Re: [BEHAVE] New Version Notification for draft-sivakumar-behave-nat-logging-04.txt
Senthil Sivakumar <ssenthil@cisco.com> Mon, 18 June 2012 21:02 UTC
Return-Path: <ssenthil@cisco.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAA0111E80BB for <behave@ietfa.amsl.com>; Mon, 18 Jun 2012 14:02:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t7yOjdViD7-a for <behave@ietfa.amsl.com>; Mon, 18 Jun 2012 14:02:31 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) by ietfa.amsl.com (Postfix) with ESMTP id 037A711E80C2 for <behave@ietf.org>; Mon, 18 Jun 2012 14:02:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=ssenthil@cisco.com; l=2498; q=dns/txt; s=iport; t=1340053351; x=1341262951; h=date:subject:from:to:message-id:in-reply-to:mime-version: content-transfer-encoding; bh=VrCu920+bBMg6Deg+KfjIX4n70y0WlkmatQYpNfBN2Q=; b=GIjkBV6fl6fZrCLXaSQhEzOkjAV7IVF3LeabXMnClaFnH3Q41z81DE7v 7DOpXY7hOBZ4TWSIscEvz87NmHGP5qWiSnZVO72BMVkeL3Oo9JQ/dOZPW V1drhybmvBRU11WenU9p/K7hBMH3PY3vjhG6sm/Pm2ES3XFm6KZFJ0LvS U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av4EAG2W30+tJV2b/2dsb2JhbAA7CrVxgQeCGAEBAQMBAQEBDwEUFQExCQcOCBhVMAYBEiKHZAULmF+fbItCBQyGHwOID40VgRKEQohDgWaCfIE7
X-IronPort-AV: E=Sophos;i="4.75,793,1330905600"; d="scan'208";a="93561310"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-3.cisco.com with ESMTP; 18 Jun 2012 21:02:30 +0000
Received: from [10.117.198.133] (rtp-sshnmuga-8914.cisco.com [10.117.198.133]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id q5IL2RUU013548; Mon, 18 Jun 2012 21:02:29 GMT
User-Agent: Microsoft-MacOutlook/14.2.2.120421
Date: Mon, 18 Jun 2012 17:02:25 -0400
From: Senthil Sivakumar <ssenthil@cisco.com>
To: Simon Perreault <simon.perreault@viagenie.ca>, behave@ietf.org
Message-ID: <CC050A83.22138%ssenthil@cisco.com>
Thread-Topic: [BEHAVE] New Version Notification for draft-sivakumar-behave-nat-logging-04.txt
In-Reply-To: <4FDF90F9.3010704@viagenie.ca>
Mime-version: 1.0
Content-type: text/plain; charset="ISO-8859-1"
Content-transfer-encoding: quoted-printable
Subject: Re: [BEHAVE] New Version Notification for draft-sivakumar-behave-nat-logging-04.txt
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2012 21:02:32 -0000
Thanks for the review. On 6/18/12 4:35 PM, "Simon Perreault" <simon.perreault@viagenie.ca> wrote: >On 2012-06-15 14:52, Senthil Sivakumar wrote: >> A new version of the logging draft is posted that is focused towards >>using >> IPFIX Information >> Elements for NAT logging. Please review and provide feedback. > >Looks good! > >Question: why did you unite vlan ID and VRF ID? Aren't they orthogonal >things? There are two information elements one for VLAN ID and one for VRF ID, they are listed under Table 1. In the actual events, I mentioned them as one entity as VlanID/VRF ID, the reason being either one of them is used to uniquely identify a private address but not both. > >Observation: the term BIB is defined in RFC6146 but only in the context >of NAT64. Yet this draft uses it in the context of NAT44. I foresee >problems. Ok, would it help if I change it to NAT44 binding instead of NAT44 BIB? > For example, it is not clear how a fully symmetric NAT (which >has no BIB) would use this. Would it only log session events and never >BIB events? Also, what about NATs that don't track sessions? Would they >just log BIB events and never session events? Correct, the NATs that don¹t track the full 5 tuple sessions wont log the full session. Similarly the NATs that don¹t have the Binding database but not the session database will not log the session entry. > >What about NAT46 and NAT66? Are they supported? NAT46 can be accomodated in the NAT64 record itself, can it not? Wondering if we need to address NAT66 as it is neither an RFC nor a product. > >Lastly, I see feature overlap between this draft and the MIB draft for >the addresses exhausted, ports exhausted, and quota exceeded event. Do >we really want to provide two ways of doing the same thing? I was going through the same thoughts myself. But I have had people asking these events to be logged. I think this is where logging is not just for tracking individual users but crosses into the management domain. But I also think that people using SNMP wouldn¹t want to log these events. Thanks Senthil > >Simon >-- >DTN made easy, lean, and smart --> http://postellation.viagenie.ca >NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca >STUN/TURN server --> http://numb.viagenie.ca >_______________________________________________ >Behave mailing list >Behave@ietf.org >https://www.ietf.org/mailman/listinfo/behave
- Re: [BEHAVE] New Version Notification for draft-s… Senthil Sivakumar
- Re: [BEHAVE] New Version Notification for draft-s… Simon Perreault
- Re: [BEHAVE] New Version Notification for draft-s… Senthil Sivakumar