Re: [BEHAVE] Home NAPT44 - How many ports?

Dan Wing <dwing@cisco.com> Thu, 06 June 2013 15:43 UTC

Return-Path: <dwing@cisco.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68E2621F9193; Thu, 6 Jun 2013 08:43:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MHlk1C0F+5Jy; Thu, 6 Jun 2013 08:43:28 -0700 (PDT)
Received: from mtv-iport-1.cisco.com (mtv-iport-1.cisco.com [173.36.130.12]) by ietfa.amsl.com (Postfix) with ESMTP id 3DF1921F972C; Thu, 6 Jun 2013 08:43:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2007; q=dns/txt; s=iport; t=1370533405; x=1371743005; h=mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=txT9IPcn+l8DqfE0oZMDVqJhfJVx2BH1mJKxEvbLSIE=; b=lyygDkrAFl4bA0SQNTL6HYnUBgKEvW5ZF1FF3A5gC7sRV/dtwcpCiRgB sTNxsQTljsu5r7upKt0kagyiLZS1u8e6QHBwCcYgWPblZzVK/nSyLSeqd rHxoBMJnL0MN1Fi5UwnvWAWgiIlQjXdZ42RIGYhxf7TTm3l5QV2+SakvK 8=;
X-IronPort-AV: E=Sophos;i="4.87,816,1363132800"; d="scan'208";a="79874449"
Received: from mtv-core-3.cisco.com ([171.68.58.8]) by mtv-iport-1.cisco.com with ESMTP; 06 Jun 2013 15:43:24 +0000
Received: from [10.32.240.194] ([10.32.240.194]) by mtv-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id r56FhNUd003338; Thu, 6 Jun 2013 15:43:23 GMT
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: Dan Wing <dwing@cisco.com>
In-Reply-To: <B14A62A57AB87D45BB6DD7D9D2B78F0B116D2400@xmb-rcd-x06.cisco.com>
Date: Thu, 6 Jun 2013 08:43:23 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <FC155739-3CB3-48FD-B77A-8526BEE9648B@cisco.com>
References: <B14A62A57AB87D45BB6DD7D9D2B78F0B116D2400@xmb-rcd-x06.cisco.com>
To: Rajiv Asati (rajiva) <rajiva@cisco.com>
X-Mailer: Apple Mail (2.1503)
Cc: "Softwires-wg list \(softwires@ietf.org\)" <softwires@ietf.org>, "Erik Kline \(ek@google.com\)" <ek@google.com>, "v6ops@ietf.org" <v6ops@ietf.org>, "behave@ietf.org" <behave@ietf.org>
Subject: Re: [BEHAVE] Home NAPT44 - How many ports?
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jun 2013 15:43:32 -0000

On Jun 5, 2013, at 6:14 AM, Rajiv Asati (rajiva) <rajiva@cisco.com> wrote:

> Some of you may recall our discussion (during the last IETF) around "how many TCP/UDP ports are enough with NAPT44" per home, as ISPs move into A+P paradigm. ~500, ~1000, ~3000???
> 
> Well, I started monitoring my home router and plotting the NAPT44 port utilization on a minute-by-minute basis. You may find it here - http://www.employees.org/~rajiva
> 
> In short, port range of 500 seems ok, though 1000 would be more than enough for my home.

I see several spikes in your data over 500 ports.  During those times, applications would be unable to function (unable to get a port).  April 29/30 is a long time where that occurs very visibly, but there are shorter spikes elsewhere such as on April 17 and April 18.  If you had only 500 ports on those days, creating a new TCP mapping would have been impossible, impacting ability to send or receive email, order books from Amazon.com, and so on.  I am surprised you conclude that "500 seems ok" when such a limit would interfere with your network use on those days.

What is the maximum number of mappings supported by your NAPT device?  Some residential-class NATs have a limit of 1024 mappings.

-d

> Suffice to say, this is just a sample representation, since the port utilization would vary home to home, based on number of active devices, type of applications, the degree of simultaneous device or application usage etc.
> 
> If any of you are doing similar monitoring, then please share.
> 
> Cheers,
> Rajiv
> 
> PS: Thanks to Erik Kline, who explained (with sufficient details) how to use google charting for my data. And thanks to Xun Wang & Shaoshuai Dai for helping me out significantly.
> 
> PS: My home has 3-4 active devices.
> _______________________________________________
> Behave mailing list
> Behave@ietf.org
> https://www.ietf.org/mailman/listinfo/behave