Re: [BEHAVE] CGN REQ: Port Set Assignment

[<mohamed.boucadair@orange-ftgroup.com>]

Re-,

 

-----Message d'origine-----
De : Dan Wing [mailto:dwing@cisco.com] 
Envoyé : mercredi 16 mars 2011 20:34
À : BOUCADAIR Mohamed OLNC/NAD/TIP; Francis.Dupont@fdupont.fr
Cc : behave@ietf.org; draft-ietf-behave-lsn-requirements@tools.ietf.org; 'Benson Schliesser'
Objet : RE: [BEHAVE] CGN REQ: Port Set Assignment

> -----Original Message-----
> From: behave-bounces@ietf.org [mailto:behave-bounces@ietf.org] On
> Behalf Of mohamed.boucadair@orange-ftgroup.com
> Sent: Wednesday, March 16, 2011 7:38 AM
> To: Francis.Dupont@fdupont.fr
> Cc: 'behave' <(behave@ietf.org)>; draft-ietf-behave-lsn-
> requirements@tools.ietf.org; Benson Schliesser
> Subject: Re: [BEHAVE] CGN REQ: Port Set Assignment
> 
> Hi Francis,
> 
> By "random port set", I meant:
> 
> * a set of ports which are randomly generated when a new outbound
> packet is received by the CGN
> * the port set is not contiguous
> * the port set is not fixe
> * for subsequent packet requiring a new port, a port from the pre-
> allocated random port set is used
> * when all the ports in the port set are in-use, a new random port set
> is generated by the CGN, etc until reaching a quota.
> 
> We can find a better name for this.

I described a continuum from completely random to completely fixed at:
  http://www.ietf.org/mail-archive/web/behave/current/msg09182.html

which said:

   1. for every outgoing connection, create one mapping.
   2. for an outgoing connection, create a "bin" of several mappings
      using random public ports.  Subsequent outgoing connections will
      use ports from the "bin".  When the "bin" is full, a new
      connection causes a new bin to be created.  A bin is smaller or
      equal to the user's maximum port limit.
   3. Same as (2), but the ports allocated to a "bin" are consecutive
      public ports.

Perhaps that is a good starting point.  Or perhaps this is better:

   1.  for a new outgoing flow, choose a random port and create a new
       mapping.  There is a limit on the maximum number of ports.

   2.  for a new outgoing flow, choose several random ports and create a
       "bin" of those ports.  This outgoing flow is assigned one of
       those ports.  Subsequent outgoing flows will be assigned a port
       from the "bin".  When the "bin" is full, a new flow causes this
       process to be repeated (i.e., a new bin is created).  A bin is
       smaller or equal to the user's maximum port limit.

   3.  Same as (2), but the ports allocated to a "bin" are consecutive
       public ports.

Med: I don't know where to put the non-contiguous one single "bin" case (excerpt from (see http://tools.ietf.org/html/draft-bajko-pripaddrassign-02#section-4.1)

   "a non Continuous Port Range is assigned to a given customer's
   device. In this example, the Port Range Value defines 128 Continuous
   Port Ranges, each one with a length of 16 port values.  Note that
   the two first Port Ranges are both in the well-known ports span
   (i.e. 0-1023) but these two ranges are not adjacent.

   The following Port Range Mask and Port Range Value are conveyed in
   DHCP messages:
        - Port Range Value : 0000000001010000 (80)
        - Port Range Mask : 0000000111110000 (496)

   This means that the 128 following Continuous Port Ranges are
   assigned to the same device:
        - from 80 to 95
        - from 592 to 607
        - ...
        - from 65104 to 65119"


   4.  Same as (3), but only one "bin" is allocated.