IETF Logo Mail Archive

Re: [BEHAVE] draft-xli-behave-icmp-address-00

"Senthil Sivakumar (ssenthil)" <ssenthil@cisco.com> Sun, 28 March 2010 22:22 UTC

Return-Path: <ssenthil@cisco.com>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 48A073A68E8 for <behave@core3.amsl.com>; Sun, 28 Mar 2010 15:22:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.557
X-Spam-Level:
X-Spam-Status: No, score=-8.557 tagged_above=-999 required=5 tests=[AWL=0.912, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z44rpMv2xkkE for <behave@core3.amsl.com>; Sun, 28 Mar 2010 15:21:59 -0700 (PDT)
Received: from sj-iport-6.cisco.com (sj-iport-6.cisco.com [171.71.176.117]) by core3.amsl.com (Postfix) with ESMTP id 7D9AB3A67EC for <behave@ietf.org>; Sun, 28 Mar 2010 15:21:54 -0700 (PDT)
Authentication-Results: sj-iport-6.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0EABp0r0urR7Ht/2dsb2JhbACDGZgRcaUgiDgBj2OBKIJsbQSDHop8
X-IronPort-AV: E=Sophos;i="4.51,324,1267401600"; d="scan'208";a="504375308"
Received: from sj-core-1.cisco.com ([171.71.177.237]) by sj-iport-6.cisco.com with ESMTP; 28 Mar 2010 22:22:17 +0000
Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com [128.107.191.63]) by sj-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id o2SMMHDL002762; Sun, 28 Mar 2010 22:22:17 GMT
Received: from xmb-sjc-236.amer.cisco.com ([128.107.191.121]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Sun, 28 Mar 2010 15:22:17 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-2022-jp"
Content-Transfer-Encoding: 7bit
Date: Sun, 28 Mar 2010 15:22:16 -0700
Message-ID: <85B2F271FDF6B949B3672BA5A7BB62FB09BC1484@xmb-sjc-236.amer.cisco.com>
In-Reply-To: <4BAD32F9.1000301@cernet.edu.cn>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [BEHAVE] draft-xli-behave-icmp-address-00
Thread-Index: AcrNMnpq7qKFCKNzQ3m8qqMJALlkKwBkfj6w
References: <85B2F271FDF6B949B3672BA5A7BB62FB09BC1151@xmb-sjc-236.amer.cisco.com> <4BAD254A.4060700@cernet.edu.cn> <85B2F271FDF6B949B3672BA5A7BB62FB09BC12C0@xmb-sjc-236.amer.cisco.com> <4BAD32F9.1000301@cernet.edu.cn>
From: "Senthil Sivakumar (ssenthil)" <ssenthil@cisco.com>
To: Xing Li <xing@cernet.edu.cn>
X-OriginalArrivalTime: 28 Mar 2010 22:22:17.0864 (UTC) FILETIME=[20434880:01CACEC5]
Cc: behave@ietf.org
Subject: Re: [BEHAVE] draft-xli-behave-icmp-address-00
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2010 22:22:05 -0000

The use of traceroute with NAT (or NAT64) in the path obscures the view of the network and inhibits your debugging capability, no matter what kind of technique you employ to translate the other realm. The only thing the traceroute gives you in case of NAT is the number of hops and the latency. 
Regarding the routing loop, it is not really a routing loop but it appears to the end user as routing loop but the traceroute can still complete its tracing of the destination. I would suggest adding some text on the disadvantage/drawback around each of the technique described.

Thanks
Senthil

-----Original Message-----
From: Xing Li [mailto:xing@cernet.edu.cn] 
Sent: Friday, March 26, 2010 6:20 PM
To: Senthil Sivakumar (ssenthil)
Cc: behave@ietf.org
Subject: Re: [BEHAVE] draft-xli-behave-icmp-address-00

Senthil Sivakumar (ssenthil) 写道:
>  
>
> -----Original Message-----
> From: Xing Li [mailto:xing@cernet.edu.cn]
> Sent: Friday, March 26, 2010 5:21 PM
> To: Senthil Sivakumar (ssenthil)
> Cc: behave@ietf.org
> Subject: Re: [BEHAVE] draft-xli-behave-icmp-address-00
>
> Senthil Sivakumar (ssenthil) 写道:
>   
>> The way the ICMP messages have been translated by NATs (NAT44s) when 
>> there is no valid mapping was to use the NAT's outgoing interface's 
>> IP address and that has worked reliably over the years. I see the 
>> scenario described in this draft is no different and the section 
>> 2.4.3 is the easiest to implement and tested solution.
>> Any good reason why the other solutions are better or why using the 
>> interface's address is not a good idea?
>>     
>
> (1) The v4/v6 stateless translation can have different scheme compared with NAT44 which is stateful.
>
> [Senthil] The same scenario exists even in stateful NAT44 is what I was trying to point out. When an intermediate router in the public realm sends an ICMP which does not match an existing mapping we will have the same issue. 
>
> (2) Using the interface's address will cause confusion when doing traceroute (routing loop).
>
> [Senthil] Not sure I understand, why would it cause a routing loop? I understand you wouldn’t get the right results from traceroute, but traceorute is a debugging tool than an application in itself. 
>   

debugging is important tool. xing

> Thanks
> Senthil
>
> regards,
>
> xing
>   
>> Thanks
>> Senthil
>> ---------------------------------------------------------------------
>> -
>> --
>>
>> _______________________________________________
>> Behave mailing list
>> Behave@ietf.org
>> https://www.ietf.org/mailman/listinfo/behave
>>   
>>     
>
>
>

v2.23.0 | Report a Bug | By Email