Re: [BEHAVE] Fwd: New Version Notification for draft-nishizuka-cgn-deployment-considerations-00.txt
"Senthil Sivakumar (ssenthil)" <ssenthil@cisco.com> Tue, 02 April 2013 22:03 UTC
Return-Path: <ssenthil@cisco.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2801721F8A40 for <behave@ietfa.amsl.com>; Tue, 2 Apr 2013 15:03:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level:
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DuCkVNanv047 for <behave@ietfa.amsl.com>; Tue, 2 Apr 2013 15:03:42 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 2D30121F85D7 for <behave@ietf.org>; Tue, 2 Apr 2013 15:03:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=26961; q=dns/txt; s=iport; t=1364940222; x=1366149822; h=from:to:cc:subject:date:message-id:in-reply-to: mime-version; bh=5AmrzbqoXxMvjZY5YtCXirQ6G7OJ6LjWczSYYcpdoMI=; b=Jn9CtNoxtLbWBzJwu5c8ZFZcVJ8HKA/bXmSnKSU5MSXMdK2AI5JPi3rp NokNwbuT+LAVGjdgmf44ZU5MzLOzJNpn1yLA7lLsIrHi+tuKdr2drUlrk XRSArIkJhBkUf03TzoNxcvfbukGojsnMGfpdS4AiU/fPQmBH82IAC/gcI s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ak0FACdVW1GtJV2a/2dsb2JhbABDgkNENrdLAYg3gQcWdIIfAQEBBGcHCQIMBgEIEQECAQILCwsDBDkUAwYIAgQBDQUIAYgLDLFgkA2OaCAGCwcGAwGCVWEDmAqPbIFVgTaCKA
X-IronPort-AV: E=Sophos; i="4.87,396,1363132800"; d="scan'208,217"; a="194240762"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-5.cisco.com with ESMTP; 02 Apr 2013 22:03:41 +0000
Received: from xhc-rcd-x02.cisco.com (xhc-rcd-x02.cisco.com [173.37.183.76]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id r32M3fix006195 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 2 Apr 2013 22:03:41 GMT
Received: from xmb-rcd-x15.cisco.com ([169.254.5.42]) by xhc-rcd-x02.cisco.com ([173.37.183.76]) with mapi id 14.02.0318.004; Tue, 2 Apr 2013 17:03:40 -0500
From: "Senthil Sivakumar (ssenthil)" <ssenthil@cisco.com>
To: kaname nishizuka <kaname@nttv6.jp>, "behave@ietf.org" <behave@ietf.org>
Thread-Topic: [BEHAVE] Fwd: New Version Notification for draft-nishizuka-cgn-deployment-considerations-00.txt
Thread-Index: AQHOL+3uZcY5y2kg70eS7ETyuhJHpA==
Date: Tue, 02 Apr 2013 22:03:40 +0000
Message-ID: <CB1B483277FEC94E9B58357040EE5D0232430EAE@xmb-rcd-x15.cisco.com>
In-Reply-To: <515A98BA.9030409@nttv6.jp>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.2.130206
x-originating-ip: [10.117.198.132]
Content-Type: multipart/alternative; boundary="_000_CB1B483277FEC94E9B58357040EE5D0232430EAExmbrcdx15ciscoc_"
MIME-Version: 1.0
Cc: Shin Miyakawa <miyakawa@nttv6.jp>
Subject: Re: [BEHAVE] Fwd: New Version Notification for draft-nishizuka-cgn-deployment-considerations-00.txt
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2013 22:03:44 -0000
Hi Kaname, It is a pretty interesting study. I have a few comments on the sections on your IP address requirements calculations.In the dynamic assignment, the ports of pool address are allocated " # of pool address (P) = # of Subscriber (S) * a * N / (65536 - R) Here, (R) is reserved TCP/UDP port list referred in [I-D.donley-behave-deterministic-cgn<http://tools.ietf.org/html/draft-nishizuka-cgn-deployment-considerations-00#ref-I-D.donley-behave-deterministic-cgn>]. CGN should eliminate the wellknown ports (0-1023 for TCP and UDP) to avoid the bad interpretation from destination servers. It is natural to translate source port of outgoing packet to ephemeral ports. The ports after 32768 is considered to be used without any problems because ephemeral ports are 32768-61000 for Linux and 49152-65535 in the IANA recommendations. As the result, 3,051 pool addresses are sufficient for 1,000,000 subscribers. The feasibility of configuration was confirmed in the verification." [Senthil] Most of the NATs use the entire port space from 1024-65536, did you find differently? If you had used the entire port space, you would only require 1526 addresses instead of 3051. I think not using the 1024-32768 is not practical and inefficient. On the other hand, in static assignment, the ports are allocated a priori for every users. The pool addresses and ports are reserved to every users, so most of them could be a dead stock because there are light users and heavy users in aspect of port consumption. The max number of port consumption in all subscribers is the key value for static assignment. The true peak number of the session by a heavy user could be over 10,000 sessions. However it is assumed that such a severe consumption of ports to be an abuse, so the number of statically assigned port (M) is controllable parameter by each providers. In the static assignment, the required number of the pool address is as follows: # of pool address (P) = # of Subscriber (S) * M / (65536 - R) Taking account into the investigation of number of sessions of applications, the desirable value of (M) is over 1,000. As the result, no less than 30,517 pool addresses are needed for 1,000,000 subscribers. The compression ratio is one tenth of the case of dynamic assignment." [Senthil] Going by the same standards of using the entire available port range, you should require 15259 addresses. But the point is the cost of static allocation to dynamic allocation is 10:1, which is huge and given the fact there is only so little address space that is available, it should be used efficiently. Just by looking at that calculation, it seems amply clear that dynamic is preferred over static, as you have noted. That leads us to the next topic on logging. " In addition, the indicator of the allocation and deallocation are needed because it assures that the identified subscriber certainly had been using the translated IP address and port. Plus, including the index of the CGN host, the average size of NAT log is about 120 byte in ASCII format. Every active subscriber generate 400 sessions in average for a certain amount of time. It is assumed that the event happens every 5 minute in the most severe condition. The size of the log (L) for time frame (T) can be estimated as follows: The size of log (L) = # of Subscriber (S) * a * N * 120byte * 2 * ( Time frame(T) / 5 min. ) It should be noted that the log is generated at the timing of NAT table creation and freeing. As the result, for 1,000,000 users, the size of log is piled up to 6.4 terabytes per day. The verification result confirm the existing estimation referred in [I-D.donley-behave-deterministic-cgn<http://tools.ietf.org/html/draft-nishizuka-cgn-deployment-considerations-00#ref-I-D.donley-behave-deterministic-cgn>]." [Senthil] I think it should be mentioned that with binary format for the above logging information, you need 26 bytes. Transport Protocol - 1 byte Source IP address:port – 6 bytes Source IP address:port after translation – 6 bytes Timestamp – 8 bytes Add/Delete – 1 byte Subscriber ID/VRF ID – 4 bytes I would help a lot to add the binary logging calculation in addition to the ascii format to help people choose the right method for them. Going by the same formula you need 1.36 TB/day with binary logging. Assuming that the compression ratio is the same For both ascii and binary data, you have 1/4-1/5th of advantage with binary logging. You spread the cost of 1.36TB across a 1,000,000 subscribers assuming cost of 1TB is US$80, we come to 0.00008 cents/subscriber/day or 0.024 cents/subscriber/month. Even with ASCII logging requirements this doesn’t sound like a mammoth cost. Sure, there are other operating expenses involved but comparing that with the efficiency of a dynamic port allocation mechanism and requiring 10 times less public addresses seems to be a compelling winning argument than changing every CGN implementation to save for logging costs. Thanks Senthil From: kaname nishizuka <kaname@nttv6.jp<mailto:kaname@nttv6.jp>> Date: Tuesday, April 2, 2013 4:37 AM To: "behave@ietf.org<mailto:behave@ietf.org>" <behave@ietf.org<mailto:behave@ietf.org>> Cc: Shin Miyakawa <miyakawa@nttv6.jp<mailto:miyakawa@nttv6.jp>> Subject: [BEHAVE] Fwd: New Version Notification for draft-nishizuka-cgn-deployment-considerations-00.txt Dear all, I'm kaname from NTT communications in Japan. We are testing CGN under the support of Japanese Government. Now, we've uploaded a new draft based on the result of our verification. The useful information about the average consumption of the ports are available on the document. Please look through it, and all kind of feedback are welcome. By conducting realistic experiment, this draft is answering to "draft-ietf-behave-lsn-requirements-10" which will be the newest RFC very soon. The document is *NOT* intended to be Standards Track. It's for Informational. The wrong description is just mere mistake, so we'll soon correct it in the next revision. The full report of our work will be available soon on the Web in English. I'll also announce it when it's available to this mailing-list. Best regards, kaname -------- Original Message -------- Subject: New Version Notification for draft-nishizuka-cgn-deployment-considerations-00.txt Date: Thu, 28 Mar 2013 07:12:25 -0700 From: internet-drafts@ietf.org<mailto:internet-drafts@ietf.org> To: kaname@nttv6.jp<mailto:kaname@nttv6.jp> A new version of I-D, draft-nishizuka-cgn-deployment-considerations-00.txt has been successfully submitted by Kaname Nishizuka and posted to the IETF repository. Filename: draft-nishizuka-cgn-deployment-considerations Revision: 00 Title: Carrier-Grade-NAT (CGN) Deployment Considerations. Creation date: 2013-03-29 Group: Individual Submission Number of pages: 16 URL: http://www.ietf.org/internet-drafts/draft-nishizuka-cgn-deployment-considerations-00.txt Status: http://datatracker.ietf.org/doc/draft-nishizuka-cgn-deployment-considerations Htmlized: http://tools.ietf.org/html/draft-nishizuka-cgn-deployment-considerations-00 Abstract: This document provides deployment considerations for Carrier-Grade- NAT (CGN) based on the verification result include the investigation of the number of sessions of applications. The verification was conducted in StarBED which is one of the largest scale network experiment environment in Japan. A million of subscribers was emulated and it revealed the realistic behavior of CGN. The IETF Secretariat -- ---- Kaname Nishizuka Innovative Architecture Center NTT Communications Corporation +81-50-3812-4704
- [BEHAVE] Fwd: New Version Notification for draft-… kaname nishizuka
- Re: [BEHAVE] New Version Notification for draft-n… Dan Wing
- Re: [BEHAVE] New Version Notification for draft-n… Rajiv Asati (rajiva)
- Re: [BEHAVE] Fwd: New Version Notification for dr… Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] New Version Notification for draft-n… Simon Perreault
- Re: [BEHAVE] Fwd: New Version Notification for dr… Simon Perreault
- Re: [BEHAVE] Fwd: New Version Notification for dr… Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] Fwd: New Version Notification for dr… Simon Perreault
- Re: [BEHAVE] Fwd: New Version Notification for dr… Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] Fwd: New Version Notification for dr… Howard, Lee
- Re: [BEHAVE] New Version Notification for draft-n… kaname nishizuka
- Re: [BEHAVE] New Version Notification for draft-n… Dan Wing
- Re: [BEHAVE] Fwd: New Version Notification for dr… kaname nishizuka
- Re: [BEHAVE] Fwd: New Version Notification for dr… Simon Perreault
- Re: [BEHAVE] New Version Notification for draft-n… Dan Wing
- Re: [BEHAVE] Fwd: New Version Notification for dr… Rajiv Asati (rajiva)
- Re: [BEHAVE] Fwd: New Version Notification for dr… Simon Perreault
- Re: [BEHAVE] Fwd: New Version Notification for dr… kaname nishizuka
- Re: [BEHAVE] Fwd: New Version Notification for dr… Rajiv Asati (rajiva)