Re: [BEHAVE] NAT Logging -- Port violation event for MAP-E or LW4over6 BR
"Senthil Sivakumar (ssenthil)" <ssenthil@cisco.com> Fri, 26 April 2013 17:27 UTC
Return-Path: <ssenthil@cisco.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFB1E21F9971 for <behave@ietfa.amsl.com>; Fri, 26 Apr 2013 10:27:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7NR2Uezo6Bng for <behave@ietfa.amsl.com>; Fri, 26 Apr 2013 10:27:55 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id 2E21F21F996C for <behave@ietf.org>; Fri, 26 Apr 2013 10:27:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1926; q=dns/txt; s=iport; t=1366997275; x=1368206875; h=from:to:cc:subject:date:message-id:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=as7J/X4RPYwFEUIIG7E0diPvZhSbCERsJG3V46+Z8KI=; b=S9opW6dNaUPlb0mkgjBuwzA3TqjwGq93jqMptK2bGVBofjgQ4HGO7ASw f4h7qi3HvFs2VMIkK0EQur9OVRJ8zCY51m5jZIc5BDWYLuRNs3HvSxij7 S134QYO9vntKQOBJIy7Pwp0AKEk9ULBQasTYJ5iEwUBov2XKzRQYmUBtL Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AjQFAOa3elGtJV2d/2dsb2JhbABRgwc2vjqBBRZ0gh8BAQEEAQEBNzQLEgEIGAoUMQYLJQIEAQ0FCId6Aw8MtjMNiEkEjDyCJTEHgm1hA5NOgWuNboUfgw6Bagc3
X-IronPort-AV: E=Sophos;i="4.87,559,1363132800"; d="scan'208";a="203524803"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-7.cisco.com with ESMTP; 26 Apr 2013 17:27:54 +0000
Received: from xhc-aln-x15.cisco.com (xhc-aln-x15.cisco.com [173.36.12.89]) by rcdn-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id r3QHRshw031702 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 26 Apr 2013 17:27:54 GMT
Received: from xmb-rcd-x15.cisco.com ([169.254.5.104]) by xhc-aln-x15.cisco.com ([173.36.12.89]) with mapi id 14.02.0318.004; Fri, 26 Apr 2013 12:27:54 -0500
From: "Senthil Sivakumar (ssenthil)" <ssenthil@cisco.com>
To: "Dan Wing (dwing)" <dwing@cisco.com>, Tom Taylor <tom.taylor.stds@gmail.com>
Thread-Topic: [BEHAVE] NAT Logging -- Port violation event for MAP-E or LW4over6 BR
Thread-Index: AQHOQqNi+pv2b5Du+USrk93ke0odAA==
Date: Fri, 26 Apr 2013 17:27:54 +0000
Message-ID: <CB1B483277FEC94E9B58357040EE5D02324DD20A@xmb-rcd-x15.cisco.com>
In-Reply-To: <8FA24700-118B-4BAE-8DD0-FB72C45DEE22@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.2.130206
x-originating-ip: [10.117.198.134]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <2627EE4D383ACE4BB8BA5796F04C8408@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "behave@ietf.org" <behave@ietf.org>
Subject: Re: [BEHAVE] NAT Logging -- Port violation event for MAP-E or LW4over6 BR
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Apr 2013 17:27:56 -0000
On 4/26/13 12:29 PM, "Dan Wing (dwing)" <dwing@cisco.com> wrote: > >On Apr 26, 2013, at 8:46 AM, Tom Taylor <tom.taylor.stds@gmail.com> wrote: > >> Well, this comment has triggered an interesting discussion in >>Softwires, but now that I'm putting the final touches to a reissue of >>the SYSLOG NAT logging draft, I see it doesn't fit in very neatly there. >>The border router in these cases is not a NAT, so any discussion of >>logging probably belongs in a MAP-specific document. The CE is also >>responsible for checking, and the CE is a NAT, so it fits with the CE, >>but I'm not sure if it's worth standardizing. >> >> I'll leave it out unless I get comments otherwise. > >I believe the intent of generating such logging messages is >diagnostics/troubleshooting, in order to detect mis-configured equipment. > The mis-configured equipment is the CPE router. I don't recall, but >doesn't the MAP router send back ICMP errors if the subscriber's CPE >sends packets with the wrong port number? Yes, it does. "If the packets source port number is found to be outside the range allowed for this CE and the BMR, the BR MUST drop the packet and respond with an ICMPv6 "Destination Unreachable, Source address failed ingress/egress policy" (Type 1, Code 5)." > >-d > > >> On 25/04/2013 7:35 AM, Tom Taylor wrote: >>> The MAP-E and LW4over6 border routers are responsible for checking that >>> the ports assigned by the CE are within the set allocated to that CE. I >>> think we need a NAT logging event to report detection of an >>>out-of-range >>> port. >>> >>> Tom Taylor >> _______________________________________________ >> Behave mailing list >> Behave@ietf.org >> https://www.ietf.org/mailman/listinfo/behave > >_______________________________________________ >Behave mailing list >Behave@ietf.org >https://www.ietf.org/mailman/listinfo/behave
- [BEHAVE] NAT Logging -- Port violation event for … Tom Taylor
- Re: [BEHAVE] NAT Logging -- Port violation event … Tom Taylor
- Re: [BEHAVE] NAT Logging -- Port violation event … Dan Wing
- Re: [BEHAVE] NAT Logging -- Port violation event … Senthil Sivakumar (ssenthil)