Deploy360 3 April 2013

Video: 464XLAT Live Demo at World IPv6 Congress in Paris

By Jan ŽoržFormer Operational Engagement Programme Manager

Mobile operators have said they can’t start selling IPv6 phones and data packages because some applications – including Skype – don’t work on IPv6-only networks. How do we fix this problem?

At the third World IPv6 Congress in Paris, we gave a live demo showing exactly how this can work using an IETF Internet Draft called 464XLAT to make IPv4-only applications like Skype work on an IPv6-only mobile phone.

The World IPv6 Congress was one of the best IPv6 events so far this year with great speakers and a great audience. I gave two talks: the first about the GEN6 project and how to enable emergency response teams with mobile IPv6 and a second talk about World IPv6 Launch and also our efforts to build a global Best Current Operational Practice (BCOP) repository where the best operational documents on how to run networks and implement new technologies like IPv6, DNSSEC, RPKI, and others should reside.

Lorenzo Colitti from Google contacted me before the event because he wanted to test an IETF Internet Draft implementation called 464XLAT: Combination of Stateful and Stateless Translation and demonstrate a prototype or “proof of concept” on his development Nexus 4 phone. (Editor’s note: This I-D was published as RFC6877 a few hours ago.)

I decided to make my GEN6 presentation a little shorter and invite Lorenzo on stage for the last 10 minutes to do a live demo of 464XLAT. The decision paid off, as the live demo was a blast! Below you can watch the video, recorded by Mark Townsley (big thanks!).

Lorenzo asked me to bring my test SIM cards from Simobil, one of the Slovenian operators that implemented IPv6 in its mobile network. My test SIM cards are provisioned and well tested with an IPv6 PDP context and are also currently testing the PDPv4v6 setup that enables both protocols in one connection.

As my SIM cards were provisioned to a non-production HLR (because of PDPv46 testing) we could not use it on the first day, until they were re-provisioned to the production HLR that was permitted to do roaming in France. For a start we used Norwegian SIM cards borrowed from Tore Anderson and they also worked well. After hacking the code late into the night on Tuesday, the 464XLAT was ready for a live demo in time for my GEN6 talk on Wednesday.

464-xlat-hacking

Hacking, coding and testing of 464XLAT went late in Tuesday night. Thanks also to Andrew Yourtchenko for help. Left: Andrew Yourtchenko, right: Lorenzo Colitti

For an introduction, listen to Lorenzo’s explanation in the video of how 464XLAT actually works (or read about that on the tmoipv6 pages).

In short: Some applications do not work in an IPv6-only environment because there is no IPv4 that they can send data to. One of those applications is Skype, and this stands between mobile operators and the start of handing out IPv6-only mobile devices, which is currently the only viable way to extend mobile networks. There is standardised NAT64 for accessing the IPv4-only content in the operators’ core, but this does not help IPv4-only applications on mobile phones.

The trick in 464XLAT is the CLAT daemon that resides on the phone. It creates a virtual interface with one IPv4 address (it can be the same for all the handsets, it does not matter). The application then connects to this interface and happily starts to send packets, because from the application’s point of view this is just an IPv4 interface. The trick is behind the curtains, where the IPv4-to-IPv6 translation engine resides, translating IPv4 packets and sending them over an IPv6-only mobile network to a NAT64 device in the core that translates the IPv6 packets back to IPv4 and sends them to the destination. The return packet goes back to the handset through the same procedure.

The name says it all – 464XLAT means IPv4 to IPv6 and back to IPv4 cross translation. This is very useful for mobile handsets, where demand is not as high as in fixed networks.

During the demo, Lorenzo explained how 464XLAT works and then put on the screen two packet traces – one for the IPv6 mobile interface and one for the IPv4 CLAT interface. His phone was connected over an IPv6-only PDP context to the Simobil core over a roaming connection and had a Slovenian IPv6 address. When he started Skype, both traces started to show packets and this continued even when I called him and set up a video call, as you can see on the video below. My phone was connected to the IPv4/IPv6 wifi network in the conference room, so the packets’ paths were quite wild, but nevertheless – it worked!

464xlat-demo

Lorenzo Colitti and Jan Žorž calling over Skype in IPv6-only environment.

What is the take-away from this live demo? Mobile operators were complaining that they can’t start shipping IPv6 phones and data packages to their users because “not everything is working, especially Skype.” Not anymore, as we showed to the world that there is a solution that fits and solves exactly this problem. We just need to wait until this appears in production Androids, and users get it with an OTA upgrade – but the first steps are done. It works, it is simple, and there are no visible issues with the code.

Message to mobile operators: “time to wake up, technology is ready and coming, it’s your turn now!”

Watch the video of the live demo:

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...