IETF Logo Mail Archive

Re: [BEHAVE] Increasing the session timer for long lived UDP sessions (was Re: Review of the NAT64 document?)

marcelo bagnulo braun <marcelo@it.uc3m.es> Wed, 06 January 2010 19:21 UTC

Return-Path: <marcelo@it.uc3m.es>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DF80F28C0FD for <behave@core3.amsl.com>; Wed, 6 Jan 2010 11:21:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7lk98OK6rREB for <behave@core3.amsl.com>; Wed, 6 Jan 2010 11:21:30 -0800 (PST)
Received: from smtp03.uc3m.es (smtp03.uc3m.es [163.117.176.133]) by core3.amsl.com (Postfix) with ESMTP id 9554028C0D8 for <behave@ietf.org>; Wed, 6 Jan 2010 11:21:30 -0800 (PST)
X-uc3m-safe: yes
Received: from r190-132-213-134.dialup.adsl.anteldata.net.uy (unknown [190.132.213.134]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp03.uc3m.es (Postfix) with ESMTP id B88957F406F; Wed, 6 Jan 2010 20:21:25 +0100 (CET)
Message-ID: <4B44E2B1.5090903@it.uc3m.es>
Date: Wed, 06 Jan 2010 20:21:21 +0100
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812)
MIME-Version: 1.0
To: Reinaldo Penno <rpenno@juniper.net>
References: <C76A1CA5.E41F%rpenno@juniper.net>
In-Reply-To: <C76A1CA5.E41F%rpenno@juniper.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
X-TM-AS-Product-Ver: IMSS-7.0.0.3116-6.0.0.1038-17116.000
Cc: Bryan Ford <baford@mpi-sws.org>, IETF BEHAVE WG <behave@ietf.org>
Subject: Re: [BEHAVE] Increasing the session timer for long lived UDP sessions (was Re: Review of the NAT64 document?)
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jan 2010 19:21:32 -0000

Reinaldo Penno escribió:
>
> On 1/6/10 10:46 AM, "marcelo bagnulo braun" <marcelo@it.uc3m.es> wrote:
>
>   
>> Reinaldo Penno escribió:
>>     
>>> I object to the proposed timeout mechanism since it is implementation
>>> specific, 
>>>       
>> i disagree it is implementation specific. It does affect
>> interoperability, since with Bryan's suggested changes, the UDP timer
>> will be longer for long lived flows, so, end nodes and apps can rely on
>> that (e.g. the keepalives to keep a UDP hole open could also be sent
>> with increasing intervals)
>>     
>
> Okay, I see your point. I'm coming from the use case point of view. In the
> case of NAT64 make it configurable with a lower bound (see below) and when a
> new class of applications appear that can make use of exponential increasing
> timers the market will drive it and we can work on an experimental RFC.
>
>   
>>
>>     
>>> but not having idle-timeout configurable.
>>>
>>> I would simply proposed that the UDP/TCP idle-timeout be configurable since
>>> it is already the case in most NAT implementations from CPEs to CGNs.
>>>
>>>   
>>>       
>> again, we need more than that, at least a minimum timer value, in order
>> to be compliant with behave requirements.
>>
>> This does affect interop.
>>     
>
> Isn't it REQ-5 of RFC4787? Can we just use it as is?
>
> "  REQ-5:  A NAT UDP mapping timer MUST NOT expire in less than two
>       minutes, unless REQ-5a applies.
>
>       a) For specific destination ports in the well-known port range
>          (ports 0-1023), a NAT MAY have shorter UDP mapping timers that
>          are specific to the IANA-registered application running over
>          that specific destination port.
>
>       b) The value of the NAT UDP mapping timer MAY be configurable.
>
>       c) A default value of five minutes or more for the NAT UDP mapping
>          timer is RECOMMENDED."
>
>
>   
current version of the draft certainly complies with bullet c)
It used to comply with bullet a) but was removed in v05 due a commnet 
from a reviewer. I can put the text back in if the wg wants that.
bullet b) and the minimum timer is not contained in the draft, we can 
certianly add them

but, in order to decide what to do, i would need more input from the WG

Regards, marcelo
>
>   
>> Regards, marcelo
>>
>>     
>>> On 1/6/10 9:26 AM, "marcelo bagnulo braun" <marcelo@it.uc3m.es> wrote:
>>>
>>>   
>>>       
>>>> During the WGLC for the stateful NAt64 document, Bryan Ford suggested
>>>> the following change
>>>>
>>>> Bryan Ford escribió:
>>>>     
>>>>         
>>>>> * Third issue is with session timers for UDP.  (I think I brought up
>>>>> this on this list sometime back, but I don't know if there's been any
>>>>> discussion of it since then.)  While just having a constant UDP
>>>>> session timeout of 5 minutes should be permitted behavior, what would
>>>>> be even better and perhaps RECOMMENDED is if the NAT increases the
>>>>> session timeout as the session's lifetime increases.
>>>>>
>>>>> For example, if the session survives its first 5-minute timeout (i.e.,
>>>>> the NAT sees traffic during that time), it doubles the next period to
>>>>> 10 minutes, then to 20 minutes, etc., until some maximum, e.g., the
>>>>> 2:40:00 timeout specified for TCP in the ESTABLISHED state.
>>>>>
>>>>> This behavior still ensures NAT session state gets garbage collected
>>>>> before its lifetime exceeds about twice the time the UDP session is
>>>>> actually in-use; it won't affect UDP apps that naively just send
>>>>> keepalives at <5min periods; but it may greatly benefit smarter UDP
>>>>> apps on power-constrained mobile devices that want to reduce power
>>>>> consumption.  In particular, if the UDP app implements a
>>>>> binding-timeout-testing algorithm that starts with frequent keepalives
>>>>> and gradually decreases the keepalive frequency, then on a "naive" NAT
>>>>> with a 5-min timeout the app will learn that it has to send keepalives
>>>>> every 5min and do that; but on a NAT with doubling session timeouts,
>>>>> the session will appear to the smart app to have an "infinite" (or a
>>>>> 2:40-min) session timeout, and the smart app will be able to gradually
>>>>> reduce its keepalives to a very low rate and conserve power even while
>>>>> holding a long-term UDP session open.
>>>>>       
>>>>>           
>>>> I would like to have the WG input on this, please comment.
>>>>
>>>> Regards, marcelo
>>>>
>>>> _______________________________________________
>>>> Behave mailing list
>>>> Behave@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/behave
>>>>     
>>>>         
>>>   
>>>       
>
>
>

v2.23.0 | Report a Bug | By Email