IETF Logo Mail Archive

Re: [BEHAVE] proprietary implementation v.s standardisedprotocols//re: draft-xu-behave-nat-state-sync-00

"Dan Wing" <dwing@cisco.com> Tue, 01 December 2009 20:02 UTC

Return-Path: <dwing@cisco.com>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8FEEF3A6991 for <behave@core3.amsl.com>; Tue, 1 Dec 2009 12:02:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.263
X-Spam-Level:
X-Spam-Status: No, score=-6.263 tagged_above=-999 required=5 tests=[AWL=0.336, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IN-1LgAZO-fC for <behave@core3.amsl.com>; Tue, 1 Dec 2009 12:02:34 -0800 (PST)
Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by core3.amsl.com (Postfix) with ESMTP id A841B3A6A59 for <behave@ietf.org>; Tue, 1 Dec 2009 12:02:17 -0800 (PST)
Authentication-Results: sj-iport-4.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApsEAI8EFUurRN+K/2dsb2JhbACKNrYcmBiEMQSBag
X-IronPort-AV: E=Sophos;i="4.47,322,1257120000"; d="scan'208";a="56160711"
Received: from sj-core-4.cisco.com ([171.68.223.138]) by sj-iport-4.cisco.com with ESMTP; 01 Dec 2009 20:02:10 +0000
Received: from dwingwxp01 ([10.32.240.195]) by sj-core-4.cisco.com (8.13.8/8.14.3) with ESMTP id nB1K290S009198; Tue, 1 Dec 2009 20:02:10 GMT
From: "Dan Wing" <dwing@cisco.com>
To: "'Simon Perreault'" <simon.perreault@viagenie.ca>
References: <bcff0fba0911302332ub498269qabbdca8341b018d5@mail.gmail.com> <002f01ca7265$b6ededb0$d40c6f0a@china.huawei.com><097401ca72aa$0828aa50$c3f0200a@cisco.com><4B1559E6.4060003@viagenie.ca><0a0701ca72b5$afb51e10$c3f0200a@cisco.com> <4B156B5C.7060800@viagenie.ca>
Date: Tue, 1 Dec 2009 12:02:09 -0800
Message-ID: <0a9201ca72c1$2a725130$c3f0200a@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3350
In-Reply-To: <4B156B5C.7060800@viagenie.ca>
Thread-index: AcpyurY2mC0kTf2rSt2AtvarEBIEXQABfXrw
Cc: behave@ietf.org
Subject: Re: [BEHAVE] proprietary implementation v.s standardisedprotocols//re: draft-xu-behave-nat-state-sync-00
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2009 20:02:35 -0000

 

> -----Original Message-----
> From: behave-bounces@ietf.org 
> [mailto:behave-bounces@ietf.org] On Behalf Of Simon Perreault
> Sent: Tuesday, December 01, 2009 11:16 AM
> To: Dan Wing
> Cc: behave@ietf.org
> Subject: Re: [BEHAVE] proprietary implementation v.s 
> standardisedprotocols//re: draft-xu-behave-nat-state-sync-00
> 
> Dan Wing wrote, on 2009-12-01 13:39:
> > My point is that it shouldn't make things worse.  If the functioning
> > NAT64's prefix changes and the old prefix no longer works, 
> that makes
> > things worse -- it effectively causes IPv6 addresses to 
> change.  That
> > breaks not just applications that are sensitive to IP 
> address changes, 
> > but also existing TCP sessions.  SCTP handles IP address changes
> > better, but there is scant deployment of SCTP yet (due to many 
> > reasons).
> 
> I don't understand where you're going.
> 
> There are two kinds of breakage:
> 
> 1. One NAT64 box in a cluster* dies. No impact beyond the 
> fact that you now have
> a dead box that needs replacing.
> 
> 2. A whole cluster dies. This is not pain-free, and it's not 
> designed to be.
> Suddenly, you need to redirect all clients to the new 
> Pref64::/n. There are
> known issues with that, but this event will happen rarely 
> enough that it's worth
> the risk.
> 
> If you're really afraid of breakage #2, you have to use 
> bigger clusters. But
> that has disadvantages too. It ends up being an operational 
> issue. Tradeoffs, etc.
> 
> Another idea: have another cluster "take over" the prefix of 
> the dead one. Use
> routing to redirect clients to the new cluster. Tradeoffs, 
> etc., again.
> 
> My point is that #2 doesn't need standardization. The 
> solutions are diverse and
> everyone will be dealing with it differently. On the other 
> hand, #1 is a well
> understood problem, with a well understood solution, with 
> various proprietary
> incarnations in use right now (hint! hint!).
> 
> 
> * Cluster = A set of synchronized NAT64 boxes sharing a 
> single Pref64::/n.

Agreed.  I think we were just mis-communicating between
the two types of breakage.  I had thought you were describing
breakage (1) as needing (or wanting) a new Pref64.

-d


> Cheers,
> Simon
> -- 
> DNS64 open-source   --> http://ecdysis.viagenie.ca
> STUN/TURN server    --> http://numb.viagenie.ca
> vCard 4.0           --> http://www.vcarddav.org
> _______________________________________________
> Behave mailing list
> Behave@ietf.org
> https://www.ietf.org/mailman/listinfo/behave

v2.8.7 | Report a Bug | By Email