Re: [BEHAVE] Home NAPT44 - How many ports?

"Rajiv Asati (rajiva)" <rajiva@cisco.com> Wed, 05 June 2013 18:51 UTC

Return-Path: <rajiva@cisco.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA89521F9BCF; Wed, 5 Jun 2013 11:51:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.299
X-Spam-Level:
X-Spam-Status: No, score=-10.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_83=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lf18YyCgu1Ji; Wed, 5 Jun 2013 11:51:45 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) by ietfa.amsl.com (Postfix) with ESMTP id 7D1B821F9BC9; Wed, 5 Jun 2013 11:51:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3724; q=dns/txt; s=iport; t=1370458305; x=1371667905; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=tOuNyimLohr8bAWf69RssZO9QB8zWwDSRLTaDlxJPpc=; b=BMToZLHFACDLOTGjeb7ecCyb+HM/DdbicEgQdf86IlY4PZ6tSOafjIiB jR+N9IxPCEpaBJxobEueYqqpYUKyC8nnK0xbt/oPOkh6nEM/0ClSQSbjS D9zcP1ULh4sN5uf7uTKY4afj2PUMJAMaY09ufz3MTV3jeanQPX7oEf65E I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ah0FAMCHr1GtJV2b/2dsb2JhbABaFoJzML8xfxZ0giMBAQEEAQEBNzQLDAQCAQgRBAEBAQoUCQcnCxQJCAEBBAENBQgBiAQMvVCNaoEQMQcGgnRhA6NfhSCDD4FpPg
X-IronPort-AV: E=Sophos;i="4.87,809,1363132800"; d="scan'208";a="219039825"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-1.cisco.com with ESMTP; 05 Jun 2013 18:51:36 +0000
Received: from xhc-aln-x04.cisco.com (xhc-aln-x04.cisco.com [173.36.12.78]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r55Ipa5R022335 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 5 Jun 2013 18:51:36 GMT
Received: from xmb-rcd-x06.cisco.com ([169.254.6.154]) by xhc-aln-x04.cisco.com ([173.36.12.78]) with mapi id 14.02.0318.004; Wed, 5 Jun 2013 13:51:36 -0500
From: "Rajiv Asati (rajiva)" <rajiva@cisco.com>
To: "Reinaldo Penno (repenno)" <repenno@cisco.com>, "Poscic, Kristian (Kristian)" <kristian.poscic@alcatel-lucent.com>, "v6ops@ietf.org" <v6ops@ietf.org>, "Softwires-wg list (softwires@ietf.org)" <softwires@ietf.org>, "behave@ietf.org" <behave@ietf.org>
Thread-Topic: [BEHAVE] Home NAPT44 - How many ports?
Thread-Index: Ac5h7Gh9xwUId/SJTdSA920KKgIqlAAA9zuwAAkCoAAAAicnkA==
Date: Wed, 5 Jun 2013 18:51:35 +0000
Message-ID: <B14A62A57AB87D45BB6DD7D9D2B78F0B116D32B0@xmb-rcd-x06.cisco.com>
References: <7921F977B17D5B49B8DCC955A339D2F02AB3A800@US70UWXCHMBA05.zam.alcatel-lucent.com> <45A697A8FFD7CF48BCF2BE7E106F0604090A0972@xmb-rcd-x04.cisco.com>
In-Reply-To: <45A697A8FFD7CF48BCF2BE7E106F0604090A0972@xmb-rcd-x04.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.89.2.227]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "Erik Kline \(ek@google.com\)" <ek@google.com>
Subject: Re: [BEHAVE] Home NAPT44 - How many ports?
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jun 2013 18:51:50 -0000

Reinaldo,

I agree with you. Until I enabled DNS proxy on my router, I noticed that UDP NAT exceeded TCP NAT entries in few occasions. Since DNS proxy got enabled, UDP NAT entries became negligible.

One interesting observation is how the lowest number of TCP NAT entries stayed within the range throughout the night time (when the devices were not manually used) based on how many apps (on the smartphones) were left running. For ex, ~200 TCP ports on April 13-14, or ~30 TCP ports June 4.

Cheers,
Rajiv


> -----Original Message-----
> From: Reinaldo Penno (repenno)
> Sent: Wednesday, June 05, 2013 11:44 AM
> To: Poscic, Kristian (Kristian); Rajiv Asati (rajiva); v6ops@ietf.org; Softwires-
> wg list (softwires@ietf.org); behave@ietf.org
> Cc: Erik Kline (ek@google.com)
> Subject: Re: [BEHAVE] Home NAPT44 - How many ports?
> 
> Yes, there are regional differences. But even then, in general, 90% of the
> active users can be covered by 1000 ports. I have been collecting data for
> many years, and actually the number of TCP ports consumed have been
> going Down due to a number of factors.
> 
> On the other hand, as Rajiv captured,the number of UDP sessions can be
> much larger than the number of TCP. Because the way dynamic webpages
> are constructed today, there are sometimes literally 100s of DNS requests to
> download a single page.
> 
> 
> 
> On 6/5/13 10:32 AM, "Poscic, Kristian (Kristian)"
> <kristian.poscic@alcatel-lucent.com> wrote:
> 
> >Thanks. Can you tell us in general what applications did you use for this?
> >This heavily depends on the application type in use...p2p apps, etc.
> >Since some apps spawn a large number of TCP ports for example.
> >
> >So the question is to what degree do you think is your sample
> >representative of a general user in any region?
> >
> >For example does it cover 30% of users for an ISP in NA while it covers
> >80% of users for another ISP in APAC for example?
> >
> >-----Original Message-----
> >From: behave-bounces@ietf.org [mailto:behave-bounces@ietf.org] On
> >Behalf Of Rajiv Asati (rajiva)
> >Sent: Wednesday, June 05, 2013 6:14 AM
> >To: v6ops@ietf.org; Softwires-wg list (softwires@ietf.org);
> >behave@ietf.org
> >Cc: Erik Kline (ek@google.com)
> >Subject: [BEHAVE] Home NAPT44 - How many ports?
> >
> >Some of you may recall our discussion (during the last IETF) around
> >"how many TCP/UDP ports are enough with NAPT44" per home, as ISPs
> move
> >into
> >A+P paradigm. ~500, ~1000, ~3000???
> >
> >Well, I started monitoring my home router and plotting the NAPT44 port
> >utilization on a minute-by-minute basis. You may find it here -
> >http://www.employees.org/~rajiva
> >
> >In short, port range of 500 seems ok, though 1000 would be more than
> >enough for my home. Suffice to say, this is just a sample
> >representation, since the port utilization would vary home to home,
> >based on number of active devices, type of applications, the degree of
> >simultaneous device or application usage etc.
> >
> >If any of you are doing similar monitoring, then please share.
> >
> >Cheers,
> >Rajiv
> >
> >PS: Thanks to Erik Kline, who explained (with sufficient details) how
> >to use google charting for my data. And thanks to Xun Wang & Shaoshuai
> >Dai for helping me out significantly.
> >
> >PS: My home has 3-4 active devices.
> >_______________________________________________
> >Behave mailing list
> >Behave@ietf.org
> >https://www.ietf.org/mailman/listinfo/behave
> >_______________________________________________
> >Behave mailing list
> >Behave@ietf.org
> >https://www.ietf.org/mailman/listinfo/behave