►
From YouTube: IETF105-V6OPS-20190722-1550
Description
V6OPS meeting session at IETF105
2019/07/22 1550
https://datatracker.ietf.org/meeting/105/proceedings/
B
A
A
Okay,
ideal
example
bitter
turning
off
IP
before
deploying
Isaac
only
to
get
their
experience.
You
know
where's
the
rug,
where
does
the
shoot
not
set
and
when
we
can't
get
that
we've
been
asking
people
to
simply
talk
about
their
ipv6
20
where's,
the
rug
where's,
the
shooter
on
set
so
Andrews
going
to
talk
about
liquid
telecom.
This
point.
A
A
Seeing
no
my
hands
okay,
so
Eric
will
be
generous
right.
So
we've
got
two
internet
drafts
that
we've
been
working
on
in
this
working
group
and
we'll
see
where
that
goes
and
then
Arabic
cabs.
Any
draft
that
is
about
to
go
into
working
group
last
call
and
off
set,
and
they
asked
basically
to
get
feedback
commentary
from
v6
pops
in
that
context,
so
so
give
him
an
opportunity
to
talk.
If
we
have
time.
A
I
have
three
other
drafts
where
people
have
come
to
humbugs
chairs
under
on
tonight,
and
they
asked
for
time
and
I
haven't
seen
mailing
list
discussion
about
them
in
one
case
in
two
years,
and
so,
if
we
have
time
spent,
then
we'll
give
them
or
if
they
don't
have
time.
I'm
sorry,
you
know
that's
the
way
it's
gonna
be,
but
we
have
the
slides
and
we
can
give
them
before.
We
turn
that
would
be
kind
of
the
nature
of
whitening
clock.
It'll
be
a
ten
minute,
as
opposed
to
get
an
hour
just.
A
D
Yeah
I
think
you
can
hear
me
here
so.
Firstly,
thanks
very
much
for
having
me
actually
my
first
IETF
and
it's
it's
quite
an
honor
to
be
here
but
yeah
thanks
for
having
us,
I'm
gonna
talk
a
little
bit
about
our
v6
deployment
today
and
the
challenges
that
we're
facing
and
some
of
our
solutions
to
them.
I
think
that
a
lot
of
what
I've
seen
in
the
lists
etc
is
focusing
on
getting
v6
to
the
end-user
and
we've
found
that
the
challenges
to
doing
that
are
actually
more
related
to
our
backbone
and
I'll
cover
that.
D
But
it's
a
it's
a
bit
of
a
different
perspective
from
what
I've
seen
on
the
lists
and
yeah,
let's
jump
into
it.
So
who
is
liquid
and
just
to
give
you
a
bit
of
an
idea
of
the
scale
of
a
network?
We
run
Africa's
largest
fiber
network
70,000
kilometers
covering
16
countries,
probably
about
12,000
MPLS
nodes
on
the
network.
It's
a
large
network
and
we
try
and
stay
at
the
bleeding
edge
because
it
gives
us
a
competitive
advantage,
particularly
with
the
fact
that
we're
not
dealing
with
a
lot
of
legacy
text.
D
D
We
started
our
v6
Road
many
years
back
with
one
customer
in
Zambia,
and
we
deployed
it
across
the
backbone
for
that
one
customer,
because
liquid
has
never
bought
a
transit
in
Africa,
so
we
needed
to
take
it
all
the
way
through
the
backbone
in
order
to
get
it
there.
Anyway,
we
switched
our
backbone
to
single
topology
mode.
Six
years
ago,
the
motivation
go
was
simple.
D
D
We
also
find
that
net
is
actively
sold
in
Africa
as
a
security
mechanism
and
to
the
point
where
customers
go
but
you're
taking
away
my
net.
You
can
daddy
secure
my
network
and
it's
not
true,
but
we
are
fighting
a
disinformation
campaign
on
a
constant
basis
on
this,
and
it
does
not
make
things
easy
until
recently.
D
There's
almost
no
movement
on
the
mobile
providers,
we
are
now
seeing
it
with
Safaricom
in
Kenya
the
the
predominant
mobile
provider
who
started
to
do
some
v6,
the
mobile
network
in
the
su2
and
if
I
get
time,
I'll
tell
a
funny
story
about
how
that
one
actually
came
to
happen.
It
was
quite
a
bizarre
story,
we're
also
seeing
some
movement
in
Gabon,
which
is
Vivendi,
but
again
it's
an
international
operator.
D
It's
not
an
african-led
deployment,
what's
happening
in
Gabon,
and
that
is
kind
of
worrying
me,
because
I'm
not
seeing
much
movement
from
the
African
operators
themselves.
We've
also
had
some
major
vendor
challenges,
particularly
in
the
cpe
side.
If
you
control
all
your
CPEs,
this
is
easy.
You've
got
one
standard
CPE
when
people
are
bringing
their
own
CP
ease,
you've
got
a
problem
and
when
it
comes
to
Jeep
on
the
ont
support
that
we've
seen
out
there
for
v6
is
her
illness.
It
is.
D
It
is
really
really
bad,
but
to
talk
about
our
challenges
in
Africa,
we
have
a
challenge
whereby
we
have
to
be
able
to
steer
our
traffic
at
a
moment's
notice.
Governments
in
Africa
have
a
habit
of
doing
very
strange
things
and
deciding
well.
You
can't
have
Facebook
your
kind
of
whatsapp,
and
that
means
that
you
get
to
the
inland
countries.
I
need
to
be
able
to
click
something
and
say
divert
this
traffic
from
this
source
to
this
destination
around
this
country,
I
cannot
spend
hours,
building
manual,
te
tunnels,
etc.
D
This
is
a
problem
and
the
lack
of
feature
parity
with
MPLS
and
some
of
the
stuff
we're
seeing
in
v4
is
actually
creating
some
fairly
significant
challenges
in
our
deployment
of
v6
in
those
countries,
because
I
cannot
guarantee
the
same
quality
of
service
because
I
don't
have
the
same
level
of
control
that
I
get
on
v4
because
of
MPLS
feature
parity.
We
see
some
very
inconsistent
vendor
implementations,
and
this
is
interesting,
there's
one
particular
vendor
who,
when
you
order
your
hardware,
if
you
say
I
want
v6
with
it,
it
costs
you
nothing.
D
If
you
forget
to
say
that,
and
you
asked
him
24
hours
later
after
you've,
given
them
the
check,
you
will
get
an
invoice
that
says
it
almost
the
cost
of
the
router.
You
do
not
forget
to
ask
if
you've
got
legacy
equipment
from
that
vendor.
You
have
a
problem
deploying
v6,
because
it's
going
to
cost
you
a
lot
of
money.
D
D
When
we
wanna
go
v6
I
mean
which
one
there's,
how
many
v6
translation
mechanisms
are
they
and
there
are
a
lot
of
them
right
now,
map
a
map,
TBS
light
464xlat
that
data
and
the
problem
with
us
is
the
fact
that,
when
you
put
a
multitude
of
CPE
Z
in
play
here,
who
supports
what
actually
becomes
a
little
bit
challenging
I'll
talk
a
little
bit
about
that.
But
it's.
Let's
talk.
First
about
the
MPLS
challenges.
D
We
need
to
be
able
to
steer
an
engineer
traffic
and
in
the
African
environment
when
you're
working
across
17
countries,
where
you
don't
know
what's
gonna
happen
tomorrow,
where
you've
got
a
constantly
shifting
environment,
where
potentially
you
can't
buy
a
high-capacity
circuit.
So
you
have
to
start
balancing
traffic
because,
for
whatever
reason,
the
provider,
where
you
can't
build
long
haul,
say
you've
got
to
use
STM
sixteens.
In
some
cases,
you've
got
to
have
that
ability
to
engineer
traffic.
D
All
of
the
engineering
tends
to
be
fairly
heavily
MPLS
based,
and
we
found
that
that
lack
of
feature
parity
has
really
really
caused
us.
Quite
a
bit
of
problems
do
I
like
the
fact
that
we
have
to
do
that.
No,
but
it's
a
practical
reality
of
working
in
the
environment
in
which
we
operate.
We
need
those
features
now
we're
using
a
lot
of
SR.
Mpls
we've
been
doing
that
for
about
a
year
and
a
half,
and
it's
worked
very
very
well
for
us
in
many
many
cases.
D
Unfortunately,
when
you
get
to
certain
countries
where
you
are
running
the
vendors
that
you
have
to
use
they're
because
of
the
political
reasons
you
find
that
they've
decided
randomly
that
they're
not
going
to
support
ipv6
with
this
or
MPLS
at
all,
it's
just
not
there
and
they
won't
even
discuss
it
with
you.
They
just
go
well,
you'll
use
s
or
v6,
but
then
the
other
vendors
that
you're
using
elsewhere
don't
support
s
or
v6.
Yet,
and
of
course,
you
you
end
up
with
a
problem.
D
We
have
a
rather
interesting
solution
to
this
problem,
though
that
I
will
talk
about
later,
that
we've
been
testing
in
order
to
do
the
end-to-end
traffic
control
and
steering,
as
I
said,
there
are
islands
of
this
hardware
that
doesn't
support
us
or
MPLS
and
there's
a
bit
of
a
solution.
There
are
also
some
fairly
major
challenges
with
regards
to
BGP
labelled
unicast
and
keep
in
mind
that
we
consider
LD
p6
a
stillborn
child.
It
LD
p6
just
never
really
happened.
D
That
means,
if
we're
doing
MPLS
with
v6,
it
is
SR
and
SR
and
BGP
labeled
unit
cost
in
the
absence
of
LDP
done,
always
play
so
nicely.
Together,
you
get
random
label
insertions
and
other
funny
things
across
all
of
the
vendors.
So
you
have
some
issues
over
there.
We've
largely
managed
to
work
around
them.
Primarily.
What
we
see
is
the
fact
that
it
introduces
an
extra
label
onto
the
stack
with
a
random
label
that
it
generates
and
in
lo
label
devices
we've
only
got
three
labels
to
work
with.
D
This
will
cause
us
problems,
so
we've
had
to
work
around
that
on
the
vendor
implementation
side.
Our
traffic
control
in
our
steering
is
heavily
heavily
BGP
link-state.
We
use
a
lot
of
link
state
without
controllers
and
the
implementations
from
the
vendors
around
BGP
link
state.
It's
all
there
in
the
RF
sees
that
the
TVs.
Are
there
everything?
Unfortunately,
the
v6
he'll
he's
in
most
food
in
a
lot
of
the
vendors
are
just
well
missing.
I
just
don't
show
up,
and
so
that's
a
problem,
but
we're
working
with
the
vendors
on
that
and
saying
please.
D
You
know
we
need
a
consistent
implementation
here,
but
it
does
create
problems
with
our
entire
traffic
steering
chain.
The
support
for
v6
on
low-end
CPEs
is
as
inconsistent
as
it
comes.
I
mean
it
is.
It
is
a
mess
out
there.
You,
you
name,
the
CPE
and
I
mean
I.
Think
I've
got
a
cupboard
at
home
of
about
50
different
CPEs,
which
we
went
through
testing
one
by
one
by
one
by
one
and
every
report
is
inconsistent,
it
was,
it
was
quite
bad
and
so
that's
created
some
some
issues.
The
other
thing
is
dpi.
D
The
DPI
supports
the
traffic
through
v6
is
getting
better,
but
it
has
been
extremely
patchy
and
classification
of
traffic
again
I,
don't
like
dpi.
We
prefer
not
to
run
dpi.
Unfortunately,
in
certain
segments
of
the
network
it
is
a
necessity
and
so
problems
with
dpi
on
v6
traffic
have
caused
us
some
issues
on
our
translation
mechanisms.
At
the
moment,
it's
looking
like
we
are
veering
towards
the
s
wife,
because
it's
supported
by
all
our
cheap
on
our
n
T's.
D
It's
the
one
thing
that
is
and
I
know
that
there
are
a
lot
of
people
who
are
going,
but
why
not
map
you?
Why
not
map
T?
Why
not
this
one
at
that?
You
know
in
our
testing
with
what
we've
got
on
the
network.
This
is
just
a
practical.
You
know
it's
a
practical
decision.
This
is
what
we
see
is
the
most
supported
in
the
technology
that
we
have
on
the
network.
D
No,
no
religious
preference,
I
don't
do
religion,
I,
do
what
works
and
consulting
my
customers.
You
know
what
I
mean,
but
at
the
moment
we've
also
still
got
v4
space,
so
our
preference
is
still
just
to
do
all
stack.
It
week
until
we
run
out
of
v4
space,
we're
in
the
lucky
position,
where
we
still
have
v4
afrinic
still
has
some
v4.
D
D
We
need
to
kind
of
skip
over
these
islands,
but
maintain
into
in
traffic
control.
So
I
might
get
told
I'm
completely
insane
here,
but
what
we've
been
looking
at
is
using
a
binding
label
on
the
SR
stack
of
labels
and
steering
it
to
the
edge
of
the
network
and
using
that
binding
label
to
pop
off
the
binding
label
and
then
effectively
push
a
v6
stack
onto
the
package,
with
a
seat
with
a
compressed
routing
header
destination
option
in
there
and
then
using
stock
standard
routing
to
the
other
side
pop
off.
D
D
We
also
believe
that
SR
v6
is
coming.
We
have
quite
a
number
of
concerns
with
standard
SR
v6,
though,
and
with
regards
to
address
overloading
wastage
of
v6
base.
And
yes,
that
is
actually
a
concern
when
you
look
at
the
volumes
of
it
and
so
we've
kind
of
got
involved
in.
We
know
what
we
need
here,
so
we're
working
in
the
spring
working
group
to
say
you
know
this
is
our
perspective
and
see
where
it
goes.
D
Then
another
challenges
and
solutions
on
the
link
state
problems.
We're
working
with
the
vendors
we've
seen
some
success,
but
we
augment
through
other
data
sources,
if
necessary,
not
ideal
but
functional.
On
dpi,
it's
getting
a
lot
better.
We've
been
banging
on
the
vendors
doors
for
a
long
time,
and
you
know
like
twice
a
day
fix
this
fix
this
fix
this
and
it
seems
the
harassment
seems
to
be
working
we've
also
because
of
the
inconsistencies
in
implementation.
D
Uuugh
you'd
be
surprised
at
how
honest
vendors
come
when
there's
a
clause
in
there
that
says,
I
will
return
the
two
million
dollars
with
a
hardware.
If
you
lie
to
me
yeah,
and
particularly
since
we've
done
it
once
you
know,
so
you
change
the
procurement
level
and
it
puts
pressure
and
it
does
seem
to
have
worked
quite
well.
You
also
find
that
suddenly
you
get
a
new
code
release
that
fixes
the
incompatibility,
quite
particularly
on
the
bigger
orders.
D
So
moving
down
the
track,
we're
busy
v6,
enabling
some
consumer
networks
in
Uganda,
Rwanda,
Zambia
and
Kenya,
some
of
that
stuff
will
start
showing
up
fairly
quickly.
Some
of
it
is
more
problematic
because
of
Jeep
on
Ont
is
that
aren't
working
on
the
vendors
we're
working
with
in
Tanzania
and
and
Zimbabwe,
and
we've
got
some
issues
there,
but
it's
something
that's
actively
being
worked
on.
D
Our
investigation
on
the
translation
mechanisms
continues,
but
we've
got
some
room
to
move
because
we've
still
got
v4
space
and
it's
not
taking
a
back
seat,
but
it
does
take
some
pressure
off
us
and
then
we'll
continue
working
in
the
spring
working
group
and
hopefully
we'll
get
to
the
point
where
we
do
feel
that
we've
got
enough
parity
to
really
do
what
we
need
to
do.
We
are
getting
bidding
the
house
on
SR
to
solve
a
lot
of
our
problems.
No
denying
that
it's
just
a
question
of
where
the
SR
debates
go.
D
It's
it's
going
to
be
very
interesting
to
see,
and
then
by
policy
we
now
deploy
v6
towards
every
client
on
the
interface
there's
a
64
on
the
interface
and
a
48
routed
to
the
interface,
and
we
don't
care.
If
you
don't
use
it,
we
will
try
and
get
you
to
use
it.
But
if
you
don't
it's
there,
it's
deployed
it's
allocated
in
our
systems
and
we'll
tell
you
about
it,
but
every
client
we're
now
putting
it
on
there.
D
D
Don't
do
anything
with
it,
then
we'll
in
launching
some
fairly
major
v6
awareness
campaigns
fairly
shortly
and
we're
using
a
platform
that
we've
got
21c
skills
initiatives
which
we're
trying
to
use
to
train
people
in
Africa,
and
this
will
consist
of
training,
videos,
white
papers,
promotional
materials,
etc
and
we'll
continue
to
try
and
dispel
the
myth
of
security.
By
now,
we
are
looking
at
potentially
doing
cloud-based
firewalling
to
the
DIA
customers
etc.
To
say
you
know
what
get
ready
on
that
will
push
your
v6
through
a
firewall
and
you
don't
have
to
pay
for
it.
D
But
we'll
do
that
to
protect
you
against
the
that
net
is
protecting
you
and
will
still
get
very.
Your
net
will
get
your
v6.
So
that's
one
of
the
initiative.
You
know
the
initiatives,
but
that's
a
little
bit
about
you
know
a
quick
brief
on
what
we're
doing
and
yeah.
Hopefully,
somebody
finds
like
useful,
so
thanks
very
much.
E
E
That
great,
that's
some
confusion
at
the
beginning.
One
of
the
points
that
you
mention
about
the
CPE
support
for
the
for
the
transition
mechanism,
specially
for
ipv6
only
an
ipv4
as
a
service.
You
may
not
know,
but
about
three
months
ago
this
working
group
got
through
RFC
8585,
which
is
probably
what
you
should
ask
to
your
vendors
for
new
filter
updates
or
new
equipment
or
so
on.
So
you
have
all
the
choices,
depending
even
if
the
vendors,
if
the
customers
buy
the
CPE
outside
yeah,.
D
F
Hi,
my
name
is
so
much
jewellery
from
feature
a
a
great
presentation.
Thank
you.
So
much
I
have
one
question.
Regarding
the
one
of
the
slides
you
mentioned,
there
are
routers
where
you
cannot
push
more
than
three
labels
for
you
know,
so
you
see
a
lot
of
that
equipment
because
that's
generally,
we
see
in
cell
site
routers
the
routers
have
small
in
backhaul
there
you
can
use
Broadcom
chips.
You
cannot
put
for
more
than
four
layers.
It's
it's
it's
a
general
case
for
uro.
How
is
it
we
see
a.
D
Lot
of
that,
particularly
down
at
the
edge-
and
we
see
that
in
some
of
the
aggregation
stuff,
we
we
hit
the
three
label
limitation
and
we
need
to
traffic
steer.
We
do
that
through
the
controllers,
using
SR
and
binding
labels
and
effectively
bind
the
label
and
switch
out
the
stack
at
intermediate
Ori
points
to
lower
the
number
of
labels
on
the
stack
at
any
one
point
that
works
quite
well
in
a
completely
controller
based
environment,
where
you
can
automate
it
mm-hmm.
D
If
you
are
not
automating
that,
though,
and
you've
got
that
amount
of
stitching
happening,
it's
a
non-story,
you
will
lose
track
of
it
everywhere.
You
also
do
have
a
couple
of
challenges
there
with
regards
to
enter
in
path,
testing,
etc,
and
we
had
to
do
some
quite
interesting
stuff
on
the
operational
side
to
do
into
end
s
or
path
testing,
where
we're
injecting
packets
that
have
labels
that
take
it
to
the
head.
D
End
user,
binding
label
to
take
that
packet
through
the
tunnel
and
back
to
the
controller
and
then
measure
whether
or
not
the
packets
arriving
back
and
packet
loss
etc,
because
it
gets
quite
interesting
testing
whether
a
path
is
alive
once
you've
injected
it
with
bgp.
But
that
worked
quite
well.
Three.
F
E
E
He
come
to
the
list
which
problem:
hey:
I
am
willing
to
deploy
for
six
Forex
Latin
my
broadband
network,
but
when
I
do
cgn,
I
can
optimize
the
traffic
to
the
caches
to
the
city
ends
and
so
on
that
I
can
not
do
that
which
for
six
Forex
lat.
So
there
is
any
way
to
find
a
solution,
so
we
started
working
on
that.
E
That's
basically
the
problem
statement,
of
course
with
cgn.
This
only
works
for
those
Syrians
or
caches
that
are
able
to
use
the
private
addresses
special
for
the
cgn
right.
So
it's
range
100,
dot,
64,
dot,
0
dot,
0
/
10.
If
they
cannot
accommodate
to
that,
it's
also
useless.
So
this
is
the
typical
4
6
for
excellent
deployment,
where
you
may
have
the
not
64
and
the
connection
to
to
internet,
and
then
you
have
the
80
v6
internet.
If,
in
addition
to
that,
you
have
Syrians.
E
E
What
is
going
to
happen
is
that,
even
if
this
device
here
the
CDN
or
the
catch
air,
whatever
is
dualistic,
the
flow
will
be
truly,
not
64,
so
you
are
doing
an
ipv4
to
ipv6
and
then
again
PPD
for
translation,
which
don't
make
sense,
and
this
is
something
common
in
other
transition
mechanism.
For
example,
map
T
is
having
also
the
same
problem.
Okay,
so
in
fact,
even
again,
the
original
document
was
thinking
in
for
6
for
X
that
this
is
also
solution
for
mati
for
this
optimization.
E
So
what
we
are
trying
to
do
is
this
one,
because
this
IP
v4
only
device
will
get
translated
to
ipv6
by
the
silat
or
the
nut
for
6,
which
is
the
same.
We
want
that
this
flow
can
reach
directly.
They
ipv6
side
of
the
dual
stack
service.
Ok,
instead
of
going
through
the
not
64,
that's
the
idea,
so
how
we
do
that
well,
this
will
be
the
picture
of
the
different
scenario.
So
we
have
optimal
scenario.
We
have
dual
stack
devices
or
ipv6,
enabled
devices
behind
the
CP
demux.
The
support
email
will
be.
E
It
will
use
the
part
through
the
not
64,
and
then
what
we
can
do
is
again
getting
that
without
the
nuts
64
translation.
So
we
keep
the
cielab
translation,
the
not
for
6
translation,
up-to-date
destination
which
ipv6
okay.
Now
we
investigate
the
three
approaches.
One
of
them
is
equivalent
to
the
cgn
that
I
mentioned
before,
which
is
having
the
Syrians
and
the
catches
using
the
nat64
addressing
a
space.
E
They
don't
want
to
use
their
interfaces,
they
that's
64
addressing
space
and
it
has
some
complexity
because
you
may
be
using
a
net
were
specific
graphics
and,
of
course
this
will
only
work
if
decisions
or
HS
are
in
the
SP
network,
but
not
if
they
are,
for
example,
in
an
IX,
because
the
not
64
prefix
is
non
wettable
okay.
So
the
second
approach
is:
let's
get
the
salaat
with
typical
ease
in
the
CP,
together
with
a
DNS
proxy
to
talk
together
and
guess.
E
If
the
device
that
is
trying
to
access
a
dual
stack
resource
or
an
ipv6
enabled
resource
is
an
ipv4
only
device
or
application.
If
we
don't
succeed
in
that
gasps
nothing
happens,
we
still
don't
break
anything.
But
if
we
do
a
good
guess,
we
are
able
to
help
that
traffic
flow
to
go.
End-To-End
today,
t
v6
address
instead
of
translating
twice
so
even
if
we
make
a
failure
in
the
gas
is
still
not
breaking
anything
okay.
That
has
been
our
primary
consideration
with
the
design
of
this
approach.
E
So
what
we
do
is
a
few
steps
which
are
detection
of
suppose
that
IP
before
only
device
of
all
or
applications,
detection,
that
the
destination
is
ipv6,
enabled
we
create
explicit,
address
mapping
tables
for
connecting
those
two
sides:
the
source
taping
for
only
source,
quits,
the
ipv6
enabled
destination,
and
then
we
use
existing
routing
to
forward
the
ipv6
traffic.
Okay,
and
then
we
have
some
points
based
on
DNS
details
to
maintain
the
the
entries
in
the
in
the
specific
address
mapping.
E
E
E
Then
we
create
this
mapping
table
okay,
Oh
mapping,
entry
in
the
explicit
address,
mapping
table
and
then
they're,
not
64
or
select.
Sorry
we're
not
for
six.
That's
that's
incorrect.
Now
that
should
be
not
for
six
or
the
salaat
is
translated
to
that
address,
and
the
CDN,
of
course,
has
the
what
a
address.
So
it
just
works.
Okay.
Now,
let's
suppose
there
is
another
device
in
the
same
CPE
that
is
asking
for
a
different
name,
and
this
was
as
a
consequence
of
Martin
I.
E
E
Just
do
this
part
is
not
going
to
work.
So
in
the
last
version
of
our
document,
we
included
something
else
to
solve
this
problem.
Okay,
so
the
thing
is
that
if
we
detect
that
another
query
is
using
the
same
ipv4
address,
we
need
to
discard
the
optimization.
So
in
the
case
of
reverse
proxies,
we
cannot
do
that.
Okay,
because
otherwise
we
may
break
one
or
the
other
connection
right.
E
We
did
a
lot
of
questioning
about
our
procedure
to
make
sure
that
we
are
not
breaking
anything
because
the
the
pongos,
let's
make
sure
that
if
you
deploy
ipv6
with
this
optimization,
the
CDN
will
be
happy
or
the
service
provider
will
be
happy.
We
cannot
have
the
risk
of
breaking
anything
okay,
because
that
means
the
CDN
will
disable
ipv6
for
that
customer.
E
We
don't
want
to
go
through
that,
so
we
do
a
lot
of
points
on
that
and
then
there
is
a
final
approach
which
is
somehow
equivalent
to
the
automated
approach
in
the
Salah
talking
with
the
DNS
proxy
inside
the
CP.
But
in
this
case
is
manually
configured
by
the
ISP,
so
there
you
speak
and
get
the
ENT
and
send
it
to
the
cities.
Okay,
but
of
course
that
means
configuration
by
the
operator,
so
we
wanted
to
do
it
automatic.
E
E
If
there
is
an
ipv4
only
device
here
like
a
set
of
bugs
and
will
happen,
ipv6
only
service.
Of
course
we
could
deploy
CDC
right,
but
maybe
these
can
provide
an
an
additional
solution
to
that
which
is
even
if
this
is
ipv6
only
connected.
If
you
put
an
a
record,
this
will
work
right,
it's
ugly,
but
it
works.
E
E
Of
course,
of
course,
but
the
idea
is
that
you
can
have
a
good
page
in
the
SP
saying
sorry.
This
service
is
only
for
ipv6
enable
customers-
okay,
because
if
you
don't
have
a
P
before
the
rest
of
the
of
the
customers
will
never
reach
that.
So
we
are
not
creating
any
additional
problem
right.
So
that's
the
thing.
H
I
E
I
I
I
E
E
J
E
J
E
K
K
E
L
M
All
right,
while
we
wait
for
him
to
rejoin
the
queue
chaired,
much
Akamai
CDN
or
at
least
wearing
a
CDN
hat
I
mean
we
find
our
customers
pay
us
to
work
in
all
the
situations
and
I'm
concerned
about
this,
because
this
is
likely
to
break
the
customer
experience.
They
don't
want
to
have
their
end.
Customers
end
up
at
a
page
that
says
I'm.
Sorry,
this
content
is
only
available
if
you're
on
a
v6
network,
so
this
seems
infeasible.
This
seems
interesting
to
discuss
but
infeasible
in
practice.
M
E
M
Would
help
ya
address
at
least
one
slice
of
the
the
concerns
but
I
think,
generally
speaking,
our
customers
pay
us
for
the
performance
and
for
a
functioning
service
and
in
a
way
in
ways
that
this
would
show
up
in
operations.
I'm
extremely
concerned
that
this
would
end
up
causing
the
customers,
the
end-user
experience
to
be
extremely
poor,
and
they
would
be
better
off
going
through
an
ad
or
something
else.
M
As
a
result,
then,
then,
trying
to
go
and
communicate
to
us,
especially
when
our
customers
are,
are
doing
in
some
cases,
multi
CDN
approach,
so
we
have
to
actually
coordinate
with
them
and
with
everybody
else.
In
order
to
achieve
this
and
and
you're
seeing
some
of
this
play
out
in
the
DNS
working
groups
as
well
with
how
to
do
things
like
a
name,
etc,
etc
with
how
to
have
those
how
the
domain
name
holder
can
actually
have
stuff
show
up
in
multiple
different
realms.
M
N
O
O
Many
many
network
service
provider
have
an
already
or
medical
intimidation
were
with
a
pole,
to
use
the
cgn
by
doing
a
bypass
and
true
in
let
this
Cillian
to
deliver
directly
the
traffic
to
the
to
the
cable
modems
without
going
through
dissonant.
So,
if
we
implement
also
for
its
lack
of
before
Eric
speak,
we
we
will
need
to
to
deliver
again
the
traffic
through
the
this
through
the
nat64
202.
Anything,
that's
it
for
to
the
final
TVs
or
set-top
boxes,
which
most
of
them
are
just
in
a
be
reformed.
O
O
For
example,
Google
Plus
efficient
is
support
for
the
traffic
directly
without
knowing
precision
we
didn't
have
any
saturation
and
any
any
congestion,
but
we
implemented
that
with
the
final
draft
internment
a
little
bit,
but
was
amended
and
with
any
intercession
and
part
of
auspicious
incision,
but
it
showed
to
us
that,
obviously,
with
a
mod
direct
connection,
without
going
through
decision,
we
finally
get
a
bad
performance
which
confirmed
that
this
could
be
a
right
way
to
optimize
the
network.
So
that's
what
I
wanted
to
share.
D
Andrew
yeah
Judy
I
was
watching
that
last
section
of
your
presentation
and
maybe
I'm
missing
something
here,
but
if
you
add
a
fake,
a
record
to
make
this
work
that
works.
Ok,
if
somebody
is
behind
this,
however,
if
you've
got
a
v4
only
client
outside
normally,
when
he's
browsing
and
there's
not
a
record,
it
goes
well,
there's
no
a
record
go
away
and
it
does
that
pretty
quickly.
D
If
you've
got
a
fake,
a
record
there,
it's
suddenly
going
to
cause
some
significant
degradation
as
it
tries
to
access
that,
and
if
it
was
a
real
v4
address,
then
you
were
using
a
real
forward
baseball.
Then
it's
your
step
anyway.
So
the
option
using
a
fake
area
code
on
something
doesn't
fly
because
it
will
break
people
who
aren't
behind
us
and
who
I.
E
Probably
miss
it
explaining
it.
This
was
not
the
original
idea
of
all
this.
This
is
an
extra
and
we
don't
know
and
I
think
I
have
in
the
drivers.
Question
Mars.
We
didn't
want
that.
We
didn't
salt
on
this,
originally
that
we
thought.
Ok.
If
some
people
start
deploying
ipv6
only
services,
if
they
are
not
reachable
by
ipv4
only
devices
right,
they
will
break
now.
E
D
E
Have
a
webpage
if
it's
a
webpage
service
that
says
this
is
not
reachable
because
you
are
not
on
ipv6
again.
This
is
an
extra
this,
probably
probably,
this
need
to
be
in
a
different
ID.
So
don't
consider
this
as
the
main
thing
of
this
presentation,
because
probably
we
are
going
to
split
the
document
in
two
different
documents.
P
Over
eyes,
a
media
of
Verizon
named
sure
today,
so
if
you
go
back,
you
essentially
are
saying
that
you're
going
to
watch
for
DNS
lookups,
then
you're
gonna,
look
at
the
before
I
answered
your
query
against
the
what
are
fine,
they
call
it
v6
and
then
create
a
mapping.
So
here's
the
question
majority
of
CDM
is
out
there.
You
see
Ning
chains
in
order
to
do
this,
so
look
up
against
example.com,
which
will
see
name
potential
to
a
different
place
for
before
vs.
v6.
P
E
Let's
look
from
there
from
the
CP
device
from
the
CP.
If
I
do
an
a
query
to
reach
Yahoo
I
will
get
to
up
to
place
right
if,
instead
of
equity,
if
instead
of
an
equity
I,
do
a
quite
a
query,
I
will
go
to
another
place
right
now.
What
I
am
saying
is
I
am
Telling
You
Yahoo
that
I
am
NOT
an
ipv4
device.
I
am
an
ipv6
device
that
will
that
should
work,
because
you
don't
know
in
advance
which
kind
of
device
you
have
in
the
CP
right
or
behind
the
CP.
So
it's.
P
No
way
to
know
exactly
what
you
know,
but
exactly
is
that
in
the
process
of
doing
that,
let's
say
male
des
yahoo.com,
you
try
to
go
there
and
you
decided
to
take
my
answer
for
Melda
yahoo.com.
That's
New
York
now
try
to
look
it
up
from
a
different
place,
because
now
you're
gonna
do
it
from
a
different
place
and
that
different
place
is
gonna.
Tell
you
some
Francisco
so
now
you're
going
to
just
assume
that
New
York
equals
San
Francisco
in
before
v6,
potentially
and.
P
P
A
E
E
P
You're,
making
the
decision
in
the
middle
without
any
information,
what
either
side
needs
and
you're
making
a
lot
of
assumptions
in
your
game.
There's
something
that
you
could
do
this
in
DNS,
which,
as
we
saw
with
not
PT,
failed
utterly
because
there's
a
lot
of
protocols
out
there.
They
use
before
literals
and
there's
a
bunch
of
other
stuff
out
there,
which
is.
Why
was
deprecated
to
begin
with?
There's
games.
K
E
E
Q
Q
Son
I
kind
of
have
a
problem
yeah
big
one.
When
users
try
to
connect
to
v6
on
the
networks,
they
sometimes
coming
back
to
be
complaining
and
said:
oh,
it
takes
ages
for
my
device
to
confirm
that
there
is
network
connectivity
so
after
looking
into
it,
what
we
found
out
is
hello.
Gern
Hall
joins
the
network
or
actually
it's
almost
the
same
with
host
configures
in
you,
bla
bla
dress,
so
host
and
saneras.
Q
Maybe
if
there
is
a
corresponding
option
in
Torres,
router
might
create
a
neighbor
cache
for
host
link-local
doesn't
might
actually
then
host
get
back
and
erase
which
I
forgot
to
put
on
this
picture,
and
then
it
configures
global
address
default
gateway
and
it
has
a
neighbor
cache.
Entry
for
Lille
for
default
gateway,
link,
Alcala
dress
and
the
corresponding
MAC
address
so
host
is
basically
ready
to
send
traffic.
Q
All
good
now
hosts
are
sending
traffic
and
actually
address
may
be
still
optimistic
if
a
host
is
using
optimistic
that
hosts
engine
can
address
our
packets
somewhere
off,
link,
router,
successfully,
routing
same
link
and
all
loops
good,
no
neighbor
cache
updates
at
this
stage
right
then
return
traffic
comes
the
first
packets
appears
on
the
route
or
from
outside
run
altercations.
The
packet
look,
oh
I,
have
no
neighbor
Cassandra
for
that
address
and
creates
incomplete
entry
and
starts
all
his
neighbor
discovery
process.
Meantime,
what
packets
arrive,
all
the
speckles
get
dropped.
Q
Unfortunately,
then,
it's
point
of
time
MA,
coming
back
from
a
host
whose
router
neighbor
country
changed
stay
to
reachable
that
first,
but
red
packet
may
be
delivered
the
host
and
ma
traffic.
A
potential
occurs
apparently,
and
some
applications
might
be
unhappy
about
also
spec,
it's
being
dropped,
because
if,
for
example,
they
implement
increment
like
exponential
back-off,
it
might
introduce
huge
delay
and
in
general,
when
I
look
at
this,
it
basically
means
we
designed
neighbor
discovery
in
a
way
that
it
intentionally
drops
packets
all
the
times.
There
is
no
way
to
avoid
it.
Q
It's
like
by
design,
which
is
kind
of
sad
Manu
seriously.
So
what
I'd
like
to
see
an
ideal
or
like
spherical,
a
spherical
Network
in
vacuum,
old
boot
right.
So,
ideally
as
soon
as
start
sending
packets
from
a
host
outside,
it
would
be
nice
to
somehow
create
a
neighbor
cache
entry
right.
So
when
a
returning
traffic
arrives
it's
already
and
actually
in
if
it
was
just
two
hosts
on
the
same
link,
it
happens
because
neighbor
discovery
takes
care
of
it.
Q
Q
So
if
we
try
to
do
this,
ARP,
like
sync
for
neighbor
discovery,
it
would
not
work
because
1461
explicitly
prohibited
with
a
good
reasoning
which
works
for
only
in
communication,
but
for
adversity
completely
different
use
case.
If
you
see
a
router
might
need
to
send
traffic
back
without
without
receiving
NS
previously.
So
it
looks
like
the
reason
is
good,
but
not
for
out
there,
surrounded
by
kind
of
X
exclude
that
from
that
logic.
Q
So,
as
I
said
what
we
act
sure
when
a
web
server
and
packet
loss
all
the
time
delay
for
applications
to
start
using
the
network
and
as
a
result,
I'm
creepy
eyeballs,
because
users
are
complaining-
you
don't
know
before
in
every,
and
now
everything
is
worse
than
before
so
options.
What
we
can
do,
we
can
say
a
nasan
we
can
look
and
take
can
be
tweaked
neighbor
discovery.
All
we
can
try
to
look
into
advertising
addresses
from
hosts.
We
can
just
fix,
hosts
and
applications
yeah.
S
Q
So
before
talking
about
solution,
I
was
trying
to
summarize
how
the
solution
should
look
like.
So
obviously
it
would
be
really
nice
to
create
a
stale
entry
in
our
neighbor
cache
for
a
host,
if
not,
if
simply
doesn't
exist.
Obviously
we
do
not
want
to
overwrite
the
existing
entry
to
minimize
the
disruption
because,
as
I
said
address
my
D
optimistic.
So
we
do
not
know
if
there
are
any
real
owner
of
that
address
and
link
about
it
again.
Q
It
would
be
nice
if
applications
could
use
it
for
optimistic
addresses
as
well,
because
it's
exactly
the
case
when
you
want
to
start
using
the
network
as
soon
as
possible.
So
if
device
so
application
is
okay
with
delays,
it
probably
would
not
be
using
optimistic
addresses
and
they
might
be
okay
with,
like
10
second
delay
before
they
could
connect
and
also,
as
you
might
know,
in
some
networks,
you
have
more
than
one
router.
So
it
would
be
nice
if
traffic
live
in
the
network
from
one
router
and
return
flow
goes
through
another.
Q
It
still
works
so
again,
nice
and
work
intended
you
I,
don't
know.
Maybe
we
can
say:
okay,
it's
a
cosmetic
issue.
We
can
wait
for
10
seconds
every
time
your
hosts
connect
to
the
network
with
a
new
address,
but,
as
I
said,
obviously
it
makes
people
unhappy
and
I
think
it
hurts
the
deployments.
So
users
get
a
feeling
that
v6
only
networks
do
not
work
as
well,
as
was
there
coupons,
so
it's
introduced
additional
resistance.
So
that's
cool
with
the
great
suggestions
about.
Q
Can
we
look
into
registration
based
in
G,
which
is
used
in
other
types
of
the
network?
Well,
it's
a
kind
of
maybe
it's
a
strategic
solution.
I,
don't
know!
If
so
by
solving
this
problem,
you
introduce
as
a
problem,
so
not
so
I
think
it
should
be
discussed,
maybe
actually
in
six
manner,
not
here
so
I'm
not
covering
this
in
this
slide,
because
I
think
it
should
be
completely
different
topic.
Q
What
we
can
do,
tactically
again,
coming
back
to
an
a
logic
it
looks
like
it
does
make
sense
for
host
to
do
the
same
thing
as
we
did
in
before
and
advertise
in
your
address
and
for
our
alters
routers
should
acknowledge.
This
should
because
should
means
you
don't
do
this
unless
you
have
a
very
good
reason
and
I
believe
providing
cool.
When
I
read
this
justification,
router
it
doesn't
apply
to
routers
and
actually
some
vendors
well-known
vendor
sexually.
Have
this
already
it's
a
configurable
feature
when
they
could
glean
from
any
packets
sent
by
devices.
Q
Yes,
I
said
the
good
thing
is
it's
actually
RFC
compliant.
We
just
need
to
ignore,
should
and
already
implement
that.
So
there
is
actually
deployment
experience
with
this
and
it
works
for
a
symmetric
traffic
flow.
So
we
have
first
hop
redundancy
over
others.
You'll
receive
an
a
over
outers
will
obtain
a
broker.
Q
It
would
create
stale
entry
for
that
host
for
that
address
on
the
router,
because
again
it
will
be
like
standard
neighbor
discovery
state
machine.
If
you
get
an
anise
4
Mew
I
probably
need
to
create
an
entry.
However,
the
main
problem
here
it
wouldn't
work
for
optimistic
addresses
because
exactly
for
this
reason
to
prevent
disruption
in
case
of
duplicate
addresses,
hosts
are
not
allowed
to
say
and
NS
with
source
link
layer
address
option,
so
this
would
not
work.
Another
option
is
sent
address
from
global
address
to
a
router.
Q
Then
I
think
it
would
again,
it
would
work
if
address
is
not
optimistic
or
it
would
work
actually
40
mystic
addresses
if
route
the
response
for
unicast,
because
what's
happened
over
address,
would
receive
errors
if
address
is
not
optimistic.
Mac
address
was
included
into
options
and
routers
will
create
an
entry
if
addresses
empty
mystic
answer
is
no
my
country
SSL
la
option
in
arrays.
Then,
if
router
responds
with
array
unicast,
it
will
need
to
do
all
this
neighbor
discovery
machine,
but
again
it
might
introduce
additional
delay
because
erase
will
be
sent
with
some
random
delay.
Q
Ok
someday
the
traffic
go
into
the
router
address
3
through
the
SSH
a
DGP
session,
whatever
yeah
as
Goods
increase,
it
will
probably
bypass
all
this
intellectual
middleboxes
and
wireless.
The
cons
is
I'm,
not
sure
you
can
always
send
such
a
packet
to
another
address.
Its
additional
CPU
load
on
routers
will
be
dropped
by
a
control,
plane,
action
and
again
what
else
you've
left
the
empty
router
would
not
work
in
isometric
traffic
flow.
Q
So
what
I'm,
trying
to
summarize
is
suggestion
is
kind
of
recommend
router
vendors
to
do
configurable,
glean
from
unsolicited
honest,
again
configurable
it
shouldn't
be
on
by
default.
It
shouldn't
be
enable
per
interface
and
and
host
probably
can
send
unsolicited
Tenace
when
they
get
a
new
address,
configure
security
considerations.
Warren
was
concerned
about
breaking
stuff
actually,
no,
because
the
only
changes
proposed
is
to
create
entry
when
entry
does
not
exist.
Q
So
if
you're
concerned
about
host
doing
and
the
exhaustion
of
it
could
do
it
anyway
right,
it
could
sent
an
SS,
it
could
send
RSS
whatever
whatever,
if
you
have
malicious
hosts
inside
nice
and
changes
right
for
from
service
this
from
a
disruption
perspective.
Again,
we
only
talking
about
situation
when
there
is
no
entry.
Even
incomplete
entry
wouldn't
be
updated.
Only
talking
about
situation
when
entry
does
not
exist,
so
it's
safe
to
assume
that
there
is
no
traffic
for
that
host.
Q
Yes,
there
is
a
very
rare
condition
when
host
might
be
sleeping
for
25
days,
someone
sent
a
packet
from
outside
and
in
the
same
moment
of
time
we
got
a
duplicate
address
coming
on
our
well
I'm,
not
sure.
If
it's
so
critical
that
it
better
to
still
see
in
constant
packet
loss,
in
all
other
cases,
I
says
it's
all.
I
have.
K
K
K
That's
not
what
I
was
gonna
say
all
I
gotta
say
is.
This
was
a
problem
and
before
we
solved
it
in
v4,
by
doing
the
opportunistic
or
cleaning
or
carpenter
ease,
and
that
works
well
enough
that,
like
on
the
ITF
hotel
network,
the
router
doesn't
send
any
Arps
at
all.
So
like
it's
a
problem
in
v4,
we
fixed
it
in
v4,
it's
a
problem
in
v6.
We
should
fix
it
in
v6.
R
Q
Okay,
I
have
the
best
implementations,
yet
I
think
Mac
OS
does
not
do
that.
It
was
a
report
on
release
from
Alexandros
with
Windows.
Does
this
and
obviously
I
think
so
so?
Obviously,
some
vendors
implemented
that
on
the
router
equipment,
so
I
suspect
they
had
a
reason
for
this.
So
there
are
some
environments
when
hos
doing
this.
Q
Alright,
so
and
again,
it's
kind
of
if
you
want
Android
device
to
do
this
like
to
get
the
cash
update
at
first,
they
probably
make
sense
to
do
something
so,
as
I
said,
I
have
some
concerns
about
syncing
trace
through
the
pings,
because
it
might
not
work
on
every
environment
and
I
believe
this
might
better
chances
to
work.
If
router
vendors
doing
blame
have.
Q
Feel,
like
I,
sent
one
eye
on
the
device.
I
guess
that
and
I
think
it
did
yeah.
Well,
it
doesn't
mean
it's
gonna
survive
every
optimized
Wi-Fi,
but
I
assume.
If
what
Warren
is
sworn
is
saying
right,
it
does
for
you
for
so
yeah.
We
have
a
good
chance.
If
it
doesn't,
it
might
be.
Just
this
code
is
not
in
place.
Here's
some
wireless
devices,
but
again
it's
not
fundamental
issue.
M
Shared
much
Akamai,
it
seems
like
yeah.
We
should
update
it
to
be
explicit
to
say
that
the
routers
III
think
it
should
probably
be
promoted
from
the
should
text
that
I
saw
highlighted
to
you
know
something
something
else
and
is
yeah
yeah
yeah.
Sorry
I
think
you
I
think
you
might
have
showed
both
I
think
you
might
show
the
change.
So
basically
it's
a
it's.
Q
Very
hot
sent
right:
it's
talking
to
us,
so
I
think
what
we
should
be
doing.
I
suggest
we
write
a
document
for
router
when
you're
saying
router
recover
as
they
recommended
to
ignore
this
shoot
and
have
a
configuration
option,
configuration
option
to
ignore
this
shoot
and
still
do
beam.
Yes,
so
it's
this
one
right,
because
River
dweller
violations
is
how
I've
seen
it's
it's
talking
about
host
sexually.
So
it's
not
a
case
for
routers
right.
C
M
P
P
C
P
In
the
equivalent
of
gratuitous
ARP,
the
way
that
we
were
suggesting
to
do
that
was
basically
when
dad
is
being
done.
At
that
point,
sorry,
not
gratuitous
cleaning,
your
fault
cuz,
you
would
just
mention
it,
but
basically
do
glean
based
on
receiving
a
dad
at
that
point,
put
it
on
stale
revalidate
and
kick
off
the
process.
We
were
told
that
a
document
of
the
six
ops
should
not
mention
a
implementation
of
a
protocol,
which
is
why
was
not
included
in
65
83.
Yes,
that
is
exactly
what
we're
told.
R
A
K
P
P
P
I
probably
have
at
some
work
as
I
most
of
the
original.
The
original
work
I
wrote
the
original
thing
that
Warren
had
to
rewrite
completely
for
65
83,
but
my
original
one
probably
has
the
gleam
text
and
a
tall
shitty
to
you,
but
the
reason
why
a
version
of
Cisco
implements
it
is
because
they
were
our
vendor
at
the
time
and
we
work
with
them
to
make
it
happen,
because
otherwise
my
iPhone
could
take
out
a
data
center
and
there's
not
a
happy
place
to
be.
P
The
problem
is
that
we
were
not
allowed,
as
v6
ops
were
not
allowed
to
discuss
these
implementation
details,
and
in
here
it
was
supposed
to
be
six
men
and
six
men
didn't
care
about
the
implementation
of
how
it's
actually
done
and
routers
they
cared
about
spec.
We
should
wash
a
place
that
it
would
be
awesome
if
we
thought.
A
A
A
Q
K
K
You
know
what
we
could
probably
do
is
if
it
were
to
be
written
in
v6
ops
and
we
walked
over
to
six
matter
like
we're.
Just
is
it
okay
with
you
all?
If
we
just
mess
with
this
bit,
they
might
say
it's
more
trouble
to
for
us
to
do
it
than
for
you
to
do
it
whatever,
but
I
think
it's
useful.
A
document
is
written
and
if
we
discuss
it
there
and
if
we
say
we
think
this
is
a
great
idea
and
we
take
it
to
six
man,
even
if
they
want
to
actually
progress
it.
K
H
H
Q
H
I
I
In
any
of
the
testing
that
you
did,
do
you
ever
try
setting
the
router
alert
option
on
any
of
the
messages?
Does
that
change
anything?
No.
R
H
Tim
winner
of
you
and
a
try
well
couple
things,
I
think
this
is
a
good
idea.
I
do
think
we're
gonna
have
to
put
something
in
here
about
up
it
being
an
update
to
48
61,
there's
two
way
too
many
implementations
out
there
that
will
just
ignore
these
packets.
The
only
other
thing
is
make
sure
it
goes
to
the
all
routers
not
to
the
all
nodes
address,
because
we
only
want
routers
to
care
about
this
and
yeah.
H
R
H
David
lamp
utter
again,
but
if
you
don't
send
it
to
all
our
routers
and
you
don't
send
it
to
the
that
group,
your
yeah,
but
that's
that
that's
exactly
where
I
don't
want
wanted
for
privacy
purposes,
because
it's
not
on
all
nodes.
Yet
if
you
have
a
privacy
address
you're
at
least
a
little
bit
private
still
there.
P
J
Okay,
thank
you
and,
if
somebody's
in
the
jabba
room,
that
could
be
interesting.
If
somebody
replaced
me
when
I'm
speaking
here,
I
am
single
entity
of
myself
I'm,
not
the
tickets.
Okay
anyway,
this
draft
is
basically
belonging
to
OPSEC.
We're
to
two
chairs
are
here.
So
thank
you
for
being
here
and
supporting
me,
fathers
and
basically
it's
as
you
can
read.
We
try
to
analyze
all
the
operational
security
issue
in
several
places
in
the
network,
specific
focus
on
service
provider,
network
enterprise
network
and
residential
as
IOT
is
a
very
complex
place.
J
We
do
not
talk
about
it,
even
if
some
couple
of
thing
we
say
in
this
document
also
applies
to
iot
of
you
see
and
that's
an
informational
draft,
and
what
we
want
to
do
is
basically
I
mean
all
of
us
are
doing
v6
deployment.
How
often
do
you
get
a
all
secure?
Is
it
organized
securely
deploy
my
network,
so
we
try
to
put
all
things
together
there
and
our
recommendation.
J
So
now
the
bad
news
we
are
working
on
this
since
September
2012
I
was
not
even
the
object
chair
that
point
of
time.
You
were
not
even
right.
So
a
long
long
time
ago,
but
still
in
the
21st
century-
and
basically
it
is
quite
a
vast
domain
and
it's
a
kind
of
moving
target
right
with
capital
of
people
in
this
community
discovering
new
security
issue,
and
so
we
need
to
update
the
draft
and
so
on
and
so
on.
J
As
I
said,
informational
document,
it's
quite
long,
though
50
page
and
nothing
and
we
are
putting
the
record
on
all
many
reference.
We
have
in
a
reference
section:
I
counted
them
yesterday,
116,
because
basically
the
text
says
a
for
this.
We
briefly
explain
the
issue
and
then
we'll
be
fair,
basically
to
the
RFC,
all
the
other
documents
that
are
not
always
AIT
of
documents.
By
doing
its
consideration,
it's
not
recommendation
by
the
way,
so
the
structure
of
the
document,
the
big
part,
is
about
a
generic
security.
J
Consideration
and
I
shall
come
back
on
this
on
the
next
slide.
Then
we
go
capital
of
page
1,
Enterprise
I,
said
capable
of
bridge
on
service
provider.
Where
we
talk
about
BGP
about
the
transition
mechanism,
including
translation
mechanism,
of
course,
and
Ally
right
I
mean
the
service
provider
network
and
residential
network.
We
simply
refer
to
those
to
RFC
here.
J
The
big
chunk,
so
is
generic
consideration
and
then
we
go
and
the
first
paragraph
was
addressing
architecture
and
at
the
beginning
we
were
doing
a
lot
of
about
ula.
Now
it's
only
one
line.
Basically,
because
there's
quite
controversy
there,
we
talked
about
DHCP
slack
promise.
Reconsideration
next
step
is
about
extension,
headers
orders
how,
by
up
what
we
do
with
fragmentation
and
refer
to
your
draft
link
layer
security.
What
about
new
discovery?
Of
course?
J
J
This
is
when
we
need
basically
to
send
the
packet
to
the
CPU
okay,
which
has
some
time
different,
compare
v4
and
v6
rotting
security,
basically
explaining
what
we
can
do
there
about
the
routing,
update
the
rod
filtering
or
refer
to
this
RFC
6060,
six
about
the
DCR
prefix,
for
instance,
everything
about
the
transition
techniques,
you
a
stack
and
capsulation
translation.
We
even
kept
Terra
dos
and
six
to
four,
even
if
nobody
is
using
it,
because
when
we
talk
to
customers
and
people
do
bring
it
the
questions
still
pop
up
and
it's
communicated.
J
Where
we
are
so,
we
are
revision,
17,
a
thing
or
whatever.
Obviously,
as
you
said,
some
section
we're
quite
controversial
right,
I
mean
I,
see
at
least
one
somebody
in
the
room
here.
Another
lady
in
the
end
and
Tim
shown
is
not
here,
but
many
people
has
provided
feedback
plug
it
and
we
listen
to
this
right.
So
we
basically
now
counting
the
text.
You
elaine
only
nothing.
We
don't
talk
about
p.
J
J
Capital
of
acknowledgment-
and
I
think
many
people
in
this
room
up
out
there-
that's
all
the
people
sending
review
comments.
Thank
you
again.
We
have
requested
looking
group
last
call
to
Jen
and
and
run
through
the
optech
working
group
share.
They
want
to
talk
to
us
to
me.
I,
guess
before
doing
this,
so
we'll
do
it
later
this
week,
Matt
as
an
author
I
would
love
to
get
as
well.
We
will
go
if
everything
is
okay,
working
group
last
Conan
OPSEC,
but
in
this
case
it's
also
v6.
J
So
while
we
do
the
group
last
goal
in
OPSEC,
it
would
be
nice
for
the
authors
that
you
also
do
the
review
here.
Okay,
because
that's
observed,
roar
and
v6,
so
I
hope
that
we'll
get
some
people
reviewing.
It
I
understand
it's
50
page,
so
it
takes
some
times,
but
it's
really
useful,
because
after
reading
it
and
reading
it
I
mean
the
authors,
we
don't
don't
know
anymore
right,
okay,
so
basically
we
have
to
get
done.
Thank
you
again
and
any
questions
nataly's.
C
Shredderman
ripe
ncc
every
ITF
that
there
is
a
presentation
about
this
draft
I
go
to
Mike
I
thank
the
alters,
maybe
one
or
two
cones,
no
I'm
done.
Okay,
I
read
it
again
after
the
last
revision.
It
looks
great.
Thank
you.
I
would
suggest
neat
last
call
and
move
on,
and
maybe
after
eight
years
to
be
done,
Thanks.
E
I
I
don't
know
if
you
have
seen
my
last
email
a
couple
of
days
ago.
I
think.
Basically,
it's
done.
I
ripped
all
the
text
again
after
the
ITF
in
March
and
again
last
week
there
are
just
a
couple
of
needs
and
I
still
disagree
with
not
differentiating
between
Matty
and
me
because
they
are
somehow
different
from
the
perspective
of
security
and
then
I
think.
The
other
comment
was
there
is
nothing
about
the
DNS
proxy
problem.
If
you
don't
have
a
DNS
proxy
in
the
CPS,
you
need
clarification.
We
can
talk
about
this
by
email.
J
R
R
R
E
R
J
Think,
if
you
can
put
OPSEC
I
mean
it's
up
to
the
chair
by
the
way
here.
I
would
love
this
community
to
review
it
and
send
a
comment
to
OPSEC
right
I
mean
all
of
us
signed
the
same
thing,
so
we
will
see
it
anyway,
but
put
the
name
of
the
draft
there
right.
That's
the
way
when
the
meaning
lists
when
you
look
in
the
archive
is.
G
A
A
F
Okay,
my
name
is
Uma
I'm
going
to
talk
about
is
sv6
empty
deployment.
Considerations
and
I
thanked
her
kindly
agreeing
to
put
this
because
they
asked
me
to
send
an
email.
I
could
not
send
I
was
traveling,
but
I
promise
after
this
meeting,
I
will
send
an
email
with
the
document
and
on
my
comments,
if
you
have
any
things,
I
want
to
ask
I
will
send
it.
So
this
is
regarding
the
ISIS
protocol
for
v6,
only
topology
or
multi
topology.
F
Ok,
this
work
has
been
presented
in
LSR
working
group
in
idea
for
node
3,
based
on
the
feedback
and
suggestions
we
are
presenting
in
v6
operation.
Some
of
the
people
said
that
you
know
this
is
no
document
is
required.
We
don't
want
to
do
LS.
Our
working
group
doesn't
want
to
do
deployment
considerations
document
some
of
the
things
are
known,
and
you
know
that
kind
of
stuff,
so
I
just
wanted
to
know
your
feedback.
If
this
is
a
known
thing,
that's
fine.
Otherwise
we
want
to
think
we
think
that
it's
good
to
document.
F
What
is
there
out
there?
We
are
not
changing
anything
in
the
protocol
so
background.
There
are
a
lot
of
IP
ipv4
ISS
deployments.
A
few
more
folks
are
seeking
ipv6
only
deployments.
The
first
thing
I
worked
in
2012
me,
my
world
employer.
We
started
looking
at
ipv6
only
deployments
still
it's
happening.
The
questions
are
the
same.
We
are
amazed,
but
you
know,
but
this
is
the
that
this
is
the
fact.
So
this
is
based
on
talks
with
multiple
operators.
Most
of
the
things
we
are
looking
at,
it
is
right
now,
mobile,
backhaul.
F
We're
for
fighting
services
are
being
deployed,
people
are
thinking
about
ipv6.
Only
some
people
are
looking
for
sr
v6
and
folks
are
in
l3.
Dc
underlay
is
looking
for
v6
only
deployments.
So
what's
the
goal
and
what
can
be
done
goal
of
this
degree?
This
document
is
to
lay
out
the
nuances
around
Isis
and
ipv6.
There
are
a
lot
of
options
with
ISS.
How
one
can
apply
one
can
deploy
with
ipv6.
The
first
thing
I
wanted
to
clarify
is
is
is
multi.
Topology
is
not
equal
to
ipv6,
it's
one
way
of
deploying
ipv6.
F
The
second
thing
is
provide
various
options
and
limitations
with
eius
eius
for
transitioning
to
ipv4
to
ipv6
and
looking
for
ipv6
only
deployments,
so
it
doesn't
provide.
This
document
doesn't
provide
any
protocol
extensions.
It's
only
it's
just
it's.
What
is
there
over
the
last
10-15
years?
What
happened
in
is
critical.
It's
a
documentation
of
fourth
and
one
sis
non-goal
there
is
ISS
multi
topology.
F
Primarily
there
are
two
ways
to
do:
ipv6
and
ISS.
One
is
ipv6
first
introduced
in
five
3:08
RFC
five-30,
eight
there's
a
new
reachable
TTL,
we
TLB
236.
It
works
on
a
single
topology
mode.
That
means
one
decision
process
happens.
That
is
one
SPF
happens
and
you
get
come.
You
get
to
compute
both
ipv4
routes
and
ipv6
routes
and
download
to
the
fav.
So
there
is
that's
the
one
thing
and
there
is
a
limitation.
There
is
a
condition
there
how
this
works.
F
F
There
is
TLB
22
added
for
a
high
density,
LV
and
TLB
to
35
to
37
arid
for
Monty
topology
TLB,
where
each
ability,
ipv6
addresses
can
be
advertised
so
as
I
set
up
all
the
decision
process,
topology
specific
decision
process-
that
is
a
very
multi
topology
you
have
ispf
complication,
happens
and
the
main
computer
main
thing
is
here:
MPI
d2
is
reserved
for
ipv6
routing
topology,
and
this
is
where
most
of
the
SS
empty
deployments
are
seen
basically
is
empty,
is
used
only
for
MK
ID.
It's
a
safe
alternative,
deploy
ipv6
in
the
legacy
networks.
F
So
what's
the
problem
with
RFC
Phi
3
0,
it
only
thing
is
it's
very
simple:
ipv6
we
just
read:
T
1
TL
v,
TL
B
236.
You
are
good
to
go,
but
the
only
condition
is
the
whole
network
should
be
congruent.
That
means
all
the
all
the
nodes
and
links
have
both
v4
and
v6
should
be
unable
in
sync,
as
a
simple
example.
Here,
let's
say
a
network
bitten
like
this,
everything
is
v4
and
v6,
but
between
RX
and
not
to
only
v4
is
enable.
What
happens
is
in
this
case
in
the
RFC
five-30.
F
F
So
there
is
a
single
topology
mode
with
multiple
address
families.
So
we
we
talked
about
this
restrictions
network
must
be
congruent.
We
have
seen
this
and
some
examples
where
this
is
not
possible
when
ipv6
is
getting
introduced
in
the
networks
and
legacy
nodes
does
not
support
ipv6
our
implementation
issues
causing
the
ipv6
to
be
disabled
or
Hardware
scale
limitations,
causing
that
p
v6
to
be
persons
or
low-end
devices.
F
That's
one
of
the
problems
with
empty
okay,
so
the
one
of
the
another
confusion
with
Isis
is
all
around
with
the
technology.
Now
we
can
see
that
multi
topologies.
It
says
that
MT
ID
2
is
reserved
for
ipv6
routing
topology,
but
rather
they
should
have
said
that
this
address
family.
There
is
no
distinction
between
utters,
family
and
topology
there.
It's
all
mixed
up
there
with
the
terminology.
This
caused
a
lot
of
confusion,
even
though
a
lot
of
questions
comes
because
of
this
fact.
So
so
yes,
MT
can
be
used
for
other
than
ipv6
routing
topology.
F
If
you
want
84,
you
can
do
whatever
you
want
another
ipv6
routing
topology.
Maybe
they
wanted
to
say
that,
as
this
is
the
first
routing
topology
with
ipv6,
it's
a
tiring
conversation.
If
you
want
ipv6,
only
use
MK,
ID
I,
don't
want
multi,
topology
I
just
want
single
topology
ipv6
only
I
want,
but
still
you
how
to
use
empty
ID
because,
as
a
result,
ipv6
routing,
topology.
F
F
So
in
summary,
this
document
only
provides
various
options
available
for
ipv6
only
deployment
or
transition
to
ipv4
to
v6
and
what
are
the
pitfalls
to
avoid?
Maybe
this
is
known
to
a
lot
of
people,
but
you
know
this
is
not
thing
thought
I
got
and
I
ever
haven't.
We
talking
to
customers
and
demystifies.
What's
been
out
there
in
is
SMT
and
any
comments
feedback
I
will
happy
to
take,
and
we
are
looking
to
ask
for
adoption
in
LS
are
working
group.
F
Ls
are
working,
so
one
of
the
ellis
our
feedback
I
got
was,
is,
is
ipv6
all
done
in
1195
ahrefs
1195
and
they
don't
want
to
do
deployment
guides
because
it's
a
known
issue,
so
many
things
they
are
tied
up
there
even
I
didn't
put
multi
topology
transition.
There
is
another
confusion
there,
so
all
these
are
documented
in
I
thought
it
will
be
useful,
but
it's
up
to
the
folks
here
also
I
will
get
the
feedback
from
here.
Okay,
so
I'll
ask
you
the
same
question:
I
asked
your:
where
do
you
want
feedback?
F
I,
won't
feedback
from
here
v6
operations,
because
these
are
the
folks
who
are
deploying
ipv6.
Only
Network
are
transitioning
to
ipv4
to
b6,
so
you
guys
might
have
faced
some
of
these
problems
or
you
might
have
work
around
sunny.
No,
no
v6
I
will
send
a
mail
to
the
v6
ops
and
if
you
can
send
the
feedback
in
the
basics.
P
F
A
F
E
Can
I
can
go
to
that
one
very
quickly
just
to
to
get
comments
in
the
lists?
Hopefully,
okay,
so
I
started
this.
This
work,
something
like
10
years
ago,
but
at
that
time
we
didn't,
we
didn't
jump
it
into
into
it.
Actually,
the
main
point
is
that
when
you
read
the
document
about
how
you
do
point-to-point
links,
it
looks
like
it's
recommending
a
slash
127,
but
actually
this
is
not
what
the
document
says.
What
the
document
says
is
that
routers
must
support
it.
E
So
I
am
trying
to
clarify
that
here,
especially
because
almost
70%
of
the
networks
are
using
a
different
way,
so
we
should
document
in
basic
sub
Scotties
actively
being
used
in
the
network
right
the
resource.
Another
point
here,
which
is
supported
by
RFC
six60
three,
which
is
exclude
option
for
as
last
64
from
a
bigger
prefix.
So
you
have
well
actually
shorter
prefix.
E
If
you
have,
for
example,
as
last
48
for
a
customer,
you
can
use
the
first
slash
64
for
the
point-to-point
link,
and
this
is
not
documented
anywhere,
its
reference
it
as
something
that
can
be
done,
because
you
have
the
exclude
option
in
dhcpv6,
perfect
delegation,
but
it's
actually
not
documented,
and
a
lot
of
people
is
using
that.
So
what
I
am
what
I
am
trying
to
do
in
the
in
the
draft
is
describing
the
different
choices
that
you
have
for
the
point-to-point
link,
good
things
and
bad
things
from
its
bond
and
also
the
numbering
ways.
E
So,
for
example,
you
can
use
global
unicast,
you
can
use
your
leis,
you
can
use
a
number
it
which
is
a
link,
local
and
so
on.
So
that's,
basically
what
the
draft
is
describing
all
those
are
used
by
different
ISPs,
but
we
don't
have
a
real
document
which
is
describing
all
the
choices.
Okay.
So
most
of
the
time
when,
when
you
get
questions
from
ISPs,
how
I
do
that?
You
don't
have
a
single
document
to
reference
everything
like
that,
and
some
of
the
possibilities
are
not
documented
in
any
way.
E
E
E
So
again
sang
with
this
document.
It
has
been
dormant
for
one
year,
one
year
more
or
less
I
didn't
have
it
sufficient
time
to
take
over
it,
and
at
that
time
it
was
not
considered
by
the
working
group,
but
this
is
a
discussion
that
that
we
have
every
two
three
months
actually
I.
Think
two
weeks
ago
we
had
the
same
discussion
in
the
list,
so
in
other
working
groups
we
have
definition,
sort
of
terminology.
E
We
don't
have
that
here,
and
this
is
a
very
simple
different
definition
about
what
is
native
good
Teesside
tv6
only
and
that's
the
goal
of
the
document.
So
let's
try
to
speak
the
same
language
because
we
are
confusing
people,
that's
that's
it
I
I,
don't
think
I
need
to
go
through
the
slides.
This
is
so
simple
like
that.
We
you
may
agree
or
not
with
this
definition.
That's
the
reason
we
need
to
work
on
that.
Okay
and
that's
it.
Thank
you
go
to
the
list.
Please.