20-24 September 2021
US/Pacific timezone

Translating IPv4 to IPv6 Without NAT

24 Sep 2021, 09:30
40m
Networking and BPF Summit/Virtual-Room (LPC Virtual)

Networking and BPF Summit/Virtual-Room

LPC Virtual

150
Networking & BPF Summit (Closed) BPF & Networking Summit

Speakers

Kyle Anderson (Netflix) Keerti Lakshminarayan (Netflix) Alok Tiagi (Netflix)

Description

Although an IPv6 only environment is ideal, the path to migration from an IPv4 environment is gradual and will present situations where an IPv6 client will need ongoing connectivity to an IPv4-only server. Such a communication path will need to use one of the existing IPv6 to IPv4 transition mechanisms (such as NAT or a dual IPv4 + IPv6 stack).

We will demonstrate a novel approach to this migration, that uses a unique transition mechanism utilizing the new SECCOMP_IOCTL_NOTIF_ADDFD flag introduced to the seccomp() system call, to intercept egress connect calls to opportunistically use a transition IPv4 address when possible, saving applications the pain of dealing with the end host not being reachable, while still living in an IPv6-only environment. Once applied at the beginning of connection establishment, the data path proceeds uninterrupted between the client and the server distinguishing this approach from many other transition/translation mechanisms.

We will also share a performance analysis of this approach, limitations of what we can do with seccomp(), and future work using this mechanism.

I agree to abide by the anti-harassment policy I agree

Primary authors

Kyle Anderson (Netflix) Keerti Lakshminarayan (Netflix) Alok Tiagi (Netflix)

Presentation Materials