Re: [BEHAVE] Home NAPT44 - How many ports?

"Reinaldo Penno (repenno)" <repenno@cisco.com> Wed, 05 June 2013 19:39 UTC

Return-Path: <repenno@cisco.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56A4C21F8CB5; Wed, 5 Jun 2013 12:39:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.699
X-Spam-Level:
X-Spam-Status: No, score=-9.699 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_33=0.6, J_CHICKENPOX_83=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jbPH-mz39LQo; Wed, 5 Jun 2013 12:39:52 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) by ietfa.amsl.com (Postfix) with ESMTP id 2E1FF21F84DF; Wed, 5 Jun 2013 12:27:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2825; q=dns/txt; s=iport; t=1370460459; x=1371670059; h=from:to:cc:subject:date:message-id:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=/veQ6r28SRLWB37Ehd5E90SCc7kT+NUcWnvDVnnVIYo=; b=Tm3fL+iCeJpTlIYbkIy84+3JrGig+kKhVD6Qb6/iOmgyw5QBLrWbLO5g Bt95LtKcgQ4M9ho2nfwumZNXKlBtjsoBSiiNgRzffmsbCXW0yxrLWn5am 5z7zb0jDN/3G+Vvt7eHXvUuLusucM0KSEPhQ5uNtrpeoEuBVS+8zzkqmz o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Am4NAPGPr1GtJV2c/2dsb2JhbABagXEIgRAwvz9/FnSCIwEBAQQ6PwwGAQgRBAEBAQoUQh0IAgQBDQUIFodvvVuOegYrBwaCdGEDqH+DD4In
X-IronPort-AV: E=Sophos;i="4.87,809,1363132800"; d="scan'208";a="216280288"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-9.cisco.com with ESMTP; 05 Jun 2013 19:27:38 +0000
Received: from xhc-rcd-x06.cisco.com (xhc-rcd-x06.cisco.com [173.37.183.80]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id r55JRcTf016095 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 5 Jun 2013 19:27:38 GMT
Received: from xmb-rcd-x04.cisco.com ([169.254.8.77]) by xhc-rcd-x06.cisco.com ([173.37.183.80]) with mapi id 14.02.0318.004; Wed, 5 Jun 2013 14:27:38 -0500
From: "Reinaldo Penno (repenno)" <repenno@cisco.com>
To: "Rajiv Asati (rajiva)" <rajiva@cisco.com>, Michael Richardson <mcr+ietf@sandelman.ca>, "v6ops@ietf.org" <v6ops@ietf.org>
Thread-Topic: [BEHAVE] Home NAPT44 - How many ports?
Thread-Index: Ac5h7Gh9xwUId/SJTdSA920KKgIqlAAA9zuwAAkCoAAAB6fzgP//zuwA///5RqCAADjsgA==
Date: Wed, 5 Jun 2013 19:27:38 +0000
Message-ID: <45A697A8FFD7CF48BCF2BE7E106F0604090A0BA6@xmb-rcd-x04.cisco.com>
In-Reply-To: <B14A62A57AB87D45BB6DD7D9D2B78F0B116D3323@xmb-rcd-x06.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.13.0.110805
x-originating-ip: [10.86.243.252]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <B5506F8F5CE4AF48B69AE42B1E7775B3@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "Softwires-wg list \(softwires@ietf.org\)" <softwires@ietf.org>, "Poscic, Kristian \(Kristian\)" <kristian.poscic@alcatel-lucent.com>, "behave@ietf.org" <behave@ietf.org>, "Erik Kline \(ek@google.com\)" <ek@google.com>
Subject: Re: [BEHAVE] Home NAPT44 - How many ports?
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jun 2013 19:39:57 -0000

There are some interesting measurements on this "background TCP
radiation", i.e., how much state (and bandwidth) a home consumes even when
there is no active use.

On 6/5/13 3:57 PM, "Rajiv Asati (rajiva)" <rajiva@cisco.com> wrote:

>> >If one is doing CGN, wouldn't it be reasonable to point customers' at a
>> >recursive DNS server with an interface inside the CGN?
>> 
>> Yes. That's what I suggest. But some people use, say, Google's
>> DNS/OpenDns/etc and in some other cases the network is not setup
>> correctly.
>
>And in some cases, it is not possible depending on where the NAT function
>is placed and where the DNS server is placed. I recently ran into this in
>a large mobile network design.
>
>Nonetheless, it is desired, but it is not really a big deal, since UDP
>NAT usage tends to be a lot less than that TCP NAT usage (barring few
>exceptions).
>
>> >This seems to also suggest that having a *caching* recursive DNS(SEC,
>> >HOMENET+, mDNS+) server inside the customer router is also a big win.
>> 
>> Yes, it is.
>
>Well, DNS resolver with or without proxy is a big win, I would say.
>
>
>Cheers,
>Rajiv
>
>
>> -----Original Message-----
>> From: Reinaldo Penno (repenno)
>> Sent: Wednesday, June 05, 2013 12:28 PM
>> To: Michael Richardson; v6ops@ietf.org
>> Cc: Poscic, Kristian (Kristian); Rajiv Asati (rajiva); Softwires-wg list
>> (softwires@ietf.org); behave@ietf.org; Erik Kline (ek@google.com)
>> Subject: Re: [BEHAVE] Home NAPT44 - How many ports?
>> 
>> 
>> 
>> On 6/5/13 1:23 PM, "Michael Richardson" <mcr+ietf@sandelman.ca> wrote:
>> 
>> >
>> >>>>>> "repenno" == repenno  <Reinaldo> writes:
>> >    repenno> On the other hand, as Rajiv captured,the number of
>> >    repenno> UDP sessions can be much larger than the number of
>> >    repenno> TCP. Because the way
>> >    repenno> dynamic webpages are constructed today, there are
>> sometimes
>> >    repenno> literally 100s
>> >    repenno> of DNS requests to download a single page.
>> >
>> >If one is doing CGN, wouldn't it be reasonable to point customers' at a
>> >recursive DNS server with an interface inside the CGN?
>> 
>> Yes. That's what I suggest. But some people use, say, Google's
>> DNS/OpenDns/etc and in some other cases the network is not setup
>> correctly.
>> 
>> >
>> >This seems to also suggest that having a *caching* recursive DNS(SEC,
>> >HOMENET+, mDNS+) server inside the customer router is also a big win.
>> 
>> Yes, it is.
>> 
>> >
>> >--
>> >]               Never tell me the odds!                 | ipv6 mesh
>> >networks [
>> >]   Michael Richardson, Sandelman Software Works        | network
>> >architect  [
>> >]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on
>>rails
>> >   [
>> >
>