IETF Logo Mail Archive

Re: [BEHAVE] Fwd: I-D Action: draft-chen-behave-nat64-radius-extension-00.txt

"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Fri, 19 July 2013 13:00 UTC

Return-Path: <tireddy@cisco.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6111D11E8118 for <behave@ietfa.amsl.com>; Fri, 19 Jul 2013 06:00:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.299
X-Spam-Level:
X-Spam-Status: No, score=-10.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_82=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t+NeqAHu+iLA for <behave@ietfa.amsl.com>; Fri, 19 Jul 2013 06:00:03 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id D679011E8117 for <behave@ietf.org>; Fri, 19 Jul 2013 06:00:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7298; q=dns/txt; s=iport; t=1374238803; x=1375448403; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=OtaJ9tSvjIHhCL5g/qBKM3Cr9gY0cH6X3xYTa4C6uC4=; b=T4cXlLw4j5i0BWXRLjCnr47Q5id5l0xL2cuPsgbImCuVjYAvBgxrjvRO 1dXT5/9I7Ggo/P2e8kuPF9m8Yer4650oP/Yg+RUj0KCQbdseJBaNhIYPb ks7pOlmaEtO3b2hfZEwDwWjmbZs3zU8g/yrWG6GGhBMgXHCyTjZg4g4iZ o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgUFAEs36VGtJXHA/2dsb2JhbABQCoMGNVDARoEQFnSCJAEBAQMBAQEBNzQLDAQCAQgRAwEBAQsUCQchBgsUCQgCBA4FCAESh2MDCQYMrgoNiF6NI4EwBIEHMQIFBoMKbgOVdIMSin4DhSODEoFoQg
X-IronPort-AV: E=Sophos;i="4.89,701,1367971200"; d="scan'208";a="236932511"
Received: from rcdn-core2-5.cisco.com ([173.37.113.192]) by rcdn-iport-6.cisco.com with ESMTP; 19 Jul 2013 13:00:02 +0000
Received: from xhc-rcd-x04.cisco.com (xhc-rcd-x04.cisco.com [173.37.183.78]) by rcdn-core2-5.cisco.com (8.14.5/8.14.5) with ESMTP id r6JD01XF018017 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 19 Jul 2013 13:00:02 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.56]) by xhc-rcd-x04.cisco.com ([fe80::200:5efe:173.37.183.34%12]) with mapi id 14.02.0318.004; Fri, 19 Jul 2013 08:00:01 -0500
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: GangChen <phdgang@gmail.com>
Thread-Topic: [BEHAVE] Fwd: I-D Action: draft-chen-behave-nat64-radius-extension-00.txt
Thread-Index: AQHOgQTiad4NIKrfvUWc7EkQlMHxpZlqm8QggAGA64D//94ScA==
Date: Fri, 19 Jul 2013 13:00:00 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A14B9E551@xmb-rcd-x10.cisco.com>
References: <20130708151636.25487.48986.idtracker@ietfa.amsl.com> <CAM+vMEQVGn2ruryFn5yLNCrVpF8-PH+z_-hKO28Suj=QC3Gm=g@mail.gmail.com> <913383AAA69FF945B8F946018B75898A14B9815A@xmb-rcd-x10.cisco.com> <CAM+vMERBA+B7xThRNpjuDAG3ukJRL8eMV04rVhLqXWCYM6=ZuA@mail.gmail.com> <913383AAA69FF945B8F946018B75898A14B9CA90@xmb-rcd-x10.cisco.com> <CAM+vMERJwAUP0ZGXhUFCk7o0hcgD7wHb0bK=SSA2UZi+igQnDA@mail.gmail.com>
In-Reply-To: <CAM+vMERJwAUP0ZGXhUFCk7o0hcgD7wHb0bK=SSA2UZi+igQnDA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [173.39.64.159]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>, Behave WG <behave@ietf.org>
Subject: Re: [BEHAVE] Fwd: I-D Action: draft-chen-behave-nat64-radius-extension-00.txt
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jul 2013 13:00:08 -0000

Hi Gang,

Please see inline

> -----Original Message-----
> From: GangChen [mailto:phdgang@gmail.com]
> Sent: Friday, July 19, 2013 3:21 PM
> To: Tirumaleswar Reddy (tireddy)
> Cc: Behave WG; mohamed.boucadair@orange.com
> Subject: Re: [BEHAVE] Fwd: I-D Action: draft-chen-behave-nat64-radius-
> extension-00.txt
> 
> Hi Tiru,
> 
> Thanks for the comments.
> 
> 2013/7/19, Tirumaleswar Reddy (tireddy) <tireddy@cisco.com>:
> > Hi Gang,
> >
> > Please see inline
> >
> >> -----Original Message-----
> >> From: GangChen [mailto:phdgang@gmail.com]
> >> Sent: Monday, July 15, 2013 8:12 AM
> >> To: Tirumaleswar Reddy (tireddy)
> >> Cc: Behave WG; mohamed.boucadair@orange.com
> >> Subject: Re: [BEHAVE] Fwd: I-D Action: draft-chen-behave-nat64-radius-
> >> extension-00.txt
> >>
> >> Hi Tiru,
> >>
> >> You are right. Please check the sentence in the draft "It's also
> >>    possible to extend Port Control Protocol (PCP) to support those
> >>    network information queries from external servers. ....."
> >>
> >> The radius-based proposal intended to fit into the environment, where
> >> geo-location system is already deployed based on a radius
> >> database[RFC5580]. Some benefits have been described related to this
> >> context.
> >
> > Why is this problem specific to NAT64 ? (it looks like a problem with any
> > other flavor of NAT)
> 
> The problem is general to all the NAT-based deployments.
> But NAT64 has the uniqueness, because the internal source is a IPv6
> address, which has a global meaning.  The system doesn't have to
> correlate other information to identify user.

Thanks, that clarifies. If required updated the draft to make it more clear.

> 
> > From the draft it looks like for every mapping create, Radius server has to
> > be informed which is unconditional PUSH model and could create a lot of
> > network chatter.
> 
> No. If you take a look at Fig.1 Requested-Binding-Info message would
> convey the conditions. Only the matched mappings should report to the
> Radius server. It's a PULL model.

Now I get it. It would be good if you could provide a full example just like in [RFC5580].

> 
> > In PCP draft-boucadair-pcp-nat-reveal-01 it's a PULL model
> > where only for interesting flows PCP-controlled NAT device is requested to
> > provide the internal IP address.
> 
> I don't  want to make much comparisons because it may be "don't have
> to". Every case has their benefits and suitable cases. RFC6967 lists
> multiple solutions to reveal the source. That gives several
> possibilities for the deployment. As you can see, we are also using
> different approaches to discover NAT64 prefix. I don't see the harm.
> The document just intends to describe the unique needs.

Ok.

> 
> 
> >> 1) radius-based solution would be a in-band solution
> >
> > Can you please clarify why you call radius-based solution in-band ?
> 
> Some geo-location systems receive the information through radius
> messages(as described in RFC5580). The proposed radius message could
> be get along with same radius systems. Therefore, that is an in-band
> solution.

Got it. you may want to say the same point in the draft, which is a good advantage of not requiring any interworking function.

> 
> > The example of X-Forwarded-For header provided in the draft is in-band and
> > any other method like Radius, PCP are out-of-band.
> 
> Yes. it's a different definition.
> 
> >> 2) fewer impacts to NAT64 performance because the process is
> >> independent with NAT64 translation
> > Even draft-boucadair-pcp-nat-reveal-01 should not impact the NAT64
> > performance.
> 
> Yes. We don't intent to say your solution impacts NAT64 performance.
> This context is limited to radius vs application aware functions.

Ok.


> 
> > ===
> >
> > If you could provide more details of an example use case with topology of
> > the client, NAT64, Radius Server and third party entity which will query the
> > Radius server for the IPv6 address and how the learnt IPv6 address will be
> > used for some policy decision, it will help understanding of reviewers.
> 
> Good suggestions. I will add the additional descriptions

Cheers,

--Tiru.

> 
> Best Regards
> 
> Gang
> 
> 
> > Cheers,
> >
> > --Tiru.
> >
> >>
> >> BRs
> >>
> >> Gang
> >>
> >> 2013/7/12, Tirumaleswar Reddy (tireddy) <tireddy@cisco.com>:
> >> > Hi Gang,
> >> >
> >> > The problems mentioned in the draft can also be solved using PCP QUERY
> >> > opcode introduced in
> >> > http://tools.ietf.org/html/draft-boucadair-pcp-nat-reveal-01
> >> >
> >> > --Tiru.
> >> >
> >> >> -----Original Message-----
> >> >> From: GangChen [mailto:phdgang@gmail.com]
> >> >> Sent: Tuesday, July 09, 2013 11:54 AM
> >> >> To: Behave WG
> >> >> Subject: [BEHAVE] Fwd: I-D Action:
> >> >> draft-chen-behave-nat64-radius-extension-
> >> >> 00.txt
> >> >>
> >> >> wg,
> >> >>
> >> >> We just uploaded the draft-chen-behave-nat64-radius-extension-00
> >> >> The draft proposes new Radius attributes to convey IPv6 source
> >> >> addresses when a NAT64 is deployed.
> >> >>
> >> >> Your comments/reviews are appreciated.
> >> >>
> >> >> Best Regards
> >> >>
> >> >> Gang
> >> >>
> >> >> ---------- Forwarded message ----------
> >> >> From: internet-drafts@ietf.org
> >> >> Date: Mon, 08 Jul 2013 08:16:36 -0700
> >> >> Subject: I-D Action: draft-chen-behave-nat64-radius-extension-00.txt
> >> >> To: i-d-announce@ietf.org
> >> >>
> >> >>
> >> >> A New Internet-Draft is available from the on-line Internet-Drafts
> >> >> directories.
> >> >>
> >> >>
> >> >> 	Title           : Radius Attributes for Stateful NAT64
> >> >> 	Author(s)       : Gang Chen
> >> >>                           David Binet
> >> >> 	Filename        : draft-chen-behave-nat64-radius-extension-00.txt
> >> >> 	Pages           : 10
> >> >> 	Date            : 2013-07-08
> >> >>
> >> >> Abstract:
> >> >>    This document proposes new radius attributes for stateful NAT64.
> >> >> The
> >> >>    extensions are used to provide geo-location services with an exact
> >> >>    IPv6 soruce address.  The message flow to deliver the NAT64 binding
> >> >>    information between radius clients and servers is also described.
> >> >>    Therefore, accurate location could be traced out depending on the
> >> >>    radius method.
> >> >>
> >> >>
> >> >> The IETF datatracker status page for this draft is:
> >> >> https://datatracker.ietf.org/doc/draft-chen-behave-nat64-radius-
> extension
> >> >>
> >> >> There's also a htmlized version available at:
> >> >> http://tools.ietf.org/html/draft-chen-behave-nat64-radius-extension-00
> >> >>
> >> >>
> >> >> Internet-Drafts are also available by anonymous FTP at:
> >> >> ftp://ftp.ietf.org/internet-drafts/
> >> >>
> >> >> _______________________________________________
> >> >> I-D-Announce mailing list
> >> >> I-D-Announce@ietf.org
> >> >> https://www.ietf.org/mailman/listinfo/i-d-announce
> >> >> Internet-Draft directories: http://www.ietf.org/shadow.html
> >> >> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> >> >
> >> >
> >

v2.23.0 | Report a Bug | By Email