64 RA Option • A Router Advertisement option carrying NAT64 prefix • Needed for CLAT configuration, local DNS64 or Happy Eyeballs 2.0 (dealing with IPv4 literals) • Shares fate with other configuration parameters - can be trusted a bit more than DNS64 • Supported by recent Android, iOS and macOS 11 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Scaled Lifetime | PLC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | Highest 96 bits of the Prefix | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  • 13. Ondřej Caletka | UK IPv6 Council | 24 April 2023 DHCP option 108 is easy • Native support in the latest Kea • Most DHCP servers support defining custom options - for instance: dnsmasq -O 108,0:0:1:2c - the option value represents duration for which the IPv4 stack should be disabled • No special processing on the DHCP server side is required • But there have to be free addresses in the IPv4 address pool - Otherwise the DHCP server will not respond 13
  • 14. Ondřej Caletka | UK IPv6 Council | 24 April 2023 PREF64 RA option is harder • No custom RA option support in routers - We already had this issue with Recursive DNS Server option, now we have it again - Router vendors should really implement custom options similar to DHCP • Adoption is slowly increasing: - radvd (merged but unreleased) - FRR (pull request pending) - odhcpd (pull request pending) - rad (part of OpenBSD) - MikroTik RouterOS v7.8 beta2 14
  • 15. Ondřej Caletka | UK IPv6 Council | 24 April 2023 Surprises on macOS If there are multiple network prefixes, CLAT picks up a single address from a random one, without considering ULA or deprecated prefixes 15
  • 16. Ondřej Caletka | UK IPv6 Council | 24 April 2023 Surprises on macOS If user sets up a custom IPv4 DNS server address, DNS will not work, despite commands like host working normally 16
  • 18. Ondřej Caletka | UK IPv6 Council | 24 April 2023 Pros • Only one network to join • No waste of IPv4 addresses for every single device - Cool if you don't use NAT • Even for dual-stack clients, the usage of IPv4 is minimal - DNS64 will force all IPv6-capable applications to use NAT64 instead of native IPv4 18 • Most complex network setup • IPv4 still has to be deployed • NAT64 is needed • Problematic interoperability between dual-stack and IPv6- only hosts within the network - Setting up a Chromecast from an Android phone is impossible Cons
  • 19. Ondřej Caletka | UK IPv6 Council | 24 April 2023 When to consider IPv6-mostly • You don't use NAT and your DHCP pool is filling up • You do use NAT but are running out of private addresses • There are mostly mobile or Apple devices in your network • You already have NAT64 in place and want to gradually undeploy IPv4 19
  • 20. Ondřej Caletka | UK IPv6 Council | 24 April 2023 RIPE 85 Meeting network experience • Three networks deployed on the venue: - Main: IPv6-mostly - NAT64: IPv6-only - Legacy: dual-stack • 74 % of devices in the main network were running IPv6-only • Biggest issue: custom DNS servers or disabled IPv6 on a Mac • Some Apple users rather connected to the legacy network • Only observed issues with Cisco AnyConnect / OpenConnect VPN • Networked printer (Lexmark CS510de) printed without issues 20