Re: [BEHAVE] (no subject)
ivan c <ivan@cacaoweb.org> Tue, 18 June 2013 20:32 UTC
Return-Path: <ivan@cacaoweb.org>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDE1E21E8090 for <behave@ietfa.amsl.com>; Tue, 18 Jun 2013 13:32:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.539
X-Spam-Level:
X-Spam-Status: No, score=-2.539 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lDTxIKWB8eVm for <behave@ietfa.amsl.com>; Tue, 18 Jun 2013 13:32:41 -0700 (PDT)
Received: from mail.cacaoweb.org (mail.cacaoweb.org [46.105.102.78]) by ietfa.amsl.com (Postfix) with ESMTP id 600FC21E8054 for <behave@ietf.org>; Tue, 18 Jun 2013 13:32:36 -0700 (PDT)
Received: from www-data by mail.cacaoweb.org with local (Exim 4.72) (envelope-from <ivan@cacaoweb.org>) id 1Up2ag-0008Pv-AQ; Tue, 18 Jun 2013 22:33:22 +0200
To: "Senthil Sivakumar (ssenthil)" <ssenthil@cisco.com>
X-PHP-Originating-Script: 0:func.inc
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Date: Tue, 18 Jun 2013 22:33:22 +0200
From: ivan c <ivan@cacaoweb.org>
Organization: cacaoweb
In-Reply-To: <CB1B483277FEC94E9B58357040EE5D02325A6E93@xmb-rcd-x15.cisco.com>
References: <CB1B483277FEC94E9B58357040EE5D02325A6E93@xmb-rcd-x15.cisco.com>
Message-ID: <2f7dce8264c8a9a72640629502a44295@cacaoweb.org>
X-Sender: ivan@cacaoweb.org
User-Agent: RoundCube Webmail/0.3.1
Cc: Behave <behave@ietf.org>
Subject: Re: [BEHAVE] (no subject)
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ivan@cacaoweb.org
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2013 20:32:46 -0000
Hi Senthil, Thanks for your message. You might want to read http://tools.ietf.org/html/draft-ietf-behave-requirements-update-00 It features the list of updates to the existing RFC, adapted to new usage contexts such as CGNs, mobile networks, etc. On Tue, 18 Jun 2013 19:24:50 +0000, "Senthil Sivakumar (ssenthil)" >> >>Are you talking about UDP port preservation? > > Both TCP & UDP. The latest implementation in some router families is not > to have port preservation > (for both TCP & UDP). > The discussion here is not about UDP. UDP port preservation should generally not be implemented by NATs, as it could generate conflicts when 2 internal hosts using the same local port, each with a session to the same endpoint. This would break end-to-end connectivity in rare cases, as there is no fallback mechanism (as opposed to TCP). To be clear, the requirements are as follows: * NAT SHOULD NOT use UDP port preservation * NAT SHOULD use TCP port preservation Here are some NATs that have been tested and implement TCP port preservation: in the UK: BT (British Telecom) (house-made gateway) - number 1 provider Virgin (house-made gateway) - number 2 provider Sky (Sagemcom) - number 3 provider in France: Orange (Livebox) (house-made gateway) - number 1 provider Free (Freebox) (house-made gateway) - number 2 provider SFR/Neuf (Neufbox) (house-made gateway) - number 3 provider This covers the overwhelming majority of subscribers. We have the same results in Spain in Italy. Misc: Linksys E1200, latest generation. Netgear, various models It is difficult to find any NAT that does *not* implement TCP port preservation in these countries. If you think some gateway implementations have dropped TCP port preservation, you need to substantially support your claim by a reference. We are not aware of anything that would support it. > > Most of the NATs that I know don’t do port overloading any more. > RFC 5382 also says, > REQ-7: A NAT MUST NOT have a "Port assignment" behavior of "Port > overloading" for TCP. > This is the purpose of the new draft http://tools.ietf.org/html/draft-ietf-behave-requirements-update-00 , to make the use case for port overloading, as it is needed in CGNs. It wasn't needed nearly as much in 2005 when RFC 5382 was first written. REQ-7: A NAT MUST NOT have a "Port assignment" behavior of "Port overloading" for TCP is too stringent, as proved in my earlier message and in the draft-ietf-behave-requirements-update-00, and not needed. Port overloading is perfectly acceptable when the remote endpoints are distinct, as it preserves the uniqueness of the 5-tuple. As a result, REQ-7 must be corrected. -- _Ivan Chollet_
- Re: [BEHAVE] (no subject) Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] (no subject) Dan Wing
- [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supposed… ivan c
- Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supp… Simon Perreault
- Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supp… ivan c
- Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supp… Simon Perreault
- Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supp… Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supp… ivan c
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Rajiv Asati (rajiva)
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) Dan Wing
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] TCP port overloading, preservation a… ivan c
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] TCP port overloading, preservation a… Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] TCP port overloading, preservation a… ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] TCP port overloading, preservation a… Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) cb.list6
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) Reinaldo Penno (repenno)
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) Mark Andrews
- Re: [BEHAVE] (no subject) ivan c
- [BEHAVE] DNS vs port overloading Simon Perreault
- Re: [BEHAVE] (no subject) ietfdbh
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] DNS vs port overloading Mark Andrews
- Re: [BEHAVE] DNS vs port overloading Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Tom Taylor
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] DNS vs port overloading Mark Andrews
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] DNS vs port overloading Simon Perreault
- [BEHAVE] UDP socket programming Simon Perreault
- Re: [BEHAVE] TCP port overloading, preservation a… ivan c
- Re: [BEHAVE] DNS vs port overloading ivan c