IETF Logo Mail Archive

Re: [BEHAVE] A New Draft on FTP64

liu dapeng <maxpassion@gmail.com> Thu, 27 August 2009 17:11 UTC

Return-Path: <maxpassion@gmail.com>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B335A3A69EC for <behave@core3.amsl.com>; Thu, 27 Aug 2009 10:11:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.139
X-Spam-Level:
X-Spam-Status: No, score=-0.139 tagged_above=-999 required=5 tests=[AWL=-1.324, BAYES_00=-2.599, FRT_BELOW2=2.154, SARE_PROLOSTOCK_SYM3=1.63]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LG-qqVm9Iu0I for <behave@core3.amsl.com>; Thu, 27 Aug 2009 10:11:51 -0700 (PDT)
Received: from mail-vw0-f177.google.com (mail-vw0-f177.google.com [209.85.212.177]) by core3.amsl.com (Postfix) with ESMTP id 275A63A6880 for <behave@ietf.org>; Thu, 27 Aug 2009 10:11:50 -0700 (PDT)
Received: by vws7 with SMTP id 7so953573vws.29 for <behave@ietf.org>; Thu, 27 Aug 2009 10:11:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=spgSJvkLDv79tzb8Eb+5s6Zw9jjPin4lUoBhSJP8QfU=; b=QLaUOZ+XUMXJTWBt6QarPMOd8KuxwcwogMa7+553wNF6Shv+z2WPY3zgLI+TYN3/Q1 UbdrgSnnjXlELUwRXBeIxf2QcrhJ5u48MwQ3zZDPka1i1LrgLL6G+oJCdK6wzzx+cCCo 4AfQ6iQjzTQoO2eoBlHHSyl/h+olzLuOvAzJ0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=McyU3Gmb1vTInTG6J3fIaUjcnB0Yx+h0kL5TghmV78tzxU5O2T47jdcdxc7r2YemqU w6uKFQtRrsPvlsqBJ8RjC7y7Uthi3p6Vt1LglZgwoL08CSO3yXNon435JSnBIp6CFMNI OGg47V/qro9VTNPFwug/bKcbzLIQFEZUMXXmc=
MIME-Version: 1.0
Received: by 10.220.69.204 with SMTP id a12mr55714vcj.0.1251393114594; Thu, 27 Aug 2009 10:11:54 -0700 (PDT)
In-Reply-To: <002001ca26b3$5edfb0c0$c5f0200a@cisco.com>
References: <25e1aaa40908200659y629eb05eg5c2f269f11f07f57@mail.gmail.com> <25e1aaa40908241040kbf5cb50k904262a307f526f1@mail.gmail.com> <59B59B7F-D8E3-4414-8FB3-4EFE8F8D30B8@muada.com> <25e1aaa40908261202m371f6bf7hc912efd86c50d775@mail.gmail.com> <002001ca26b3$5edfb0c0$c5f0200a@cisco.com>
Date: Fri, 28 Aug 2009 01:11:54 +0800
Message-ID: <25e1aaa40908271011t72fab84fsd65b28f3469c9121@mail.gmail.com>
From: liu dapeng <maxpassion@gmail.com>
To: Dan Wing <dwing@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: behave@ietf.org
Subject: Re: [BEHAVE] A New Draft on FTP64
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2009 17:11:52 -0000

2009/8/27, Dan Wing <dwing@cisco.com>:
>
>
>> -----Original Message-----
>> From: behave-bounces@ietf.org
>> [mailto:behave-bounces@ietf.org] On Behalf Of liu dapeng
>> Sent: Wednesday, August 26, 2009 12:03 PM
>> To: Iljitsch van Beijnum
>> Cc: behave@ietf.org
>> Subject: Re: [BEHAVE] A New Draft on FTP64
>>
>> 2009/8/25, Iljitsch van Beijnum <iljitsch@muada.com>:
>> > On 24 aug 2009, at 19:40, liu dapeng wrote:
>> >
>> >> We upgrade the ftp64 draft, add some text considering the
>> legacy FTP
>> >> implementation and other clarification as well. Any comments are
>> >> welcomed.
>> >
>> > Can you please send the new text to the list?
>>
>> we upgrade setion 3 and 5, bellow is the text.
>>
>> 3. Client considerations
>>
>>    It is required that all IPv6 FTP clients MUST support both EPSV and
>>    PASV command.
>>
>>    When the client tries to connect to a server using IPv6 connection,
>>    it should use EPSV command first. If the server response
>> that it does
>>    not support this command or encounters an error, it MUST retry with
>>    PASV command.
>
> That algorithm will cause a timeout -- not an error -- with some FTP
> servers.  For example, ftp.dell.com responds positively to EPSV but
> does not actually allow connecting to the port indicated on the FTP
> control channel.  Other sites, such as ftp.microsoft.com, work just
> fine with EPSV.
>
> Would it be better to just try PASV first (and for the data channel,
> the FTP client should use the IP address of the control channel,
> ignoring what is in the PASV response) and if *that* fails it means
> the FTP server is really listening on IPv6 and refuses to use PASV
> and wants EPSV, so you only use EPSV after PASV returns an error?

my question is: the server is in an IPv4 network, if the PASV fails,
why does it expect EPSV command?

> -d
>
>
>> The server will respond to PASV command with
>> an message
>>    that contains an IPv4 address and port number that used for the
>>    client to connect to. The client MUST ignores the IPv4 address
>>    provided in the response; it should use the control connection's IP
>>    address to connect to the server to establish the data connection.
>>
>>    This approach could not only simply the FTP client software's
>>    implementation but also can avoid the problems caused by using the
>>    IPv4 address that included in the response message. For example, if
>>    the FTP client has a private IPv4 connection and a public IPv6
>>    connection, if it tries to use the IPv4 connection to
>> establish data
>>    connection with the server, it will never success.
>>
>>
>> 5. FTP ALG considerations
>>
>> 5.1. FTP ALG limitations
>>
>>    Implementing FTP ALG in the translation box may have some
>> limitations,
>>    such as:
>>
>>    1) FTP ALG may case to increase the complexity of translation box,
>>       since FTP ALG needs to understand FTP protocol and translate the
>>       application layer payload and update the header of FTP control
>>       packets.
>>
>>
>> Dapeng Liu            Expires February 27, 2010               [Page 4]
>>  >
>> Internet-Draft  IPv6 IPv4 translation FTP considerations August 2009
>>
>>
>>    2) For most of current Network Processor based translation box, ALG
>>       processing may cause its performance decreased
>> significantly. The
>>       reason is that FTP ALG processing can not take the advantage of
>>       Network Processor, which is designed and optimized for
>> processing
>>       regular packets (such as header translation).
>>
>>    3) From the evolution perspective, if the network continues to
>>       provide support of FTP ALG all the time, the users will have no
>>       motivation to upgrade their FTP client software. If
>> things evolve
>>       toward this direction, the ALG function of the translation box
>>       will become more and more complex. In reality, upgrading FTP
>>       client software is a more easy way to solve the ALG issue
>>       compared with requiring that all the translation box to
>> implement
>>       FTP ALG.
>>
>> 5.2. Solution to avoid FTP ALG
>>
>>    This document suggests that the translation box which situated
>>    between the IPv6 network and IPv4 network should not implement FTP
>>    ALG. It is depend on the client and server that comply with this
>>    specification to avoid the FTP ALG issue.
>>
>>    The reason that this document does not encourage translation box to
>>    implement FTP ALG is that since the FTP ALG problem can be totally
>>    avoid by defining the behavior of the client and server, it is not
>>    necessary to implement it at all. This approach can reduce the
>>    translation box's complexity. Also, the FTP client and server's
>>    communication without ALG will significantly improve its
>> performance.
>>
>>    For the legacy IPv6 FTP client, this document suggests that the
>>    legacy client should behave like RFC1579 recommendation
>> which is that
>>    "vendors convert their FTP clients programs to use PASV instead of
>>    PORT". For IPv6 FTP client, this recommendation should be
>> "the users
>>    or vendors should convert their FTP clients programs to use EPSV
>>    instead of EPRT". This can be done by configuration and do not
>>    require upgrading of the client software for most of
>> current IPv6 FTP
>>    client. This solution may require that the FTP server
>> should support
>>    EPSV command.
>>
>>
>> > A client that implements the client requirements and client
>> > recommendations listed in draft-van-beijnum-behave-ftp64-05 will be
>> > able to successfully interoperate with any server that
>> implements EPSV
>> > or PASV through a stateful or stateless translator.
>>
>> The solution in draft-van-beijnum-behave-ftp64-05 suggests that
>> "However, the server will respond to the PASV command with an IPv4
>> address that the client must use to connect to for the data
>> connection.  If the client has IPv4 reachability, it SHOULD set up a
>> data connection towards the IPv4 address." this may can not work in
>> some cases, as   draft-liu-behave-ftp64-02 mentioned:'" For example,
>> if the FTP client has a private IPv4 connection and a public IPv6
>> connection, if it tries to use the IPv4 connection to establish data
>> connection with the server, it will never success."
>>
>>
>> Since updating an
>> > FTP client is about the easiest possible upgrade that we could
>> > possibly require (an FTP client doesn't need special privileges and
>> > can run as a java applet in a browser) this provides a workable
>> > solution for most users.
>>
>> aggree, this is what draft-liu-behave-ftp64-02 suggested.
>>
>> > However, there is additional benefit in making FTP through a
>> > translator work for users with existing implementations,
>> which can be
>> > accomplished by either server upgrades or an ALG.
>>
>> Do not you think that server upgrading may be more reasonable from the
>> evolution perspective? if the network contitue to provide ALG all the
>> time, the server will never has motivation to upgrade, this will cause
>> the ALGs in the translation box become more and more complex, since
>> the translator will try to maintain ALGs for all the legacy
>> implementations; and the legacy implementation never think about
>> upgrading because they never aware the needs to upgrade. this approach
>> may be convenient for a little part of the users but is harmful for
>> the evolution of the network.
>>
>> > Since at least one vendor has expressed interest in
>> implementing such
>> > an ALG, having standard ALG functionality is better than
>> undefined ALG
>> > functionality and we have the text now anyway, in my opinion it
>> > doesn't make sense to remove the ALG text, although I'm willing to
>> > make it (even) more clear that such an ALG is optional.
>>
>> In my personal opioion, If the we do not recommend to implement FTP
>> ALG, maybe we should not include any text to describe how to implement
>> it for not misleading the reader. but maybe the text of ALG could be
>> adjusted as an appendix, then there will be no contradiction.
>> >
>> _______________________________________________
>> Behave mailing list
>> Behave@ietf.org
>> https://www.ietf.org/mailman/listinfo/behave
>
>

v2.23.0 | Report a Bug | By Email