Deploy360 25 June 2014

Live Demo of 464XLAT at Swiss IPv6 Council Event

By Jan ŽoržFormer Operational Engagement Programme Manager

Last week, at the Swiss IPv6 Council’s “IPv6 Business Conference” in Zurich, I did a live demo using the 464XLAT mechanism on my Android phone, using it to allow IPv4-only applications like Skype to work in an IPv6-only mobile environment. The process got a bit bumpy, but in the end it was a successful demo!

Let me back up and say that the event, overall, was a great success. I saw some new IPv6 material and perspectives that I had not seen at other meetings, so I am thankful to Silvia Hagen for the invitation. I actually did two presentations in addition to the live demo. My first talk was about the “IPv6 troubleshooting for helpdesks” document and tool, which we’ve talked about here recently. My second talk was about the story behind RIPE-501 and RIPE-554: “IPv6 requirements for ICT equipment” publications, which we talked about here last year.

The third session was one that could have – and nearly did – go completely wrong: a live demo of 464XLAT in an Android phone. You can read more about how 464XLAT works and my first lab tests in the go6lab in this previous 464XLAT post. I would again like to thank Simobil, the Slovenian mobile operator that (long ago) provided me with an IPv6-enabled SIM card for tests and live demos.

Troubleshooting the Demo

The issues began the day before the meeting when I realized that data roaming in Switzerland adds new unpredictability into the equation. Big thanks to Gert Doering for his assistance as we frantically fiddled with various settings and every possible combination of SIM cards and devices to find the combination that would work. In the end, we realized our major issue was a setting in Simobil’s billing system. When Simobil introduced LTE, they re-provisioned my test SIM card and the script set the roaming limit to 60EUR. When I reached this limit, strange things started to happen: the PDPv6 context was established, I got an IPv6 address, the CLAT interface did not start, and traffic did not move. Simobil quickly removed the limitation the morning of the live demo, and the whole thing started working immediately.

Just before I was set to go on stage, Skype decided not to connect anymore via my tablet. My turn was quickly approaching and I had no time for further debugging. After a brief explanation of the situation, I showed the tablet to the audience – the working connection, the IPv6 address, the 3G connection, the functioning Google and Facebook, the CLAT interface – but from some strange reason, Skype wasn’t working anymore. After some live debugging I decided that maybe the NAT64 server in Simobil’s core had some problems.

I tried to assure the audience that usually this works flawlessly, and went back to my seat to troubleshoot some more. Silvia continued the presentation with some IPv6 use cases and I left the stage, completely frustrated with the outcome of my live demo. I’m an engineer; I judge by results.

From my seat, I opened Skype on my laptop and began chatting with my friend Nejc from Simobil online, who had just helped me with the billing issue. He agreed with my assessment that something was wrong with their NAT64. Then I realized – there’s a working NAT64 in my go6lab (three of them, in fact)! I suggested that he reconfigure the GGSN to send one of my DNS64 addresses when establishing PDPv6 context. I re-established my PDPv6 session, received DNS information pointing to one of the implementations in my go6lab and voila – Skype connects!

464xlat-success

Success! The 464XLAT starts, Skype connects, and video call works!

I stood up, interrupted Silvia’s presentation, and loudly proclaimed the issue solved, and called Silvia on Skype, via her mobile phone. We got the video up and showed the audience how the whole setup works. Obviously, the first question from the audience full of engineers like myself was, “How did you make it work and what was wrong?”

I explained the solution of using a different NAT64 server, and the audience was quick to realize that, in fact, everybody using IPv6 on Simobil’s network was now sending traffic to the go6lab. I assured the audience the lab has enough uplink capacity to keep it going until Simobil’s NAT64 translation service returns to operational.

Thanks, again, to Nejc Bačič from Simobil for all the help, and to Silvia Hagen for helping do the live demo with me – and for being flexible enough to let me interrupt the program to finish what we started and show a successful result!

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related Posts

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...