Re: [BEHAVE] (no subject)
"Rajiv Asati (rajiva)" <rajiva@cisco.com> Tue, 18 June 2013 20:57 UTC
Return-Path: <rajiva@cisco.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F9BA21E8092 for <behave@ietfa.amsl.com>; Tue, 18 Jun 2013 13:57:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i+9LHNb0Bb+0 for <behave@ietfa.amsl.com>; Tue, 18 Jun 2013 13:57:24 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) by ietfa.amsl.com (Postfix) with ESMTP id 681D721F991E for <behave@ietf.org>; Tue, 18 Jun 2013 13:57:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4886; q=dns/txt; s=iport; t=1371589044; x=1372798644; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=MObUpKnwwankE0lWkGC1z5Hbq5UCkpCPtcLYHw75Vso=; b=Vk1ARS9NVmrcBDP8tqGjBV71LWeG+prQucyiBDT3VxLoD2Kqi70+p4Lh wCK0bzARcvmVKCIQSfXlpuk+mIRe6jhUjaMbt+0SO3X2q9mbielRmu7A3 eRtLJtNmUABcI0KtewoQXNV0wRN6gy0ciZfNFqu/r/df1+C06hQpQyasu 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhIFADXJwFGtJXG//2dsb2JhbABagwkxSYMBvA8NdxZ0giMBAQEEAQEBIBE6CwwEAgEIEQQBAQMCBh0DAgICJQsUAQgIAgQBDQUIiAYMqT2RPYEmjWQWGwcGgkczYQOYapAagw+CKA
X-IronPort-AV: E=Sophos;i="4.87,891,1363132800"; d="scan'208";a="221475454"
Received: from rcdn-core2-4.cisco.com ([173.37.113.191]) by rcdn-iport-9.cisco.com with ESMTP; 18 Jun 2013 20:57:21 +0000
Received: from xhc-rcd-x08.cisco.com (xhc-rcd-x08.cisco.com [173.37.183.82]) by rcdn-core2-4.cisco.com (8.14.5/8.14.5) with ESMTP id r5IKvLWY030214 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 18 Jun 2013 20:57:21 GMT
Received: from xmb-rcd-x06.cisco.com ([169.254.6.251]) by xhc-rcd-x08.cisco.com ([173.37.183.82]) with mapi id 14.02.0318.004; Tue, 18 Jun 2013 15:57:21 -0500
From: "Rajiv Asati (rajiva)" <rajiva@cisco.com>
To: "ivan@cacaoweb.org" <ivan@cacaoweb.org>, "Senthil Sivakumar (ssenthil)" <ssenthil@cisco.com>
Thread-Topic: [BEHAVE] (no subject)
Thread-Index: AQHObEcIVnKEk9pXtEWzyn0CP3I8p5k8LkQAgAATJgD//7KAYA==
Date: Tue, 18 Jun 2013 20:57:20 +0000
Message-ID: <B14A62A57AB87D45BB6DD7D9D2B78F0B11731852@xmb-rcd-x06.cisco.com>
References: <CB1B483277FEC94E9B58357040EE5D02325A6E93@xmb-rcd-x15.cisco.com> <2f7dce8264c8a9a72640629502a44295@cacaoweb.org>
In-Reply-To: <2f7dce8264c8a9a72640629502a44295@cacaoweb.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.82.238.113]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Cc: Behave <behave@ietf.org>
Subject: Re: [BEHAVE] (no subject)
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2013 20:57:29 -0000
It seems worthwhile to differentiate home router NAT implementations from enterprise/SP router NAT implementations. And the question to ask ourselves is whether we need a common set of requirements for both scenarios !! Cheers, Rajiv > -----Original Message----- > From: behave-bounces@ietf.org [mailto:behave-bounces@ietf.org] On > Behalf Of ivan c > Sent: Tuesday, June 18, 2013 4:33 PM > To: Senthil Sivakumar (ssenthil) > Cc: Behave > Subject: Re: [BEHAVE] (no subject) > > Hi Senthil, > > Thanks for your message. You might want to read > http://tools.ietf.org/html/draft-ietf-behave-requirements-update-00 > It features the list of updates to the existing RFC, adapted to new usage > contexts such as CGNs, mobile networks, etc. > > > On Tue, 18 Jun 2013 19:24:50 +0000, "Senthil Sivakumar (ssenthil)" > > >> > >>Are you talking about UDP port preservation? > > > > Both TCP & UDP. The latest implementation in some router families is not > > to have port preservation > > (for both TCP & UDP). > > > > The discussion here is not about UDP. UDP port preservation should > generally not be implemented by NATs, as it could generate conflicts when > 2 > internal hosts using the same local port, each with a session to the same > endpoint. This would break end-to-end connectivity in rare cases, as there > is no fallback mechanism (as opposed to TCP). > > To be clear, the requirements are as follows: > * NAT SHOULD NOT use UDP port preservation > * NAT SHOULD use TCP port preservation > > Here are some NATs that have been tested and implement TCP port > preservation: > in the UK: > BT (British Telecom) (house-made gateway) - number 1 provider > Virgin (house-made gateway) - number 2 provider > Sky (Sagemcom) - number 3 provider > > in France: > Orange (Livebox) (house-made gateway) - number 1 provider > Free (Freebox) (house-made gateway) - number 2 provider > SFR/Neuf (Neufbox) (house-made gateway) - number 3 provider > > This covers the overwhelming majority of subscribers. > > We have the same results in Spain in Italy. > > Misc: > Linksys E1200, latest generation. > Netgear, various models > > > It is difficult to find any NAT that does *not* implement TCP port > preservation in these countries. > If you think some gateway implementations have dropped TCP port > preservation, you need to substantially support your claim by a reference. > We are not aware of anything that would support it. > > > > > > Most of the NATs that I know don’t do port overloading any more. > > RFC 5382 also says, > > REQ-7: A NAT MUST NOT have a "Port assignment" behavior of "Port > > overloading" for TCP. > > > > This is the purpose of the new draft > http://tools.ietf.org/html/draft-ietf-behave-requirements-update-00 , to > make the use case for port overloading, as it is needed in CGNs. It wasn't > needed nearly as much in 2005 when RFC 5382 was first written. > > REQ-7: A NAT MUST NOT have a "Port assignment" behavior of "Port > overloading" for TCP > is too stringent, as proved in my earlier message and in the > draft-ietf-behave-requirements-update-00, and not needed. > > Port overloading is perfectly acceptable when the remote endpoints are > distinct, as it preserves the uniqueness of the 5-tuple. > > As a result, REQ-7 must be corrected. > > > > -- > _Ivan Chollet_ > _______________________________________________ > Behave mailing list > Behave@ietf.org > https://www.ietf.org/mailman/listinfo/behave
- Re: [BEHAVE] (no subject) Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] (no subject) Dan Wing
- [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supposed… ivan c
- Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supp… Simon Perreault
- Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supp… ivan c
- Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supp… Simon Perreault
- Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supp… Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] REQ 1 and REQ 7 of RFC5382 were supp… ivan c
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Rajiv Asati (rajiva)
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) Dan Wing
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] TCP port overloading, preservation a… ivan c
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] TCP port overloading, preservation a… Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] TCP port overloading, preservation a… ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] TCP port overloading, preservation a… Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) cb.list6
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) Reinaldo Penno (repenno)
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) Mark Andrews
- Re: [BEHAVE] (no subject) ivan c
- [BEHAVE] DNS vs port overloading Simon Perreault
- Re: [BEHAVE] (no subject) ietfdbh
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] DNS vs port overloading Mark Andrews
- Re: [BEHAVE] DNS vs port overloading Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Tom Taylor
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] DNS vs port overloading Mark Andrews
- Re: [BEHAVE] (no subject) ivan c
- Re: [BEHAVE] (no subject) Simon Perreault
- Re: [BEHAVE] DNS vs port overloading Simon Perreault
- [BEHAVE] UDP socket programming Simon Perreault
- Re: [BEHAVE] TCP port overloading, preservation a… ivan c
- Re: [BEHAVE] DNS vs port overloading ivan c