IETF Logo Mail Archive

Re: [BEHAVE] proprietary implementation v.s standardisedprotocols//re: draft-xu-behave-nat-state-sync-00

<mohamed.boucadair@orange-ftgroup.com> Wed, 02 December 2009 07:16 UTC

Return-Path: <mohamed.boucadair@orange-ftgroup.com>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BC89528C0FD for <behave@core3.amsl.com>; Tue, 1 Dec 2009 23:16:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.969
X-Spam-Level:
X-Spam-Status: No, score=-1.969 tagged_above=-999 required=5 tests=[AWL=0.279, BAYES_00=-2.599, HELO_EQ_FR=0.35, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P8Knd6RpSvfx for <behave@core3.amsl.com>; Tue, 1 Dec 2009 23:16:20 -0800 (PST)
Received: from relais-inet.francetelecom.com (relais-ias245.francetelecom.com [80.12.204.245]) by core3.amsl.com (Postfix) with ESMTP id 652A53A6914 for <behave@ietf.org>; Tue, 1 Dec 2009 23:16:20 -0800 (PST)
Received: from omfeda08.si.francetelecom.fr (unknown [xx.xx.xx.201]) by omfeda13.si.francetelecom.fr (ESMTP service) with ESMTP id 1F881190493; Wed, 2 Dec 2009 08:16:12 +0100 (CET)
Received: from PUEXCH81.nanterre.francetelecom.fr (unknown [10.101.44.34]) by omfeda08.si.francetelecom.fr (ESMTP service) with ESMTP id 07FF438403A; Wed, 2 Dec 2009 08:16:12 +0100 (CET)
Received: from PUEXCB1B.nanterre.francetelecom.fr ([10.101.44.14]) by PUEXCH81.nanterre.francetelecom.fr ([10.101.44.34]) with mapi; Wed, 2 Dec 2009 08:16:11 +0100
From: mohamed.boucadair@orange-ftgroup.com
To: "Joel M. Halpern" <jmh@joelhalpern.com>
Date: Wed, 02 Dec 2009 08:16:10 +0100
Thread-Topic: [BEHAVE] proprietary implementation v.s standardisedprotocols//re: draft-xu-behave-nat-state-sync-00
Thread-Index: AcpzClV2gjsmSUZkRzyCUUaGZXvxjgAFN8Lg
Message-ID: <29028_1259738172_4B16143C_29028_27025_1_94C682931C08B048B7A8645303FDC9F30EF27742C2@PUEXCB1B.nanterre.francetelecom.fr>
References: <4B156B5C.7060800@viagenie.ca> <003401ca72f1$7d0d0310$d40c6f0a@china.huawei.com> <000001ca72f4$1e1a30a0$c3f0200a@cisco.com> <bcff0fba0912012037m3c24bbccyf6d9dde59299362d@mail.gmail.com> <4B15F0FC.5000509@joelhalpern.com>
In-Reply-To: <4B15F0FC.5000509@joelhalpern.com>
Accept-Language: fr-FR
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: fr-FR
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-PMX-Version: 5.5.7.378829, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2009.12.2.65416
Cc: "behave@ietf.org" <behave@ietf.org>, Dan Wing <dwing@cisco.com>, Xu Xiaohu <xuxh@huawei.com>
Subject: Re: [BEHAVE] proprietary implementation v.s standardisedprotocols//re: draft-xu-behave-nat-state-sync-00
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2009 07:16:21 -0000

 

-----Message d'origine-----
De : behave-bounces@ietf.org [mailto:behave-bounces@ietf.org] De la part de Joel M. Halpern
Envoyé : mercredi 2 décembre 2009 05:46
À : Cameron Byrne
Cc : behave@ietf.org; Xu Xiaohu; Dan Wing
Objet : Re: [BEHAVE] proprietary implementation v.s standardisedprotocols//re: draft-xu-behave-nat-state-sync-00

I believe we have agreed that we want to support the configuration of 
multiple stateful NAT64s in a cluster sharing state (using the same 
prefix, backing each other up / sharing load / ... ).

While it is true that one can deploy that with solutions from a single 
vendor, it seems natural and consistent with the rest of what we do here 
that we want to allow folks to build such a cluster using devices from 
different vendors.  Arguing about why an operator might or might not do 
that is a waste of time.  Some will want multiple vendors.  Some will 
want a single vendor.  Some will want the ability to migrate to a new 
vendor.

For the IETF therefore, the protocol for the state sharing seems a 
sensible thing to standardize.

Med: I fully agree.

Yours,
Joel

Cameron Byrne wrote:
> On Tue, Dec 1, 2009 at 6:06 PM, Dan Wing <dwing@cisco.com> wrote:
>> ...
>>>> * Cluster = A set of synchronized NAT64 boxes sharing a
>>>> single Pref64::/n.
>>> Does that mean a set of NAT64 boxes within a cluster should
>>> be from a single
>>> vendor? If so, how to deal with the case that some abnormal
>>> packets cause
>>> NAT boxes (using the same OS) within a cluster to crash
>>> simultaneously due to a bug with that OS?
>> The vendor fixes the bug.
>>
> 
> 100% agree.  The counter to Xu Xiaohu's point is what happens when
> vendor X sends a buggy sync update to vendor Y, and now vendor Y
> crashes.... ok.  We traded one unlikely (but real) bad situation for
> another unlikely but bad situation.
> 
> 
>> The operational complexity of running two NATs, from two different vendors, is
>> very high:  different CLIs, different alarming/alerting (e.g., SYSLOG, SNMP,
>> per-session NAT logging), different features (e.g., IPsec Passthru, SCTP),
>> different implementation of features (e.g., TCP MSS adjustment, fragmentation
>> [timeouts?  how much memory dedicated to reassembly?  out-of-order packets
>> supported?]), bandwidth and throughput (Mbps, pps),  make it too hard to
>> operate both NATs.
> 
> 100% agree.
> 
>> To my knowledge, sites do not run two different implementations of DNS servers
>> (e.g., ISC BIND and InfoBlox, or Microsoft and Unbound) where both DNSs back
>> up each other.  Like NAT, DNS needs to be rock-solid reliable, and a single
>> packet could take out a DNS server.
>>
>> -d
>>
>> _______________________________________________
>> Behave mailing list
>> Behave@ietf.org
>> https://www.ietf.org/mailman/listinfo/behave
>>
> _______________________________________________
> Behave mailing list
> Behave@ietf.org
> https://www.ietf.org/mailman/listinfo/behave
> 
_______________________________________________
Behave mailing list
Behave@ietf.org
https://www.ietf.org/mailman/listinfo/behave

*********************************
This message and any attachments (the "message") are confidential and intended solely for the addressees. 
Any unauthorised use or dissemination is prohibited.
Messages are susceptible to alteration. 
France Telecom Group shall not be liable for the message if altered, changed or falsified.
If you are not the intended addressee of this message, please cancel it immediately and inform the sender.
********************************

v2.23.0 | Report a Bug | By Email