Re: [BEHAVE] draft-chen-behave-rsnat-01
Chen Gang <phdgang@gmail.com> Wed, 29 July 2009 14:15 UTC
Return-Path: <phdgang@gmail.com>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6BD0D3A7052 for <behave@core3.amsl.com>; Wed, 29 Jul 2009 07:15:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.418
X-Spam-Level:
X-Spam-Status: No, score=-1.418 tagged_above=-999 required=5 tests=[AWL=1.180, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sAMdFNAQ4GKB for <behave@core3.amsl.com>; Wed, 29 Jul 2009 07:15:56 -0700 (PDT)
Received: from mail-pz0-f204.google.com (mail-pz0-f204.google.com [209.85.222.204]) by core3.amsl.com (Postfix) with ESMTP id 32D4B3A703C for <behave@ietf.org>; Wed, 29 Jul 2009 07:15:56 -0700 (PDT)
Received: by pzk42 with SMTP id 42so593530pzk.29 for <behave@ietf.org>; Wed, 29 Jul 2009 07:15:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=j2nmEC0fbgJlvfXRjaEsGsugQSwgAGyk3X9wTjxzwsA=; b=T+COrg7QYkygeIf7MO2aNTgGJsp+tCJZkxiOXj7rZJrsQckIvmd4VH/ExIphxQqeC6 w2nvZMMd5NuMR1/rm4Y9rOsrJ1FaSKKcpMN7+tGfIoJ6lUunifxoWuFq2W1BP+Fk0c0V zd+eQflz/ufztBMHzWu69H316jDo8GlN3GPPU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=J/NUR1T0iMZctq+zY0JGyWwVH3X6bwRK0StmsURzupMRUPIZEMPr+wk9bxxL6rw8yl GDYllE84tRtzaT2fh8YE+/JaS9KdQ/BzVdurPjRjlaluQoiWXMGR5IGabF0/Cw5b+ddB gg0I2v2jmPJO4MLNvzxQjYe+Li5ULlwX3ygc4=
MIME-Version: 1.0
Received: by 10.142.161.1 with SMTP id j1mr991143wfe.216.1248876949669; Wed, 29 Jul 2009 07:15:49 -0700 (PDT)
In-Reply-To: <7EF301E8-5F6A-4EDC-98BF-CCFFEF0937CD@muada.com>
References: <2A75F3F1-B253-4525-9082-5FF2A4CFFF6D@muada.com> <36ba02b00907280708l7bd61c7bhf51773b059d51286@mail.gmail.com> <7EF301E8-5F6A-4EDC-98BF-CCFFEF0937CD@muada.com>
Date: Wed, 29 Jul 2009 22:15:49 +0800
Message-ID: <36ba02b00907290715o181671e7odaadfe1c9bddf586@mail.gmail.com>
From: Chen Gang <phdgang@gmail.com>
To: Iljitsch van Beijnum <iljitsch@muada.com>
Content-Type: multipart/alternative; boundary="000e0cd14ea4f40916046fd8d278"
Cc: Behave WG <behave@ietf.org>
Subject: Re: [BEHAVE] draft-chen-behave-rsnat-01
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jul 2009 14:15:57 -0000
Hello lijitsch van, Please see my reply in line. 2009/7/29 Iljitsch van Beijnum <iljitsch@muada.com> > I have reread the draft. > > If I understand correctly, the idea is to use BGP to synchronize state > between multiple stateful translators, where each translator handles a part > of the address space used in translation at any time. Many people will argue > that this deviates too far from BGP's purpose. =>The intention choosing BGP is targeting to IPX Internet to IPY Internet scenario, in which BGP is quite suitable. > > > I can see that argument, but rather than convince you to not use BGP for > this, I would like to explain that _if_ you're going to use BGP for this, > you'll have to think about how to do that. =>Thanks > > > What you need is for mapping information to be exchanged that consists of > IPv4 and IPv6 source and destination addresses and ports and the protocol. > That's 9 items. You can probably optimize a few of them away, but using the > normal IPv4 address family would require you to encode the remaining > information in a new path attribute. However, this doesn't work: if > translator A has a mapping from 2001::2001 to 192.0.2.1 and translator B > from 2002::2002 to 192.0.2.1, then if they both announce this to translator > C, C would not combine this information but rather select either the info > from A or from B. => New defined attribute processing will guarantee the synchronization work done. Why can't translator C do the combination things? > > > (And you define the attribute as transitive, which means that it would be > propagated in eBGP, which is unnecessary and has the potential for problems > when the information leaks.) => For avoiding information leaks, how about define new capability attribute? > > > What would work better here if you defined a new address family that > consists of the concatenation of source address, source port, destination > address, destination port. This could be either IPv4 or IPv6. Then the other > protocol version addresses and ports plus the protocol number would be > encoded in a path attribute. This way, each mapping would be a separate NLRI > in the new AFI and there would be no problem merging the information. => Extending BGP might be a light-weight way to do mapping thing. Could you provide more detailed explanations for defining a new address family? Thanks for the discussion. BRs Gang
- [BEHAVE] draft-chen-behave-rsnat-01 Iljitsch van Beijnum
- Re: [BEHAVE] draft-chen-behave-rsnat-01 Chen Gang
- Re: [BEHAVE] draft-chen-behave-rsnat-01 Iljitsch van Beijnum
- Re: [BEHAVE] draft-chen-behave-rsnat-01 Chen Gang
- Re: [BEHAVE] draft-chen-behave-rsnat-01 Iljitsch van Beijnum