Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supposed to be fixed years ago

Simon Perreault <> Tue, 18 June 2013 08:05 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 42F2521F9AAE for <>; Tue, 18 Jun 2013 01:05:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id YyHHp2x5BZM6 for <>; Tue, 18 Jun 2013 01:05:18 -0700 (PDT)
Received: from ( [IPv6:2620:0:230:8000::2]) by (Postfix) with ESMTP id BFF8221F9AAC for <>; Tue, 18 Jun 2013 01:05:18 -0700 (PDT)
Received: from [IPv6:::1] (unknown [IPv6:2001:660:3001:4012:84c5:867d:e648:8153]) by (Postfix) with ESMTPSA id 3C86E40411 for <>; Tue, 18 Jun 2013 04:05:17 -0400 (EDT)
Message-ID: <>
Date: Tue, 18 Jun 2013 10:05:17 +0200
From: Simon Perreault <>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6
MIME-Version: 1.0
References: <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supposed to be fixed years ago
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 18 Jun 2013 08:05:19 -0000


Thanks for the explanation. I believe I have a good understanding of 
what you are proposing now.

There are several smaller technical issues with your reasoning which I 
won't address now because they are tangential. I want to focus on your 
suggestion that we should recommend port preservation. I see the 
following major issues:

- Adding new constraints on NAT implementations is not going to meet 
much success. I don't believe anyone is going to change their existing 
NAT code now in such a fundamental way as to implement port preservation 
just because the IETF asks for it in a new RFC.

- Port preservation is not applicable to CGN, where a subscriber often 
only has access to a limited range of external ports.

- There are ways to improve the scalability of EIM without killing it. 
I've been advocating for some time that NATs should be allowed to use 
EDM for protocols that they know will not break, with EIM as a default. 
For example, using EDM for TCP port 80 and UDP port 53 is easy, 
harmless, and has a big impact.